Lucene search
K

313 matches found

CNVD
CNVD
added 2021/10/11 12:0 a.m.17 views

webTareas Code Issues Vulnerabilities

webTareas is a web-based open source collaboration tool. The product supports features such as project management, bug tracking, content management and meeting management. A security vulnerability exists in webTareas 2.4 and earlier versions that allows an attacker to exploit the platform by...

8.8CVSS8.7AI score0.02295EPSS
Exploits1References1
CNVD
CNVD
added 2021/10/11 12:0 a.m.15 views

webTareas Cross-Site Scripting Vulnerability (CNVD-2021-85276)

webTareas is a web-based open source collaboration tool. The product supports features such as project management, bug tracking, content management and meeting management. A security vulnerability exists in webTareas, which can be exploited by an attacker to store arbitrary web script or HTML by...

5.4CVSS5.4AI score0.00549EPSS
Exploits1References1
UbuntuCve
UbuntuCve
added 2021/09/14 12:0 a.m.20 views

CVE-2021-3709

Function checkattachmentforerrors in file data/general-hooks/ubuntu.py could be tricked into exposing private data via a constructed crash file. This issue affects: apport 2.14.1 versions prior to 2.14.1-0ubuntu3.29+esm8; 2.20.1 versions prior to 2.20.1-0ubuntu2.30+esm2; 2.20.9 versions prior to...

6.5CVSS6.4AI score0.00448EPSS
Exploits1References3
CNVD
CNVD
added 2021/08/19 12:0 a.m.14 views

webTareas path traversal vulnerability

webTareas is a Web-based open source collaboration tool. The product supports project management, bug tracking, content management and meeting management. webTareas version 2.0 has a path traversal vulnerability, which stems from the fact that the extpath parameter in generalserv .php is not...

6.5CVSS2.9AI score0.01598EPSS
Exploits1References1
CNVD
CNVD
added 2021/08/10 12:0 a.m.18 views

JetBrains YouTrack Security Feature Issue Vulnerability

JetBrains YouTrack is a browser-based bug tracking and project management software from JetBrains Czech Republic. JetBrains YouTrack is vulnerable to a security feature that could be exploited by remote attackers to access sensitive information...

7.5CVSS4AI score0.01452EPSS
Exploits0References1
CNVD
CNVD
added 2021/08/10 12:0 a.m.20 views

JetBrains YouTrack has an unspecified vulnerability (CNVD-2022-09228)

JetBrains YouTrack is a browser-based bug tracking and project management software from JetBrains Czech Republic. JetBrains YouTrack contains a security vulnerability that could be exploited by remote attackers to bypass implemented security restrictions...

7.5CVSS4.6AI score0.01126EPSS
Exploits0References1
CNVD
CNVD
added 2021/08/07 12:0 a.m.22 views

JetBrains YouTrack Elevation of Privilege Vulnerability

JetBrains YouTrack is a browser-based bug tracking and project management software from JetBrains Czech Republic. JetBrains YouTrack has an elevation of privilege vulnerability that could be exploited by an attacker to bypass implemented security restrictions and elevate privileges on the system...

9.1CVSS4AI score0.01346EPSS
Exploits0References1
UbuntuCve
UbuntuCve
added 2021/07/26 5:15 a.m.30 views

CVE-2021-21443

Agents are able to list customer user emails without required permissions in the bulk action screen. This issue affects: OTRS AG OTRS Community Edition: 6.0.x version 6.0.1 and later versions. OTRS AG OTRS: 7.0.x versions prior to 7.0.27...

4.3CVSS6.3AI score0.0085EPSS
Exploits0References2
Fedora
Fedora
added 2021/07/26 12:42 a.m.33 views

[SECURITY] Fedora 34 Update: fossil-2.14.2-1.fc34

Fossil is a simple, high-reliability, distributed software configuration management with distributed bug tracking, distributed wiki and built-in web interface...

7.5CVSS2.7AI score0.00574EPSS
Exploits0
UbuntuCve
UbuntuCve
added 2021/03/30 6:15 p.m.33 views

CVE-2021-3475

There is a flaw in OpenEXR in versions before 3.0.0-beta. An attacker who can submit a crafted file to be processed by OpenEXR could cause an integer overflow, potentially leading to problems with application availability...

5.3CVSS6.8AI score0.01848EPSS
Exploits0References2
CNVD
CNVD
added 2021/03/29 12:0 a.m.6 views

SourceForge Kagemai Cross-Site Scripting Vulnerability (CNVD-2021-24011)

SourceForge Organization kagemai is an application of the Japanese open source SourceForge Organization . A Web-based bug tracking system BTS. Kagemai 0.8.6 suffers from a cross-site scripting vulnerability that can be exploited by an attacker to execute arbitrary script in a user's web browser...

6.1CVSS6.5AI score0.00756EPSS
Exploits0References1
CNVD
CNVD
added 2021/03/29 12:0 a.m.7 views

SourceForge Kagemai Cross-Site Scripting Vulnerability

SourceForge Organization kagemai is an application of the Japanese open source SourceForge Organization . A Web-based bug tracking system BTS. Kagemai 0.8.6 suffers from a cross-site scripting vulnerability that could allow an attacker to execute arbitrary script in a user's web browser...

6.1CVSS6.6AI score0.00756EPSS
Exploits0References1
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2021/03/25 8:43 a.m.3 views

Kagemai vulnerable to cross-site scripting

Overview Kagemai provided by daifukuya.com is a bug tracking system to share bug information of the software being developed among its development team. Kagemai contains a cross-site scripting vulnerability CWE-79. During the meeting of Committee for authorizing the disclosure of unresolved...

6.1CVSS6AI score0.00756EPSS
Exploits0References4
CNNVD
CNNVD
added 2021/03/25 12:0 a.m.6 views

SourceForge Kagemai 跨站脚本漏洞

SourceForge Organization kagemai is an application of the Japanese open source SourceForge Organization . A Web-based bug tracking system BTS. Kagemai 0.8.6 suffers from a cross-site scripting vulnerability that could allow an attacker to execute arbitrary script in a user's web browser...

6.1CVSS5.6AI score0.00756EPSS
Exploits0References3
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2021/03/25 12:0 a.m.53 views

JVN#12559271: Kagemai vulnerable to cross-site scripting

Kagemai provided by daifukuya.com is a bug tracking system to share bug information of the software being developed among its development team. Kagemai contains a cross-site scripting vulnerability CWE-79. Impact An arbitrary script may be executed on the user's web browser. Solution Consider sto...

6.1CVSS6AI score0.00756EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2021/03/25 12:0 a.m.54 views

JVN#11438679: Kagemai vulnerable to cross-site request forgery

Kagemai provided by daifukuya.com is a bug tracking system to share bug information of the software being developed among its development team. Kagemai contains a cross-site request forgery vulnerability CWE-352 which allows unintended operations if a user with an administrative privilege views a...

8.8CVSS8.7AI score0.00558EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2021/03/25 12:0 a.m.54 views

JVN#42220311: Kagemai vulnerable to cross-site scripting

Kagemai provided by daifukuya.com is a bug tracking system to share bug information of the software being developed among its development team. Kagemai contains a stored cross-site scripting vulnerability CWE-79 which allows an unintended script execution on the web browser of the user who can...

6.1CVSS6AI score0.00756EPSS
Exploits0
CNVD
CNVD
added 2021/02/05 12:0 a.m.6 views

Unspecified Vulnerability in JetBrains YouTrack (CNVD-2021-09914)

JetBrains YouTrack is a browser-based bug tracking and project management software from the Czech company JetBrains. The software features bug tracking, creating workflows and monitoring project progress. A security vulnerability exists in JetBrains YouTrack before 2020.6.1767, which stems from a...

5.3CVSS6.8AI score0.02565EPSS
Exploits0References1
CNVD
CNVD
added 2021/02/05 12:0 a.m.9 views

Unspecified Vulnerability in JetBrains YouTrack

JetBrains YouTrack is a browser-based bug tracking and project management software from the Czech company JetBrains. The software features bug tracking, creating workflows and monitoring project progress. A security vulnerability exists in JetBrains YouTrack that stems from doing improper resourc...

5.3CVSS6.8AI score0.0143EPSS
Exploits0References1
CVE
CVE
added 2021/01/29 6:45 a.m.68 views

CVE-2020-29604

MantisBT before 2.24.4 suffers a missing access check in bug_actiongroup.php, enabling a user with rights to create issues to copy a private issue (via bug_arr[]) and clone it with all bugnotes and attachments, exposing confidential data. Affected: MantisBT

6.5CVSS6.6AI score0.01142EPSS
Exploits1References2Affected Software1
Rows per page
Query Builder