Lucene search
K

101 matches found

Tenable Nessus
Tenable Nessus
added 2025/05/12 12:0 a.m.7 views

EulerOS 2.0 SP10 : elfutils (EulerOS-SA-2025-1505)

According to the versions of the elfutils package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : A vulnerability, which was classified as problematic, has been found in GNU elfutils 0.192. This issue affects the function gelfgetsymshndx of th...

7.5CVSS4.2AI score0.00614EPSS
Exploits2References3
CVE
CVE
added 2025/05/07 5:49 p.m.60 views

CVE-2025-20195

CVE-2025-20195 concerns Cisco IOS XE Software and describes a CSRF vulnerability in the web-based management interface. The issue arises from insufficient CSRF protections, enabling an unauthenticated, remote attacker to persuade an authenticated user to follow a crafted link, potentially executi...

4.3CVSS4.9AI score0.00195EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2025/05/01 11:31 p.m.76 views

CVE-2025-4184

Multiple connected sources confirm CVE-2025-4184 affects PCMan FTP Server 2.0.7, arising from the QUOTE Command Handler. The issue is a buffer overflow, with remote attack potential and publicly disclosed exploit details. Public fix status is not documented in the provided references; at least on...

9.8CVSS7.5AI score0.0062EPSS
Exploits1References4Affected Software1
RedhatCVE
RedhatCVE
added 2025/04/09 8:25 a.m.8 views

CVE-2025-3340

A vulnerability, which was classified as critical, has been found in codeprojects Online Restaurant Management System 1.0. Affected by this issue is some unknown functionality of the file /admin/comboupdate.php. The manipulation of the argument ID leads to sql injection. The attack may be launche...

9.8CVSS7.4AI score0.00472EPSS
Exploits1References1
Vulnrichment
Vulnrichment
added 2025/04/08 4:0 a.m.4 views

CVE-2025-3408 Nothings stb stb_dupreplace integer overflow

A vulnerability was found in Nothings stb up to f056911. It has been rated as critical. Affected by this issue is the function stbdupreplace. The manipulation leads to integer overflow. The attack may be launched remotely. Continious delivery with rolling releases is used by this product...

7.5CVSS6.9AI score0.00435EPSS
Exploits0References3
Packet Storm
Packet Storm
added 2025/04/08 12:0 a.m.349 views

📄 Sony XAV-AX5500 1.13 Code Execution

Sony XAV-AX5500 version 1.13 suffers from a firmware update validation vulnerability that allows for code execution. Exploit Title: Sony XAV-AX5500 Firmware Update Validation Remote Code Execution Date: 11-Feb-2025 Exploit Author: lkushinada Vendor Homepage:...

6.8CVSS7.4AI score0.01761EPSS
Exploits2
NVD
NVD
added 2025/03/31 8:15 a.m.13 views

CVE-2025-2982

A vulnerability, which was classified as critical, was found in Legrand SMS PowerView 1.x. Affected is an unknown function. The manipulation of the argument redirect leads to file inclusion. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used...

6.5CVSS0.00247EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/03/04 12:0 a.m.12 views

Linux Distros Unpatched Vulnerability : CVE-2018-16646

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In Poppler 0.68.0, the Parser::getObj function in Parser.cc may cause infinite recursion via a crafted file. A remote attacker can leverage this for a DoS attac...

6.5CVSS6.1AI score0.02882EPSS
Exploits1References2
RedhatCVE
RedhatCVE
added 2025/02/05 5:15 a.m.7 views

CVE-2024-1034

A vulnerability, which was classified as critical, was found in openBI up to 1.0.8. This affects the function uploadFile of the file /application/index/controller/File.php. The manipulation leads to unrestricted upload. It is possible to initiate the attack remotely. The exploit has been disclose...

9.8CVSS9.6AI score0.00764EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/02/05 4:41 a.m.7 views

CVE-2024-9811

A vulnerability classified as critical has been found in code-projects Restaurant Reservation System 1.0. This affects an unknown part of the file filter3.php. The manipulation of the argument company leads to sql injection. It is possible to initiate the attack remotely. The exploit has been...

9.8CVSS7.4AI score0.00663EPSS
Exploits1References1
Positive Technologies
Positive Technologies
added 2025/02/05 12:0 a.m.5 views

PT-2025-5717 · Cisco · Cisco Ios Xe +2

Name of the Vulnerable Software and Affected Versions: Cisco IOS Software affected versions not specified Cisco IOS XE Software affected versions not specified Cisco IOS XR Software affected versions not specified Description: A vulnerability in the SNMP subsystem could allow an authenticated,...

7.7CVSS6.2AI score0.00736EPSS
Exploits0References13
The Hacker News
The Hacker News
added 2024/12/19 8:40 a.m.6 views

UAC-0125 Abuses Cloudflare Workers to Distribute Malware Disguised as Army+ App

The Computer Emergency Response Team of Ukraine CERT-UA has disclosed that a threat actor it tracks as UAC-0125 is leveraging Cloudflare Workers service to trick military personnel in the country into downloading malware disguised as Army+, a mobile app that was introduced by the Ministry of...

7.5AI score
Exploits0
Redos
Redos
added 2024/09/02 12:0 a.m.11 views

ROS-20240902-07

A vulnerability in the cpio binary archiver is related to regression when using the command line parameter --no-absolute-filenames. Exploitation of the vulnerability could allow an attacker acting remotely, cause a denial of service...

4.9CVSS6.8AI score0.00906EPSS
Exploits0
Cvelist
Cvelist
added 2024/07/17 4:0 a.m.33 views

CVE-2024-6808 itsourcecode Simple Task List signUp.php insertUserRecord sql injection

A vulnerability was found in itsourcecode Simple Task List 1.0. It has been classified as critical. This affects the function insertUserRecord of the file signUp.php. The manipulation of the argument username leads to sql injection. It is possible to initiate the attack remotely. The exploit has...

7.5CVSS0.0071EPSS
Exploits1References4
Amazon
Amazon
added 2023/03/22 12:0 a.m.8 views

Important: rsyslog

Issue Overview: A flaw was found in the way rsyslog handled invalid log message priority values. In certain configurations, a local attacker, or a remote attacker able to connect to the rsyslog port, could use this flaw to crash the rsyslog daemon or, potentially in rsyslog 7.x, execute arbitrary...

8.1CVSS8.1AI score0.07546EPSS
Exploits1
Vulnrichment
Vulnrichment
added 2023/03/14 5:3 a.m.8 views

CVE-2023-27894 Sensitive Information Disclosure in the SAP BusinessObjects Business Intelligence platform

SAP BusinessObjects Business Intelligence Platform Web Services - versions 420, 430, allows an attacker to inject arbitrary values as CMS parameters to perform lookups on the internal network which is otherwise not accessible externally. On successful exploitation, attacker can scan internal...

5CVSS5.4AI score0.00617EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2022/11/22 12:0 a.m.10 views

CVE-2022-4116

A vulnerability was found in quarkus. This security flaw happens in Dev UI Config Editor which is vulnerable to drive-by localhost attacks leading to remote code execution...

9.7AI score0.32516EPSS
Exploits0References1
OSV
OSV
added 2021/02/22 10:15 p.m.10 views

CVE-2021-21154

Heap buffer overflow in Tab Strip in Google Chrome prior to 88.0.4324.182 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page...

9.6CVSS9.2AI score
Exploits0References5
OSV
OSV
added 2020/12/31 10:15 a.m.18 views

CVE-2020-35896

An issue was discovered in the ws crate through 2020-09-25 for Rust. The outgoing buffer is not properly limited, leading to a remote memory-consumption attack...

7.5CVSS7.3AI score
Exploits0References1
Malwarebytes
Malwarebytes
added 2020/11/30 10:44 a.m.31 views

A week in security (November 23 – November 29)

Last week on Malwarebytes Labs, we talked with Chris Boyd about charities that track you online. We also looked back at Zoom, and wondered whether its any safer months after its first vulnerability was reported. We talked about how Apples security is hampering the detection of potentially unwante...

0.4AI score
Exploits0
Rows per page
Query Builder