Lucene search
K

11 matches found

Cvelist
Cvelist
added 2025/12/11 4:29 p.m.38 views

CVE-2024-8273

Authentication Bypass by Spoofing vulnerability in HYPR Server allows Identity Spoofing.This issue affects Server: before 10.1...

8.4CVSS0.0027EPSS
Exploits0References1
CVE
CVE
added 2025/10/28 9:46 p.m.40 views

CVE-2025-64095

Summary (CVE-2025-64095) : DNN (DotNetNuke) versions before 10.1.1 are vulnerable to an unrestricted file upload due to the default HTML editor provider, allowing unauthenticated users to upload and overwrite files. This can enable website defacement and, when combined with other issues, potentia...

10CVSS6.2AI score0.44656EPSS
In wildExploits3References1Affected Software1
Cvelist
Cvelist
added 2025/10/28 9:44 p.m.11 views

CVE-2025-64094 DNN vulnerable to stored cross-site-scripting (XSS) via SVG upload

DNN formerly DotNetNuke is an open-source web content management platform CMS in the Microsoft ecosystem. Prior to 10.1.1, sanitization of the content of uploaded SVG files was not covering all possible XSS scenarios. This vulnerability exists because of an incomplete fix for CVE-2025-48378. This...

6.4CVSS0.00179EPSS
Exploits0References1
Microsoft CVE
Microsoft CVE
added 2025/10/08 8:2 a.m.7 views

ssh in OpenSSH before 10.1 allows the '\0' character in an ssh:// URI, potentially leading to code execution when a ProxyCommand is used.

...

4.5CVSS7AI score0.00113EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2025/08/24 12:0 a.m.6 views

Linux Distros Unpatched Vulnerability : CVE-2017-2386

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in certain Apple products. iOS before 10.3 is affected. Safari before 10.1 is affected. tvOS before 10.2 is affected. The issue involves...

6.5CVSS7.1AI score0.01712EPSS
Exploits0References2
CNNVD
CNNVD
added 2025/03/31 12:0 a.m.5 views

Zulip server 安全漏洞

Zulip server is an open source team chat application from Zulip, Inc. in the United States. A security vulnerability exists in versions of Zulip server prior to 10.1, which stems from insufficient permission checking in the Delete Organizational Custom Profile Fields API, which could result in an...

2.7CVSS6.6AI score0.00256EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2024/02/28 12:0 a.m.6 views

PT-2024-2658 · Hitachi Vantara +1 · Hitachi Vantara Pentaho Data Integration & Analytics +1

Name of the Vulnerable Software and Affected Versions: Hitachi Vantara Pentaho Data Integration & Analytics versions prior to 10.1.0.0 and 9.3.0.6, including 9.5.x and 8.3.x Description: The issue is related to the disclosure of information through a server error message. It may allow a remote...

5.3CVSS6.9AI score0.00376EPSS
Exploits0References8
OSV
OSV
added 2023/11/17 6:15 a.m.2 views

UBUNTU-CVE-2023-38315

An issue was discovered in OpenNDS Captive Portal before version 10.1.2. It has a trytoauthenticate NULL pointer dereference that can be triggered with a crafted GET HTTP with a missing client token query string parameter. Triggering this issue results in crashing OpenNDS a Denial-of-Service...

7.5CVSS7.1AI score0.00964EPSS
Exploits0References4
OSV
OSV
added 2021/02/23 6:15 p.m.4 views

CVE-2021-22651

When loading a specially crafted file, Luxion KeyShot versions prior to 10.1, Luxion KeyShot Viewer versions prior to 10.1, Luxion KeyShot Network Rendering versions prior to 10.1, and Luxion KeyVR versions prior to 10.1 are, while processing the extraction of temporary files, suffering from a...

7.8CVSS7.2AI score0.02646EPSS
Exploits0References3
OSV
OSV
added 2017/05/22 5:29 a.m.4 views

CVE-2017-2495

An issue was discovered in certain Apple products. iOS before 10.3.2 is affected. Safari before 10.1.1 is affected. The issue involves the "Safari" component. It allows remote attackers to cause a denial of service application crash via a crafted web site that improperly interacts with the histor...

6.5CVSS7.2AI score0.00884EPSS
Exploits0References4
OSV
OSV
added 2017/02/20 8:59 a.m.1 views

CVE-2016-4670

An issue was discovered in certain Apple products. iOS before 10.1 is affected. macOS before 10.12.1 is affected. The issue involves the "Security" component. It allows local users to discover lengths of arbitrary passwords by reading a log...

3.3CVSS5.9AI score0.00307EPSS
Exploits0References3
Rows per page
Query Builder