Lucene search
K

8 matches found

NVD
NVD
added 2024/03/01 4:15 p.m.33 views

CVE-2024-27138

UNSUPPORTED WHEN ASSIGNED Incorrect Authorization vulnerability in Apache Archiva. Apache Archiva has a setting to disable user registration, however this restriction can be bypassed. As Apache Archiva has been retired, we do not expect to release a version of Apache Archiva that fixes this issue...

7.5CVSS6.4AI score0.01192EPSS
Exploits0References2
Hacker One
Hacker One
added 2020/07/09 10:18 p.m.18 views

Automattic: Captcha checker "pd-captcha_form_SURVEYID" cookie is accepting any value

Summary: Hi team, There is a Captcha protection feature on surveys and polls. If you captcha protection enabled survey, you will see this : F901789 When you solve captcha and click Submit Captcha, website sets a cookie like this : F901799 And if you delete this cookie and try access to survey, yo...

1AI score
Exploits0
Veracode
Veracode
added 2019/05/02 6:7 a.m.31 views

Privilege Escalation

sudo is vulnerable to privilege escalation vulnerability. sudo noexec restriction could have been bypassed if application run via sudo executed wordexp C library function with a user supplied argument which allow local users to inject arbitrary commands with elevated privileges...

7.8CVSS7.8AI score0.00493EPSS
Exploits0References9Affected Software2
Cvelist
Cvelist
added 2018/05/31 6:0 p.m.18 views

CVE-2018-11142

The 'systemui/settingsnetwork.php' and 'systemui/settingspatching.php' scripts in the Quest KACE System Management Appliance 8.0.318 are accessible only from localhost. This restriction can be bypassed by modifying the 'Host' and 'XForwardedFor' HTTP headers in a POST request. An anonymous user c...

6.4AI score0.00423EPSS
Exploits3References1
Tenable Nessus
Tenable Nessus
added 2016/12/07 12:0 a.m.34 views

RHEL 6 / 7 : sudo (RHSA-2016:2872)

An update for sudo is now available for Red Hat Enterprise Linux 6 and Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available fo...

7.8CVSS7.5AI score0.00493EPSS
Exploits0References5
Cvelist
Cvelist
added 2015/10/14 11:0 p.m.31 views

CVE-2015-6711

The DoIdentityDialog method in Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13, Acrobat and Acrobat Reader DC Classic before 2015.006.30094, and Acrobat and Acrobat Reader DC Continuous before 2015.009.20069 on Windows and OS X allows attackers to bypass JavaScript API...

6.4AI score0.0643EPSS
Exploits0References3
UbuntuCve
UbuntuCve
added 2015/01/20 3:59 p.m.24 views

CVE-2014-9494

RabbitMQ before 3.4.0 allows remote attackers to bypass the loopbackusers restriction via a crafted X-Forwareded-For header...

5CVSS5.9AI score0.01393EPSS
Exploits0References2
Exploit DB
Exploit DB
added 2011/08/19 12:0 a.m.65 views

Apache Struts < 2.2.0 - Remote Command Execution (Metasploit)

$Id: strutscodeexec.rb 13586 2011-08-19 05:59:32Z bannedit $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use...

5CVSS6.6AI score0.91079EPSS
Exploits22
Rows per page
Query Builder