Lucene search
K

9293 matches found

RedhatCVE
RedhatCVE
added 2025/05/23 4:4 a.m.5 views

CVE-2023-37607

Directory Traversal in Automatic Systems SOC FL9600 FirstLane V06 legoT04E00 allows a remote attacker to obtain sensitive information via csvServer.php?file= with a .. in the dir parameter...

7.5CVSS6.4AI score0.0147EPSS
Exploits4
RedhatCVE
RedhatCVE
added 2025/05/23 3:33 a.m.7 views

CVE-2023-41312

Permission control vulnerability in the audio module. Successful exploitation of this vulnerability may cause several apps to be activated automatically...

5.3CVSS6.8AI score0.00367EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 3:6 a.m.5 views

CVE-2023-20921

In onPackageRemoved of AccessibilityManagerService.java, there is a possibility to automatically grant accessibility services due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for...

7.3CVSS6.8AI score0.00272EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 3:0 a.m.5 views

CVE-2023-1666

A vulnerability has been found in SourceCodester Automatic Question Paper Generator System 1.0 and classified as critical. This vulnerability affects unknown code of the file users/classes/viewclass.php of the component GET Parameter Handler. The manipulation of the argument id leads to sql...

9.8CVSS8.2AI score0.00743EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/23 3:0 a.m.4 views

CVE-2023-1593

A vulnerability, which was classified as problematic, has been found in SourceCodester Automatic Question Paper Generator System 1.0. This issue affects some unknown processing of the file classes/Master.php?f=saveclass. The manipulation of the argument description leads to cross site scripting...

6.1CVSS6.1AI score0.00388EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 2:42 a.m.5 views

CVE-2023-41866

Missing Authorization vulnerability in Team Plugins360 Automatic YouTube Gallery allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Automatic YouTube Gallery: from n/a through 2.3.3...

4.3CVSS8.5AI score0.00537EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 2:13 a.m.11 views

CVE-2023-1474

A vulnerability classified as critical was found in SourceCodester Automatic Question Paper Generator System 1.0. This vulnerability affects unknown code of the file users/questionpapers/managequestionpaper.php of the component GET Parameter Handler. The manipulation of the argument id leads to s...

9.8CVSS7.6AI score0.00841EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/23 1:51 a.m.9 views

CVE-2023-2781

The User Email Verification for WooCommerce plugin for WordPress is vulnerable to authentication bypass via authenticateuserbyemail in versions up to, and including, 3.5.0. This is due to a random token generation weakness in the resendverificationemail function. This allows unauthenticated...

9.8CVSS7.2AI score0.01172EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 1:50 a.m.8 views

CVE-2023-48430

A vulnerability has been identified in SINEC INS All versions V1.0 SP2 Update 2. The REST API of affected devices does not check the length of parameters in certain conditions. This allows a malicious admin to crash the server by sending a crafted request to the API. The server will automatically...

2.7CVSS6.7AI score0.00585EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 12:28 a.m.9 views

CVE-2022-48072

Phicomm K2G v22.6.3.20 was discovered to contain a command injection vulnerability via the autoUpTime parameter in the automatic upgrade function...

7.8CVSS8AI score0.00899EPSS
Exploits1
RedhatCVE
RedhatCVE
added 2025/05/23 12:26 a.m.7 views

CVE-2022-48070

Phicomm K2 v22.6.534.263 was discovered to contain a command injection vulnerability via the autoUpTime parameter in the automatic upgrade function...

7.8CVSS8AI score0.00899EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/22 11:29 p.m.4 views

CVE-2022-1076

A vulnerability was found in Automatic Question Paper Generator System 1.0. It has been classified as problematic. This affects the file /aqpg/users/login.php of the component My Account Page. The manipulation of the argument First Name/Middle Name/Last Name leads to cross site scripting. It is...

6.1CVSS6.2AI score0.0054EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 10:20 p.m.8 views

CVE-2022-20489

In many functions of AutomaticZenRule.java, there is a possible failure to persist permissions settings due to resource exhaustion. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product:...

7.8CVSS7AI score0.00275EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 10:0 p.m.6 views

CVE-2022-26631

Automatic Question Paper Generator v1.0 contains a Time-Based Blind SQL injection vulnerability via the id GET parameter...

9.8CVSS8.1AI score0.01118EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 9:55 p.m.2 views

CVE-2022-34881

Generation of Error Message Containing Sensitive Information vulnerability in Hitachi JP1/Automatic Operation allows local users to gain sensitive information. This issue affects JP1/Automatic Operation: from 10-00 through 10-54-03, from 11-00 before 11-51-09, from 12-00 before 12-60-01...

3.3CVSS6.8AI score0.00166EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 9:18 p.m.8 views

CVE-2021-32646

Roomer is a discord bot cog extension which provides automatic voice channel generation as well as private voice and text channels. A vulnerability has been discovered allowing discord users to get the manage channel permissions in a private VC they have joined. This allowed them to make changes ...

7.5CVSS6.8AI score0.007EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 8:30 p.m.5 views

CVE-2021-0307

In updatePermissionSourcePackage of PermissionManagerService.java, there is a possible automatic runtime permission grant due to a confused deputy. This could lead to local escalation of privilege allowing a malicious app to silently gain access to a dangerous permission with no additional...

7.8CVSS6.8AI score0.00167EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 5:9 p.m.10 views

CVE-2020-8207

Improper access control in Citrix Workspace app for Windows 1912 CU1 and 2006.1 causes privilege escalation and code execution when the automatic updater service is running...

8.8CVSS7.7AI score0.02062EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/05/22 5:4 p.m.10 views

CVE-2025-48061 wire-webapp Has Insufficient Session Invalidation after User Logout

wire-webapp is the web application for the open-source messaging service Wire. A change caused a regression resulting in sessions not being properly invalidated. A user that logged out of the Wire webapp, could have been automatically logged in again after re-opening the application. This does no...

5.6CVSS0.00123EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 4:6 p.m.8 views

CVE-2020-10582

A SQL injection on the /admin/displayerrors.php script of Invigo Automatic Device Management ADM through 5.0 allows remote attackers to execute arbitrary SQL requests including data reading and modification on the database...

9.8CVSS8.6AI score0.01555EPSS
Exploits1References1
Rows per page
Query Builder