Lucene search
K

112 matches found

NVD
NVD
added 2024/02/08 7:15 p.m.34 views

CVE-2024-24215

An issue in the component /cgi-bin/GetJsonValue.cgi of Cellinx NVT Web Server 5.0.0.014 allows attackers to leak configuration information via a crafted POST request...

5.3CVSS5AI score0.005EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2024/02/06 12:0 a.m.15 views

CVE-2024-24291

An issue in the component /member/index/login of yzmcms v7.0 allows attackers to direct users to malicious sites via a crafted URL...

6.9AI score0.00388EPSS
Exploits1References1
Cvelist
Cvelist
added 2024/02/06 12:0 a.m.35 views

CVE-2024-24291

An issue in the component /member/index/login of yzmcms v7.0 allows attackers to direct users to malicious sites via a crafted URL...

6.3AI score0.00388EPSS
Exploits1References1
Prion
Prion
added 2023/12/29 3:15 p.m.15 views

Information disclosure

An issue in the component IPAddressBitsDivision of IPAddress v5.1.0 leads to an infinite loop. This is disputed because an infinite loop occurs only for cases in which the developer supplies invalid arguments. The product is not intended to always halt for contrived inputs...

1.9CVSS7.1AI score0.00274EPSS
Exploits1References1Affected Software1
Positive Technologies
Positive Technologies
added 2023/12/07 12:0 a.m.9 views

PT-2023-9571

Name of the Vulnerable Software and Affected Versions Oracle Java SE versions 8u421, 8u421-perf, 11.0.24, 17.0.12, 21.0.4, 23 Oracle GraalVM for JDK versions 17.0.12, 21.0.4, 23 Oracle GraalVM Enterprise Edition versions 20.3.15, 21.3.11 Description The issue is related to the Serialization...

4.8CVSS6.8AI score0.01157EPSS
Exploits0References433
NVD
NVD
added 2023/10/31 2:15 a.m.25 views

CVE-2023-45899

An issue in the component SuperUserSetuserModuleFrontController:init of idnovate superuser before v2.4.2 allows attackers to bypass authentication via a crafted HTTP call...

7.5CVSS7.5AI score0.00821EPSS
Exploits1References1
OSV
OSV
added 2023/09/19 2:15 a.m.26 views

CVE-2023-41599

An issue in the component /common/DownController.java of JFinalCMS v5.0.0 allows attackers to execute a directory traversal...

5.3CVSS7.3AI score
Exploits0References1
Vulnrichment
Vulnrichment
added 2023/09/19 12:0 a.m.19 views

CVE-2023-41599

An issue in the component /common/DownController.java of JFinalCMS v5.0.0 allows attackers to execute a directory traversal...

7AI score0.11215EPSS
Exploits1References1
Vulnrichment
Vulnrichment
added 2023/08/21 12:0 a.m.14 views

CVE-2023-39748

An issue in the component /userRpm/NetworkCfgRpm of TP-Link TL-WR1041N V2 allows attackers to cause a Denial of Service DoS via a crafted GET request...

6.7AI score0.00632EPSS
Exploits1References1
Cvelist
Cvelist
added 2023/04/27 12:0 a.m.27 views

CVE-2023-30380

An issue in the component /dialog/selectmedia.php of DedeCMS v5.7.107 allows attackers to execute a directory traversal...

8.3AI score0.01223EPSS
Exploits1References1
Citrix
Citrix
added 2023/03/17 12:0 a.m.11 views

Citrix Secure Access setup failed in Windows11 (ARM64 based)

CitrixSecure Accesssetup failed in Windows11 ARM64 based with the below error "Unable to manage network component. The condition can be transient. If it persists, it maybe because you're a member of the Network ConfigurationOperators group......"...

7AI score
Exploits0
OSV
OSV
added 2023/02/06 8:15 p.m.6 views

CVE-2023-20614

In ril, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07628615; Issue ID: ALPS07628615...

6.7CVSS6.7AI score0.001EPSS
Exploits0References1
NVD
NVD
added 2023/01/23 5:15 a.m.21 views

CVE-2022-46959

An issue in the component /admin/backups/work-dir of Sonic v1.0.4 allows attackers to execute a directory traversal...

4.3CVSS4.8AI score0.0077EPSS
Exploits1References1
OSV
OSV
added 2023/01/23 5:15 a.m.11 views

CVE-2022-46959

An issue in the component /admin/backups/work-dir of Sonic v1.0.4 allows attackers to execute a directory traversal...

4.3CVSS4.8AI score
Exploits0References1
OSV
OSV
added 2023/01/12 7:24 p.m.22 views

CVE-2023-22488 Missing authorization in Flarum

Flarum is a forum software for building communities. Using the notifications feature, one can read restricted/private content and bypass access checks that would be in place for such content. The notification-sending component does not check that the subject of the notification can be seen by the...

6.8CVSS5.6AI score0.00397EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2022/11/23 12:0 a.m.6 views

CVE-2022-44140

Jizhicms v2.3.3 was discovered to contain a SQL injection vulnerability via the /Member/memberedit.html component...

8.2AI score0.0072EPSS
Exploits1References1
Vulnrichment
Vulnrichment
added 2022/11/02 12:0 a.m.5 views

CVE-2022-43255

GPAC v2.1-DEV-rev368-gfd054169b-master was discovered to contain a memory leak via the component gfodfnewiod at odf/odfcode.c...

7.5AI score0.00284EPSS
Exploits1References2
OSV
OSV
added 2022/07/22 11:15 p.m.18 views

CVE-2022-34113

An issue in the component /api/plugin/upload of Dataease v1.11.1 allows attackers to execute arbitrary code via a crafted plugin...

9.8CVSS9.5AI score
Exploits0References1
NVD
NVD
added 2022/07/01 12:15 p.m.33 views

CVE-2022-33099

An issue in the component luaGrunerror of Lua v5.4.4 and below leads to a heap-buffer overflow when a recursive error occurs...

7.5CVSS0.025EPSS
Exploits1References7
Positive Technologies
Positive Technologies
added 2022/04/19 12:0 a.m.7 views

PT-2022-2416 · Oracle +11 · Mysql Server +10

Name of the Vulnerable Software and Affected Versions: MySQL Server versions 5.7.37 and prior MySQL Server versions 8.0.28 and prior Description: A vulnerability in the MySQL Server product allows a high privileged attacker with network access via multiple protocols to compromise the server...

10CVSS6.7AI score0.87816EPSS
Exploits130References1643
Rows per page
Query Builder