Lucene search
+L

87 matches found

redhatcve
redhatcve
added 2025/05/23 1:22 a.m.7 views

CVE-2022-21279

Vulnerability in the MySQL Cluster product of Oracle MySQL component: Cluster: General. Supported versions that are affected are 7.4.34 and prior, 7.5.24 and prior, 7.6.20 and prior and 8.0.27 and prior. Difficult to exploit vulnerability allows high privileged attacker with access to the physica...

6.3CVSS5.8AI score0.78951EPSS
Exploits0References1
redhatcve
redhatcve
added 2025/05/21 9:5 p.m.12 views

CVE-2009-5074

Unspecified vulnerability in the MojoX::Dispatcher::Static implementation in Mojolicious before 0.991250 has unknown impact and attack vectors...

10CVSS6.9AI score0.01342EPSS
Exploits0References1
openvas
openvas
added 2025/03/14 12:0 a.m.13 views

Apple MacOSX Security Update (HT122283)

Apple Mac OS X is prone to an out-of-bounds write vulnerability. SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

10CVSS8.7AI score0.0424EPSS
Exploits4References3
nessus
nessus
added 2025/03/04 12:0 a.m.6 views

Linux Distros Unpatched Vulnerability : CVE-2016-5689

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The DCM reader in ImageMagick before 6.9.4-5 and 7.x before 7.0.1-7 allows remote attackers to have unspecified impact by leveraging lack of NULL pointer checks...

9.8CVSS8.2AI score0.05445EPSS
Exploits1References2
nessus
nessus
added 2025/03/04 12:0 a.m.9 views

Linux Distros Unpatched Vulnerability : CVE-2014-9846

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Buffer overflow in the ReadRLEImage function in coders/rle.c in ImageMagick 6.8.9.9 allows remote attackers to have unspecified impact. CVE-2014-9846 Note that...

9.8CVSS8.3AI score0.04852EPSS
Exploits0References2
redhatcve
redhatcve
added 2025/02/05 10:55 a.m.7 views

CVE-2024-21083

Vulnerability in the Oracle BI Publisher product of Oracle Analytics component: Script Engine. Supported versions that are affected are 7.0.0.0.0 and 12.2.1.4.0. Easily exploitable vulnerability allows high privileged attacker with network access via HTTP to compromise Oracle BI Publisher...

7.2CVSS6.5AI score0.00684EPSS
Exploits0References1
redhatcve
redhatcve
added 2025/02/05 10:49 a.m.8 views

CVE-2024-21115

Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization component: Core. Supported versions that are affected are Prior to 7.0.16. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise...

8.8CVSS6.9AI score0.00454EPSS
Exploits0References1
openvas
openvas
added 2025/02/05 12:0 a.m.8 views

WordPress SVG Support Plugin < 2.5.8 XSS Vulnerability

The WordPress plugin SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:benbodhi:svgsupport"; ifdescription...

5.4CVSS7AI score0.00339EPSS
Exploits0References1
openvas
openvas
added 2025/01/27 12:0 a.m.16 views

Microsoft Edge (Chromium-Based) Spoofing Vulnerability (Jan 2025)

Microsoft Edge Chromium-Based is prone to a spoofing vulnerability. SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

5.4CVSS6.9AI score0.00377EPSS
Exploits0References2
cnvd
cnvd
added 2025/01/24 12:0 a.m.10 views

Unspecified Vulnerability in Oracle MySQL Server (CNVD-2025-02434)

Oracle MySQL is an open source relational database management system from Oracle Corporation, of which MySQL Server is a database server component. A security vulnerability exists in Oracle MySQL's MySQL Server. An attacker can exploit this vulnerability to cause MySQL Server to hang or crash...

6.5CVSS6AI score0.00975EPSS
Exploits0References1
openvas
openvas
added 2025/01/15 12:0 a.m.39 views

Microsoft .NET Framework RCE Vulnerability (KB5049624)

This host is missing an important security update according to Microsoft KB5049624 SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescriptio...

8.8CVSS7.2AI score0.02262EPSS
Exploits0References1
github
github
added 2025/01/03 5:6 p.m.16 views

PhpSpreadsheet allows unauthorized Reflected XSS in the Accounting.php file

Unauthorized Reflected XSS in the Accounting.php file Product: Phpspreadsheet Version: version 3.6.0 CWE-ID: CWE-79: Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' CVSS vector v.3.1: 8.2 AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:H/A:N CVSS vector v.4.0: 8.3...

8.3CVSS5.5AI score0.00325EPSS
Exploits1References4Affected Software2
github
github
added 2024/08/14 12:35 p.m.5 views

Magento DOM-based Cross-Site Scripting (XSS) vulnerability

Magento versions 2.4.7-p1, 2.4.6-p6, 2.4.5-p8, 2.4.4-p9 and earlier are affected by a DOM-based Cross-Site Scripting XSS vulnerability. This vulnerability could allow an admin attacker to inject and execute arbitrary JavaScript code within the context of the user's browser session. Exploitation o...

8.1CVSS6.1AI score0.00639EPSS
Exploits0References3Affected Software2
osv
osv
added 2024/02/20 11:42 p.m.61 views

GHSA-9W99-78RJ-HMXQ Cross-site scripting (XSS) in the dynamic file uploads

Impact The dynamic file upload feature is subject to potential XSS attach in case the attacker manages to modify the file names of the records being uploaded to the server. This appears in sections where the user controls the file upload dialogs themselves and has the technical knowledge to chang...

6.3CVSS5.7AI score0.00493EPSS
Exploits0References8
packetstorm
packetstorm
added 2023/07/17 12:0 a.m.252 views

Lawyer CMS 1.6 Cross Site Scripting

Exploit Title: Lawyer CMS 1.6 - Reflected XSS Exploit Author: CraCkEr Date: 16/07/2023 Vendor: phpscriptpoint Vendor Homepage: https://phpscriptpoint.com/ Software Link: https://demo.phpscriptpoint.com/lawyer/ Tested on: Windows 10 Pro Impact: Manipulate the content of the site Description The...

7.1AI score
Exploits0
cnvd
cnvd
added 2023/07/07 12:0 a.m.7 views

Huawei HarmonyOS and EMUI Security Bypass Vulnerability (CNVD-2023-61750)

Huawei HarmonyOS is an operating system from Huawei, a Chinese company. It provides a full-scenario distributed operating system based on a microkernel.Huawei EMUI is a user interface developed by Huawei based on the Android operating system. A security bypass vulnerability exists in Huawei...

9.1CVSS6.8AI score0.00447EPSS
Exploits0References1
packetstorm
packetstorm
added 2023/06/30 12:0 a.m.321 views

NodCMS 3.4.1 Cross Site Scripting

┌┌───────────────────────────────────────────────────────────────────────────────────────┐ ││ C r a C k E r ┌┘ ┌┘ T H E C R A C K O F E T E R N A L M I G H T ││ └───────────────────────────────────────────────────────────────────────────────────────┘┘ ┌──── From The Ashes and Dust Rises An...

7.1AI score
Exploits0
cnnvd
cnnvd
added 2023/05/16 12:0 a.m.6 views

Jenkins Plugin Email Extension 跨站请求伪造漏洞

Jenkins is a Jenkins open source application . An open source automation server Jenkins provides hundreds of plugins to support building, deploying and automating any project. A security vulnerability exists in Jenkins Plugin Email Extension. An attacker could exploit the vulnerability to allow...

4.3CVSS5.1AI score0.00368EPSS
Exploits0References6
ptsecurity
ptsecurity
added 2023/01/31 12:0 a.m.3 views

PT-2023-34764 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v6.1.8 Description: The issue is related to the btrfs function run one delayed ref, which always reports an error. The actual impact and attack plausibility have not yet been proven. Recommendations: For Linux...

7.2AI score
Exploits0References1
ptsecurity
ptsecurity
added 2023/01/31 12:0 a.m.5 views

PT-2023-34806 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v6.1.7 Description: The issue is related to the io uring/poll component. It was introduced in version v6.0 and fixed in version v6.1.7. The actual impact and attack plausibility have not yet been proven...

7.2AI score
Exploits0References1
Rows per page
Query Builder