Lucene search
K

6 matches found

NVD
NVD
added 2026/05/12 1:16 a.m.16 views

CVE-2026-45362

Sangoma Switchvox before 8.4 places cleartext SIP authentication credentials in a backup file...

3.2CVSS0.00095EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/04/09 12:0 a.m.4 views

CVE-2025-70364

An issue was discovered in Kiamo before 8.4 allowing authenticated administrative attackers to execute arbitrary PHP code on the server. NOTE: the Supplier's position is that this is "a historical and intended administrative feature of the product, accessible only to already authenticated users...

8.8CVSS6.2AI score0.00305EPSS
Exploits0References3
OSV
OSV
added 2025/03/21 10:15 p.m.7 views

AZL-77493 CVE-2025-30204 affecting package cf-cli for versions less than 8.4.0-27

golang-jwt is a Go implementation of JSON Web Tokens. Starting in version 3.2.0 and prior to versions 5.2.2 and 4.5.2, the function parse.ParseUnverified splits via a call to strings.Split its argument which is untrusted data on periods. As a result, in the face of a malicious request whose...

7.5CVSS6.7AI score0.00693EPSS
Exploits0References1
CNNVD
CNNVD
added 2023/05/08 12:0 a.m.17 views

WordPress plugin NEX-Forms SQL注入漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers running PHP and MySQL.WordPress plugin is an application plugin. A SQL injection vulnerability exist...

7.2CVSS7.7AI score0.44629EPSS
Exploits3References3
VulnCheck KEV
VulnCheck KEV
added 2021/10/07 12:0 a.m.5 views

VulnCheck KEV: CVE-2021-21983

Arbitrary file write vulnerability in vRealize Operations Manager API CVE-2021-21983 prior to 8.4 may allow an authenticated malicious actor with network access to the vRealize Operations Manager API can write files to arbitrary locations on the underlying photon operating system...

8.5CVSS7.1AI score0.68557EPSS
Exploits9References1
CNVD
CNVD
added 2019/09/12 12:0 a.m.5 views

Atlassian Jira Information Disclosure Vulnerability (CNVD-2019-32322)

Atlassian Jira is a defect tracking management system from Atlassian Australia. The system is used to track and manage all types of issues and defects in the workplace. An information disclosure vulnerability exists in the /rest/api/latest/groupuserpicker resource in Atlassian Jira versions prior...

5.3CVSS6.5AI score0.84771EPSS
Exploits8References1
Rows per page
Query Builder