Lucene search
K

8 matches found

CNNVD
CNNVD
added 2026/05/11 12:0 a.m.11 views

Devs Palace ERP Online 跨站脚本漏洞

Devs Palace ERP Online is a cloud-based enterprise resource planning and business management system developed by Devs Palace. Versions of Devs Palace ERP Online 4.0.0 and earlier contained a cross-site scripting vulnerability. This vulnerability stemmed from operations on unknown code located in...

4.8CVSS5.7AI score0.00202EPSS
Exploits0References1
Packet Storm News
Packet Storm News
added 2026/02/15 12:0 a.m.12 views

AXE: An Agentic EXploit Engine for Confirming Zero-Day Vulnerability Reports

Vulnerability detection tools are widely adopted in software projects, yet they often overwhelm maintainers with false positives and non-actionable reports. Automated exploitation systems can help validate these reports; however, existing approaches typically operate in isolation from detection...

5.9AI score
Exploits0
RedhatCVE
RedhatCVE
added 2025/05/23 9:36 a.m.7 views

CVE-2024-22955

swftools 0.9.2 was discovered to contain a stack-buffer-underflow vulnerability via the function parseExpression at swftools/src/swfc.c:2576...

7.8CVSS7.3AI score0.0033EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/23 9:31 a.m.26 views

CVE-2024-26339

swftools v0.9.2 was discovered to contain a strcpy parameter overlap via /home/swftools/src/swfc+0x48318a...

9.1CVSS9.2AI score0.00838EPSS
Exploits1References1
Github Security Blog
Github Security Blog
added 2024/03/22 4:29 p.m.34 views

Grav File Upload Path Traversal

Summary Grav is vulnerable to a file upload path traversal vulnerability, that can allow an adversary to replace or create files with extensions such as .json, .zip, .css, .gif, etc. This vulnerabiltiy can allow attackers to inject arbitrary code on the server, undermine integrity of backup files...

8.8CVSS9.4AI score0.60585EPSS
Exploits1References4Affected Software1
OSV
OSV
added 2023/12/04 11:13 p.m.30 views

GHSA-37VQ-HR2F-G7H7 HtmlUnit vulnerable to Remote Code Execution (RCE) via XSTL

Summary HtmlUnit 3.8.0 are vulnerable to Remote Code Execution RCE via XSTL, when browsing the attacker’s webpage Details Vulnerability code location: org.htmlunit.activex.javascript.msxml.XSLProcessortransformorg.htmlunit.activex.javascript.msxml.XMLDOMNode The reason for the vulnerability is th...

9.8CVSS9.3AI score0.02378EPSS
Exploits1References4
UbuntuCve
UbuntuCve
added 2023/07/28 3:15 p.m.30 views

CVE-2023-39017

quartz-jobs 2.3.2 and below was discovered to contain a code injection vulnerability in the component org.quartz.jobs.ee.jms.SendQueueMessageJob.execute. This vulnerability is exploited via passing an unchecked argument. NOTE: this is disputed by multiple parties because it is not plausible that...

9.8CVSS6.9AI score0.01017EPSS
Exploits1References2
seebug.org
seebug.org
added 2017/10/19 12:0 a.m.134 views

Apache Solr 7.0.1 - XML External Entity Expansion / Remote Code Execution(CVE-2017-12629)

First Vulnerability: XML External Entity Expansion deftype=xmlparser Lucene includes a query parser that is able to create the full-spectrum of Lucene queries, using an XML data structure. Starting from version 5.1 Solr supports "xml" query parser in the search query. The problem is that lucene x...

7.5CVSS10.4AI score0.91896EPSS
Exploits11
Rows per page
Query Builder