Lucene search
K

4 matches found

OSV
OSV
added 2025/10/30 10:15 p.m.6 views

CVE-2018-25119

Nagios Fusion versions prior to 4.1.5 are vulnerable to cross-site scripting XSS via the "fusionwindow" parameter. Insufficient validation or escaping of user-supplied input may allow an attacker to inject and execute arbitrary script in the context of a victim's browser...

6.1CVSS5.9AI score0.00471EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/10/15 12:0 a.m.6 views

Adobe Dimension < 4.1.5 Multiple Arbitrary code execution (APSB25-103) (macOS)

The version of Adobe Dimension installed on the remote macOS host is prior to 4.1.5. It is, therefore, affected by multiple vulnerabilities as referenced in the APSB25-103 advisory. - Use After Free CWE-416 potentially leading to Arbitrary code execution CVE-2025-61801 - Out-of-bounds Read CWE-12...

7.8CVSS6.2AI score0.0021EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2021/05/11 12:0 a.m.3 views

PT-2021-11765 · Unknown · Kk Star Ratings

Name of the Vulnerable Software and Affected Versions: kk Star Ratings plugin versions prior to 4.1.5 Description: The issue is related to a Cross Site Scripting XSS vulnerability. This type of vulnerability allows an attacker to inject malicious scripts into a website, potentially leading to...

6.1CVSS5.8AI score0.00685EPSS
Exploits0References6
OSV
OSV
added 2018/10/17 8:28 p.m.18 views

GHSA-45VG-2V73-VM62 Moderate severity vulnerability that affects org.springframework:spring-core

The Java SockJS client in Pivotal Spring Framework 4.1.x before 4.1.5 generates predictable session ids, which allows remote attackers to send messages to other sessions via unspecified vectors...

5CVSS6.5AI score0.019EPSS
Exploits0References6
Rows per page
Query Builder