Lucene search
K

14 matches found

Cvelist
Cvelist
added 2026/05/04 6:10 p.m.62 views

CVE-2026-43964

Postfix before 3.8.16, 3.9 before 3.9.10, and 3.10 before 3.10.9 sometimes allows a buffer over-read and process crash via an enhanced status code that lacks text after the third number...

3.7CVSS0.00415EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/01/29 10:56 a.m.35 views

CVE-2026-22764

Dell OpenManage Network Integration, versions prior to 3.9, contains an Improper Authentication vulnerability. A low privileged attacker with remote access could potentially exploit this vulnerability, leading to Information exposure...

4.3CVSS0.00217EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/10/07 1:29 p.m.1 views

CVE-2021-22291 EIBPORT Reflected XSS

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in ABB EIBPORT V3 KNX, ABB EIBPORT V3 KNX GSM.This issue affects EIBPORT V3 KNX: before 3.9.2; EIBPORT V3 KNX GSM: before 3.9.2...

8.5CVSS6.1AI score0.00296EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/10/07 1:29 p.m.8 views

CVE-2021-22291 EIBPORT Reflected XSS

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in ABB EIBPORT V3 KNX, ABB EIBPORT V3 KNX GSM.This issue affects EIBPORT V3 KNX: before 3.9.2; EIBPORT V3 KNX GSM: before 3.9.2...

8.5CVSS0.00296EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 2:41 a.m.4 views

CVE-2023-23762

An incorrect comparison vulnerability was identified in GitHub Enterprise Server that allowed commit smuggling by displaying an incorrect diff. To do so, an attacker would need write access to the repository and be able to correctly guess the target branch before it’s created by the code...

6.5CVSS6.9AI score0.0064EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 8:39 p.m.3 views

CVE-2021-26999

NetApp Cloud Manager versions prior to 3.9.9 log sensitive information when an Active Directory connection fails. The logged information is available only to authenticated users. Customers with auto-upgrade enabled should already be on a fixed version while customers using on-prem connectors with...

4.3CVSS5.9AI score0.00646EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/02/03 12:0 a.m.5 views

PT-2025-1623 · WordPress · Eventer

Name of the Vulnerable Software and Affected Versions: Eventer plugin for WordPress versions prior to 3.9.10 Description: The issue allows unauthorized access to data due to a missing capability check on the eventer export bookings csv function. This enables authenticated attackers with...

6.5CVSS9.4AI score0.00306EPSS
Exploits0References6
OSV
OSV
added 2024/07/15 1:15 a.m.7 views

AZL-60199 CVE-2024-6345 affecting package python3 for versions less than 3.9.19-12

A vulnerability in the packageindex module of pypa/setuptools versions up to 69.1.1 allows for remote code execution via its download functions. These functions, which are used to download packages from URLs provided by users or retrieved from package index servers, are susceptible to code...

8.8CVSS7.7AI score0.01939EPSS
Exploits0References1
OSV
OSV
added 2024/07/05 5:15 p.m.3 views

CVE-2024-39150

vditor v.3.9.8 and before is vulnerable to Arbitrary file read via a crafted data packet...

5.9CVSS6.8AI score
Exploits0References1
OSV
OSV
added 2023/10/23 2:15 p.m.6 views

CVE-2023-28803

An authentication bypass by spoofing of a device with a synthetic IP address is possible in Zscaler Client Connector on Windows, allowing a functionality bypass. This issue affects Client Connector: before 3.9...

6.5CVSS5.8AI score0.00261EPSS
Exploits0References1
SUSE CVE
SUSE CVE
added 2023/02/15 3:49 a.m.1 views

SUSE CVE-2021-3426

There's a flaw in Python 3's pydoc. A local or adjacent attacker who discovers or is able to convince another local or adjacent user to start a pydoc server could access the server and use it to disclose sensitive information belonging to the other user that they would not normally be able to...

5.5CVSS9.1AI score0.01863EPSS
Exploits0References63
CNVD
CNVD
added 2020/03/23 12:0 a.m.2 views

Unspecified vulnerability in rConfig (CNVD-2020-22276)

rConfig is an open source network configuration management utility . A security vulnerability exists in the includes/head.inc.php file in versions of rConfig prior to 3.9.4, which can be exploited to retrieve stored credentials in plaintext form by sending a GET request to the settings.php file...

7.5CVSS6.7AI score0.16671EPSS
Exploits1References1
OSV
OSV
added 2016/12/13 4:59 p.m.1 views

DEBIAN-CVE-2016-7440

The C software implementation of AES Encryption and Decryption in wolfSSL formerly CyaSSL before 3.9.10 makes it easier for local users to discover AES keys by leveraging cache-bank timing differences...

5.5CVSS9.1AI score0.00304EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2013/07/04 12:0 a.m.2 views

PT-2013-3612 · Linux +3 · Linux Kernel +3

Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 3.9 Description: The issue concerns the key notify policy flush function in the Linux kernel, which fails to initialize a certain structure member. This allows local users to obtain sensitive information from...

6.9CVSS6.3AI score0.04707EPSS
Exploits6References101
Rows per page
Query Builder