Lucene search
K

13 matches found

Positive Technologies
Positive Technologies
added 2026/01/27 12:0 a.m.9 views

PT-2026-4891

Name of the Vulnerable Software and Affected Versions datavane tis versions prior to 4.3.0 Description An issue exists in datavane tis related to a loop with an unreachable exit condition, resulting in an infinite loop. This condition is present in the ChangeDomainAction.Java file within the...

10CVSS5.9AI score0.00268EPSS
Exploits0References6
RedhatCVE
RedhatCVE
added 2026/01/09 10:35 a.m.12 views

CVE-2017-18880

An issue was discovered in Mattermost Server before 4.3.0, 4.2.1, and 4.1.2. XSS could occur via the titlelink field of a Slack attachment...

6.1CVSS6AI score0.00685EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/10/24 12:40 a.m.11 views

CVE-2025-56008

Cross site scripting XSS vulnerability in KeeneticOS before 4.3 at "Wireless ISP" page allows attackers located near to the router to takeover the device via adding additional users with full permissions...

6.1CVSS6.1AI score0.00223EPSS
Exploits1References1
CNNVD
CNNVD
added 2023/06/22 12:0 a.m.5 views

Flask-AppBuilder 安全漏洞

Flask-AppBuilder is a simple and fast application development framework. A security vulnerability exists in Flask-AppBuilder versions prior to 4.3.2, which can be exploited by an attacker to trigger a database error by adding special characters to the Add, Edit user form...

2.7CVSS4.9AI score0.00676EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2023/03/29 12:0 a.m.7 views

PT-2023-15436 · Unknown · Quantumcloud Ai Chatbot Plugin

Name of the Vulnerable Software and Affected Versions: QuantumCloud AI ChatBot plugin versions prior to 4.3.0 Description: The issue is related to a Stored Cross-Site Scripting XSS vulnerability that requires authentication with admin+ privileges. Recommendations: For versions prior to 4.3.0,...

5.9CVSS4.9AI score0.00421EPSS
Exploits0References4
ATTACKERKB
ATTACKERKB
added 2022/06/20 1:15 p.m.3 views

CVE-2022-25772

A cross-site scripting XSS vulnerability in the web tracking component of Mautic before 4.3.0 allows remote attackers to inject executable javascript...

9.6CVSS6.7AI score0.61396EPSS
Exploits0References3
OSV
OSV
added 2022/03/10 5:44 p.m.8 views

AZL-8968 CVE-2022-0891 affecting package libtiff for versions less than 4.3.0-2

A heap buffer overflow in ExtractImageSection function in tiffcrop.c in libtiff library Version 4.3.0 allows attacker to trigger unsafe or out of bounds memory access via crafted TIFF image file which could result into application crash, potential information disclosure or any other...

7.1CVSS7AI score0.01542EPSS
Exploits1References1
OSV
OSV
added 2022/02/11 6:15 p.m.8 views

AZL-8529 CVE-2022-0562 affecting package libtiff for versions less than 4.3.0-2

Null source pointer passed as an argument to memcpy function within TIFFReadDirectory in tifdirread.c in libtiff versions from 4.0 to 4.3.0 could lead to Denial of Service via crafted TIFF file. For users that compile libtiff from sources, a fix is available with commit 561599c...

5.5CVSS6.7AI score0.0125EPSS
Exploits1References1
OSV
OSV
added 2019/12/25 12:15 a.m.1 views

DEBIAN-CVE-2019-19960

In wolfSSL before 4.3.0, wceccmulmodex does not properly resist side-channel attacks...

5.3CVSS6AI score0.00955EPSS
Exploits0References1
OSV
OSV
added 2018/09/18 8:29 p.m.4 views

CVE-2018-16671

An issue was discovered in CIRCONTROL CirCarLife before 4.3. There is system software information disclosure due to lack of authentication for /html/device-id...

5.3CVSS5.8AI score0.08851EPSS
Exploits5References2
CNVD
CNVD
added 2018/08/01 12:0 a.m.6 views

Apple iOS, tvOS and watchOS Kernel Local Information Disclosure Vulnerability

Apple iOS, tvOS, and watchOS are products of Apple Inc. Apple iOS is an operating system developed for mobile devices; tvOS is a smart TV operating system; and watchOS is a smart watch operating system. kernel is one of the kernel components. A security vulnerability exists in the Kernel componen...

5.5CVSS6.4AI score0.00349EPSS
Exploits0References1
OSV
OSV
added 2017/02/07 5:59 p.m.4 views

CVE-2016-5372

Cross-site request forgery CSRF vulnerability in NetApp Snap Creator Framework before 4.3.0P1 allows remote attackers to hijack the authentication of users for requests that have unspecified impact via unknown vectors...

6.3CVSS5.8AI score0.00532EPSS
Exploits0References2
CNVD
CNVD
added 2017/01/04 12:0 a.m.4 views

NETGEAR Multiple Product Catalog Traversal Vulnerability

NETGEAR is an American Netgear company, a manufacturer of computer networking equipment and other computer hardware. NETGEAR FVS336Gv3, FVS318N, FVS318Gv2, SRX5308 devices with firmware versions prior to 4.3.3-8 have a directory traversal vulnerability in scgi-bin/platform.cgi that could allow a...

6.5CVSS6.9AI score0.02427EPSS
Exploits0References1
Rows per page
Query Builder