Lucene search
+L

348 matches found

Fedora
Fedora
added 2022/11/03 3:31 p.m.43 views

[SECURITY] Fedora 35 Update: drupal7-7.92-1.fc35

Equipped with a powerful blend of features, Drupal is a Content Management System written in PHP that can support a variety of websites ranging from personal weblogs to large community-driven websites. Drupal is highly configurable, skinnable, and secure...

7.5CVSS2AI score0.44515EPSS
Exploits6
Fedora
Fedora
added 2022/10/23 9:4 a.m.59 views

[SECURITY] Fedora 36 Update: drupal7-7.92-1.fc36

Equipped with a powerful blend of features, Drupal is a Content Management System written in PHP that can support a variety of websites ranging from personal weblogs to large community-driven websites. Drupal is highly configurable, skinnable, and secure...

7.5CVSS2AI score0.44515EPSS
Exploits6
Prion
Prion
added 2022/10/19 4:15 p.m.17 views

Design/Logic Flaw

Jenkins Katalon Plugin 1.0.32 and earlier implements an agent/controller message that does not limit where it can be executed and allows invoking Katalon with configurable arguments, allowing attackers able to control agent processes to invoke Katalon on the Jenkins controller with...

6.5CVSS8.6AI score0.01088EPSS
Exploits0References2Affected Software1
Kitploit
Kitploit
added 2022/09/19 11:30 a.m.102 views

CATS - REST API Fuzzer And Negative Testing Tool For OpenAPI Endpoints

REST API fuzzer and negative testing tool. Run thousands of self-healing API tests within minutes with no coding effort! Comprehensive : tests are generated automatically based on a large number scenarios and cover every field and header Intelligent : tests are generated based on data types and...

6.4AI score
Exploits0References24
Broadcom
Broadcom
added 2022/09/13 12:0 a.m.26 views

CVE-2022-28169 - Brocade Fabric OS Privilege Escalation Vulnerability (BSA-2022-2075)

Security Advisory ID : BSA-2022-2075 Component : Webtools Revision : 3.1 Brocade Webtools in Brocade Fabric OS versions before Brocade Fabric OS versions v9.1.1, v9.0.1e, and v8.2.3c could allow a low privilege webtools user to gain elevated admin rights, or privileges, beyond what is intended or...

7.3CVSS7AI score0.00707EPSS
Exploits0
CNNVD
CNNVD
added 2022/08/15 12:0 a.m.7 views

Esri Portal For ArcGis 跨站脚本漏洞

Esri Portal For ArcGis is a component of Esri, Inc. that allows maps, scenes, applications, and other geographic information to be shared with others within an organization. A security vulnerability exists in Esri Portal For ArcGis, which stems from stored cross-site scripting XSS in configurable...

6.1CVSS6.8AI score0.0054EPSS
Exploits0References2
Fedora
Fedora
added 2022/07/28 1:30 a.m.21 views

[SECURITY] Fedora 35 Update: osmo-0.4.4-2.fc35

Osmo is a handy personal organizer which includes calendar, tasks manager and address book modules. It was designed to be a small, easy to use and good looking PIM tool to help to manage personal information. In current state the organizer is quite convenient in use - for example, user can perfor...

7.3AI score
Exploits0
Fedora
Fedora
added 2022/07/28 1:28 a.m.18 views

[SECURITY] Fedora 36 Update: osmo-0.4.4-2.fc36

Osmo is a handy personal organizer which includes calendar, tasks manager and address book modules. It was designed to be a small, easy to use and good looking PIM tool to help to manage personal information. In current state the organizer is quite convenient in use - for example, user can perfor...

7.3AI score
Exploits0
Positive Technologies
Positive Technologies
added 2022/06/22 12:0 a.m.21 views

PT-2022-3088 · Jtekt · Jtekt Toyopuc Plcs

Name of the Vulnerable Software and Affected Versions: JTEKT TOYOPUC PLCs through 2022-04-29 Description: The issue is related to the mishandling of authentication in JTEKT TOYOPUC PLCs. They utilize the CMPLink/TCP protocol, which is configurable on ports 1024-65534 on either TCP or UDP, for...

9.1CVSS7.6AI score0.00982EPSS
Exploits0References8
OSV
OSV
added 2022/06/17 12:18 a.m.6 views

GHSA-978J-88F3-P5J3 Threshold value is ignored (all shares are n=3)

Affected versions of this crate did not properly calculate secret shares requirements. This reduces the security of the algorithm by restricting the crate to always using a threshold value of three, rather than a configurable limit. The flaw was corrected by correctly configuring the threshold...

7AI score
Exploits0References3
GithubExploit
GithubExploit
added 2022/06/16 7:13 a.m.18 views

gogo

gogo blog posts. - https://chainreactors.github.io/wiki/blog...

5.8AI score
Exploits0
CNVD
CNVD
added 2022/06/05 12:0 a.m.17 views

Dominion Voting Systems ImageCast X has an unspecified vulnerability

Dominion Voting Systems ImageCast X is an intuitive and configurable face-to-face voting solution from Dominion Voting Systems.A security vulnerability exists in Dominion Voting Systems ImageCast X that could be exploited by an attacker to disguise a malicious application on the device...

4.6CVSS2.7AI score0.00227EPSS
Exploits0References1
Github Security Blog
Github Security Blog
added 2022/05/24 7:12 p.m.7 views

Magento has an XML Injection vulnerability

Magento Commerce versions 2.4.2 and earlier, 2.4.2-p1 and earlier and 2.3.7 and earlier are affected by an XML Injection vulnerability when saving a configurable product. An attacker with admin privileges can trigger a specially crafted script to achieve remote code execution...

9.1CVSS8.2AI score0.02894EPSS
Exploits0References3Affected Software2
OSV
OSV
added 2022/05/24 7:12 p.m.7 views

GHSA-5PJJ-7FQ8-9GPF Magento has an XML Injection vulnerability

Magento Commerce versions 2.4.2 and earlier, 2.4.2-p1 and earlier and 2.3.7 and earlier are affected by an XML Injection vulnerability when saving a configurable product. An attacker with admin privileges can trigger a specially crafted script to achieve remote code execution...

9.3CVSS8.2AI score0.02894EPSS
Exploits0References3
Github Security Blog
Github Security Blog
added 2022/05/24 5:22 p.m.25 views

Stored XSS vulnerability in Jenkins Link Column Plugin

Link Column Plugin allows users with View/Configure permission to add a new column to list views that contain a user-configurable link.\n\nLink Column Plugin 1.0 and earlier does not filter the URL for these links, allowing the javascript: scheme. This results in a stored cross-site scripting XSS...

5.4CVSS4.9AI score0.00735EPSS
Exploits0References4Affected Software1
OSV
OSV
added 2022/05/24 5:22 p.m.16 views

GHSA-Q2MM-W3QC-2936 Stored XSS vulnerability in Jenkins Link Column Plugin

Link Column Plugin allows users with View/Configure permission to add a new column to list views that contain a user-configurable link.\n\nLink Column Plugin 1.0 and earlier does not filter the URL for these links, allowing the javascript: scheme. This results in a stored cross-site scripting XSS...

6.4CVSS5.2AI score0.00735EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2022/05/04 6:22 p.m.3 views

workflow-multibranch: Pipeline-related plugins follow symbolic links or do not limit path names

A flaw was found in Jenkins. The Pipeline: Multibranch follows symbolic links to locations outside of the checkout directory for the configured SCM when reading files using the readTrusted step. This flaw allows attackers that can configure Pipelines, to read arbitrary files on the Jenkins...

6.5CVSS5.8AI score0.01786EPSS
Exploits0References4
Kitploit
Kitploit
added 2021/11/14 11:30 a.m.37 views

ChopChop - ChopChop Is A CLI To Help Developers Scanning Endpoints And Identifying Exposition Of Sensitive Services/Files/Folders

ChopChop is a command-line tool for dynamic application security testing on web applications, initially written by the Michelin CERT. Its goal is to scan several endpoints and identify exposition of services/files/folders through the webroot. Checks/Signatures are declared in a config file by...

7.6AI score
Exploits0References9
Fedora
Fedora
added 2021/09/24 8:51 p.m.40 views

[SECURITY] Fedora 35 Update: drupal7-7.82-1.fc35

Equipped with a powerful blend of features, Drupal is a Content Management System written in PHP that can support a variety of websites ranging from personal weblogs to large community-driven websites. Drupal is highly configurable, skinnable, and secure...

7.8CVSS2AI score0.84554EPSS
Exploits5
CNNVD
CNNVD
added 2021/07/21 12:0 a.m.3 views

SoSafe Configurable 代码问题漏洞

SoSafe Configurable is a software application from Schneider-electric, France. A configuration software. A code issue vulnerability exists in SoSafe Configurable that stems from code execution that could result from opening a malicious project file...

7.8CVSS7.8AI score0.00942EPSS
Exploits0References2
Rows per page
Query Builder