Lucene search
K

37007 matches found

BDU FSTEC
BDU FSTEC
added 2025/04/25 12:0 a.m.5 views

The vulnerability of the LockSmtpSettings method in the software for managing and monitoring remote devices in telemetry and telemechanics systems allows a perpetrator to compromise the confidentiality, integrity, and accessibility of protected information.

The vulnerability of the LockSmtpSettings method in the software for managing and monitoring remote devices in telemetry and telemechanics systems is related to the lack of protective measures for the SQL query structure. Exploiting this vulnerability allows a malicious actor to compromise the...

9CVSS5.7AI score0.00525EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2025/04/25 12:0 a.m.6 views

The vulnerability of the UpdateGeneralSettings method in the software for managing and monitoring removed objects in telemetry and telemechanics systems, allowing a perpetrator to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the UpdateGeneralSettings method in the software for managing and monitoring removed objects in telemetering and telemechanics systems is related to the lack of protective measures for the SQL query structure. Exploiting this vulnerability allows a malicious actor to compromi...

9CVSS5.6AI score0.00604EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2025/04/25 12:0 a.m.6 views

The vulnerability of the GetGateways method in the software for managing and monitoring remote devices in telemetry and telemechanics systems allows a perpetrator to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the GetGateways method in the software for managing and monitoring remote devices in telemetering and telemechanics systems is related to the lack of protective measures for the SQL query structure. Exploiting this vulnerability allows a malicious actor to compromise the...

9CVSS5.7AI score0.00604EPSS
Exploits0References2Affected Software1
NVD
NVD
added 2025/04/24 5:15 p.m.42 views

CVE-2025-31324

SAP NetWeaver Visual Composer Metadata Uploader is not protected with a proper authorization, allowing unauthenticated agent to upload potentially malicious executable binaries that could severely harm the host system. This could significantly affect the confidentiality, integrity, and availabili...

10CVSS0.99359EPSS
Exploits18References6
Cvelist
Cvelist
added 2025/04/24 4:50 p.m.128 views

CVE-2025-31324 Missing Authorization check in SAP NetWeaver (Visual Composer development server)

SAP NetWeaver Visual Composer Metadata Uploader is not protected with a proper authorization, allowing unauthenticated agent to upload potentially malicious executable binaries that could severely harm the host system. This could significantly affect the confidentiality, integrity, and availabili...

10CVSS0.99359EPSS
Exploits18References2
NVD
NVD
added 2025/04/24 4:15 p.m.11 views

CVE-2025-46528

Cross-Site Request Forgery CSRF vulnerability in Steve Availability Calendar availability allows Stored XSS.This issue affects Availability Calendar: from n/a through = 0.2.4...

7.1CVSS0.00116EPSS
Exploits0References1
CVE
CVE
added 2025/04/24 4:8 p.m.53 views

CVE-2025-46528

CVE-2025-46528 describes a Cross-Site Request Forgery (CSRF) vulnerability in the WordPress Availability Calendar plugin, which allows Stored XSS. Affected versions are Availability Calendar up to 0.2.4. The available connected sources confirm the CSRF vector and stored XSS potential but do not p...

7.1CVSS7.2AI score0.00116EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/04/24 4:8 p.m.18 views

CVE-2025-46528 WordPress Availability Calendar plugin <= 0.2.4 - Cross Site Request Forgery (CSRF) Vulnerability

Cross-Site Request Forgery CSRF vulnerability in Steve Availability Calendar availability allows Stored XSS.This issue affects Availability Calendar: from n/a through = 0.2.4...

7.1CVSS0.00116EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/04/24 4:8 p.m.6 views

CVE-2025-46528 WordPress Availability Calendar <= 0.2.4 - Cross Site Request Forgery (CSRF) Vulnerability

Cross-Site Request Forgery CSRF vulnerability in Steve Availability Calendar allows Stored XSS. This issue affects Availability Calendar: from n/a through 0.2.4...

7.1CVSS6.9AI score0.00116EPSS
Exploits0References1
NVD
NVD
added 2025/04/24 8:15 a.m.17 views

CVE-2025-0639

An issue has been discovered affecting service availability via issue preview in GitLab CE/EE affecting all versions from 16.7 before 17.9.7, 17.10 before 17.10.5, and 17.11 before 17.11.1...

7.5CVSS0.00398EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2025/04/24 7:31 a.m.8 views

CVE-2025-0639 Allocation of Resources Without Limits or Throttling in GitLab

An issue has been discovered affecting service availability via issue preview in GitLab CE/EE affecting all versions from 16.7 before 17.9.7, 17.10 before 17.10.5, and 17.11 before 17.11.1...

6.5CVSS6.6AI score0.00398EPSS
Exploits0References2
Cvelist
Cvelist
added 2025/04/24 7:31 a.m.36 views

CVE-2025-0639 Allocation of Resources Without Limits or Throttling in GitLab

An issue has been discovered affecting service availability via issue preview in GitLab CE/EE affecting all versions from 16.7 before 17.9.7, 17.10 before 17.10.5, and 17.11 before 17.11.1...

6.5CVSS0.00398EPSS
Exploits0References2
CVE
CVE
added 2025/04/24 7:31 a.m.65 views

CVE-2025-0639

CVE-2025-0639 affects GitLab CE/EE. The issue is described as impacting service availability via issue preview for all versions: 16.7 before 17.9.7, 17.10 before 17.10.5, and 17.11 before 17.11.1. The connected documents do not provide exploit details. Remediation is to upgrade to fixed releases:...

7.5CVSS6.9AI score0.00398EPSS
Exploits0References2Affected Software1
Debian CVE
Debian CVE
added 2025/04/24 7:31 a.m.11 views

CVE-2025-0639

Removed by vendor...

7.5CVSS5.8AI score0.00398EPSS
Exploits0
OSV
OSV
added 2025/04/24 7:31 a.m.9 views

CVE-2025-0639 Allocation of Resources Without Limits or Throttling in GitLab

An issue has been discovered affecting service availability via issue preview in GitLab CE/EE affecting all versions from 16.7 before 17.9.7, 17.10 before 17.10.5, and 17.11 before 17.11.1...

6.5CVSS6.6AI score0.00398EPSS
Exploits0References5
CNNVD
CNNVD
added 2025/04/24 12:0 a.m.4 views

WordPress plugin Availability Calendar 跨站请求伪造漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site request forger...

7.1CVSS7.3AI score0.00116EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/04/24 12:0 a.m.4 views

GitLab Enterprise Edition(EE)和GitLab Community Edition(CE) 安全漏洞

GitLab Enterprise Edition EE and GitLab Community Edition CE are both products of GitLab, Inc. GitLab Enterprise Edition is a content management system. GitLab Enterprise Edition is a content management system. A security vulnerability exists in GitLab Enterprise Edition EE and GitLab Community...

7.5CVSS6.1AI score0.00398EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2025/04/24 12:0 a.m.10 views

Amazon Linux AMI : runc (ALAS-2021-1556)

The version of runc installed on the remote host is prior to 1.0.0-0.1.20200204.gitdc9208a.1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS-2021-1556 advisory. runc through 1.0.0-rc8, as used in Docker through 19.03.2-ce and other products, allows AppArmor...

7.5CVSS6.8AI score0.04409EPSS
Exploits1References6
ATTACKERKB
ATTACKERKB
added 2025/04/23 9:15 p.m.3 views

CVE-2025-46399

A flaw was found in fig2dev. This vulnerability allows availability via local input manipulation via gengeitpspline function...

5.5CVSS5.9AI score0.00199EPSS
Exploits1References4
OSV
OSV
added 2025/04/23 9:15 p.m.6 views

CVE-2025-46400

In xfig diagramming tool, a segmentation fault while running fig2dev allows an attacker to availability via local input manipulation via readarcobject function...

5.5CVSS4.4AI score0.00199EPSS
Exploits1References4
Rows per page
Query Builder