Lucene search
K

13 matches found

RedhatCVE
RedhatCVE
added 2026/01/29 3:26 a.m.8 views

CVE-2025-54373

OpenEMR is a free and open source electronic health records and medical practice management application. Versions prior to 7.0.4 have a vulnerability where sensitive data is unintentionally revealed to unauthorized parties. Contents of Clinical Notes and Care Plan, where an encounter has...

7.1CVSS5.9AI score0.00372EPSS
Exploits1References1
CNNVD
CNNVD
added 2025/08/11 12:0 a.m.5 views

Masa CMS SQL注入漏洞

Masa CMS is a digital experience platform. A SQL injection vulnerability exists in MASA CMS versions prior to 7.4.6, prior to 7.3.13, and prior to 7.2.8, which stems from a SQL injection in the processAsyncObject method that could lead to remote code execution...

9.8CVSS8.4AI score0.68593EPSS
Exploits3References11
RedhatCVE
RedhatCVE
added 2025/05/23 8:43 a.m.6 views

CVE-2024-23679

Enonic XP versions less than 7.7.4 are vulnerable to a session fixation issue. An remote and unauthenticated attacker can use prior sessions due to the lack of invalidating session attributes...

9.8CVSS9.1AI score0.00836EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/03/11 12:0 a.m.4 views

Fortinet FortiMail 安全漏洞

Fortinet FortiMail is a suite of email security gateway products from Fortinet. The product provides features such as e-mail security and data protection. A security vulnerability exists in Fortinet FortiMail versions 7.6.0 through 7.6.1 and prior to 7.4.3, which originates from a stack buffer...

6.7CVSS7.7AI score0.00175EPSS
Exploits0References2
CNNVD
CNNVD
added 2025/02/14 12:0 a.m.4 views

Alvaria Unified IP Unified Director 安全漏洞

Alvaria Unified IP Unified Director is a multichannel unified communications platform from Alvaria, Inc. that is primarily used for contact center management and customer interaction management. A security vulnerability exists in Alvaria Unified IP Unified Director prior to version 7.4 SP2, which...

9.8CVSS7.6AI score0.00824EPSS
Exploits0References1
OSV
OSV
added 2024/10/07 8:15 p.m.3 views

UBUNTU-CVE-2024-31227

Redis is an open source, in-memory database that persists on disk. An authenticated with sufficient privileges may create a malformed ACL selector which, when accessed, triggers a server panic and subsequent denial of service. The problem exists in Redis 7 prior to versions 7.2.6 and 7.4.1. Users...

4.4CVSS6.1AI score0.00397EPSS
Exploits0References4
VulnCheck KEV
VulnCheck KEV
added 2024/09/19 12:0 a.m.3 views

VulnCheck KEV: CVE-2015-8813

The PageLoad function in Umbraco.Web/umbraco.presentation/umbraco/dashboard/FeedProxy.aspx.cs in Umbraco before 7.4.0 allows remote attackers to conduct server-side request forgery SSRF attacks via the url parameter...

8.2CVSS5.8AI score0.11595EPSS
Exploits1References1
CNNVD
CNNVD
added 2024/02/05 12:0 a.m.6 views

Silicon Labs EmberZNet Security Vulnerability

Silicon Labs EmberZNet is a complete Zigbee protocol package from Silicon Labs, Inc. that contains all the elements required for robust and reliable mesh networking applications on the Silicon Labs Ember platform. A security vulnerability exists in Silicon Labs EmberZNet prior to version v7.4.0,...

7.5CVSS6.8AI score0.00351EPSS
Exploits0References3
CNNVD
CNNVD
added 2024/01/22 12:0 a.m.14 views

Fortra GoAnywhere MFT Security Vulnerability

Fortra GoAnywhere MFT is a secure file transfer solution from Fortra USA. A security vulnerability exists in Fortra GoAnywhere MFT versions prior to 7.4.1. An attacker exploited the vulnerability to bypass authentication in order to create an administrator user through the management portal...

9.8CVSS6.9AI score0.95086EPSS
Exploits8References6
CNNVD
CNNVD
added 2021/06/23 12:0 a.m.5 views

Accellion Kiteworks SQL注入漏洞

Accellion kiteworks is a next-generation mobile file sharing and collaboration platform that improves enterprise productivity and security. A SQL injection vulnerability exists in Accellion Kiteworks versions prior to 7.4.0. An attacker could exploit the vulnerability to obtain sensitive database...

8.8CVSS5.9AI score0.44106EPSS
Exploits0References3
OSV
OSV
added 2020/07/24 7:15 a.m.5 views

CVE-2020-14175

Affected versions of Atlassian Confluence Server and Data Center allow remote attackers to inject arbitrary HTML or JavaScript via a Cross-Site Scripting XSS vulnerability in user macro parameters. The affected versions are before version 7.4.2, and from version 7.5.0 before 7.5.2...

5.4CVSS6.2AI score0.01154EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2017/08/01 12:0 a.m.10 views

PT-2018-1896 · Openssh +5 · Openssh +5

Name of the Vulnerable Software and Affected Versions: OpenSSH versions prior to 7.4 Description: The issue is related to a denial of service caused by a NULL pointer dereference and daemon crash in OpenSSH. This can be triggered by remote attackers via an out-of-sequence NEWKEYS message, as...

10CVSS7.6AI score0.99506EPSS
Exploits207References410
CNVD
CNVD
added 2017/02/09 12:0 a.m.8 views

DotNetNuke Security Bypass Vulnerability

DotNetNuke DNN is a set of U.S. DNN company supported by Microsoft, based on the ASP.NET platform for open source content management system CMS. A security vulnerability exists in the installationwizard in versions of DNN prior to 7.4.1. A remote attacker can exploit the vulnerability by sending ...

9.8CVSS6.9AI score0.74552EPSS
Exploits4References1
Rows per page
Query Builder