Lucene search
K

209 matches found

OSV
OSV
added 2025/04/14 9:15 p.m.7 views

CVE-2022-43847

IBM Aspera Console 3.4.0 through 3.4.4 is vulnerable to HTTP header injection, caused by improper validation of input by the HOST headers. This could allow an attacker to conduct various attacks against the vulnerable system, including cross-site scripting, cache poisoning or session hijacking...

5.4CVSS5.3AI score0.00202EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/04/04 12:0 a.m.4 views

Bitdefender GravityZone Console 代码问题漏洞

Bitdefender GravityZone Console is a centralized cybersecurity management platform from Bitdefender Romania, designed to provide organizations with full visibility and control over their security infrastructure. A code issue vulnerability exists in Bitdefender GravityZone Console versions prior t...

7.3CVSS7.2AI score0.00369EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/03/22 12:23 p.m.25 views

CVE-2025-26796 Apache Oozie: XSS in Oozie Web Console

UNSUPPORTED WHEN ASSIGNED Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Apache Oozie. This issue affects Apache Oozie: all versions. As this project is retired, we do not plan to release a version that fixes this issue. Users are recommended t...

0.00466EPSS
Exploits0References1
OSV
OSV
added 2025/03/19 9:30 p.m.2 views

GHSA-69X5-HJG4-M267 OpenShift Console Has a Path Traversal Vulnerability

A flaw was found in the OpenShift Console, an endpoint for plugins to serve resources in multiple languages: /locales/resources.json. This endpoint's lng and ns parameters are used to construct a filepath in pkg/plugins/handlers unsafely.goL112 Because of this unsafe filepath construction, an...

4.3CVSS6.8AI score0.00465EPSS
Exploits0References5
CNNVD
CNNVD
added 2025/03/19 12:0 a.m.3 views

Red Hat OpenShift Console 路径遍历漏洞

Red Hat OpenShift Console is an OpenShift console from Red Hat, Inc. A path traversal vulnerability exists in Red Hat OpenShift Console that stems from an insecure file path construction, which could allow an authenticated user to retrieve an arbitrary JSON file on the console by manipulating the...

4.3CVSS5.1AI score0.00465EPSS
Exploits0References3
Veracode
Veracode
added 2025/03/18 2:47 a.m.7 views

Cross-Site Scripting (XSS)

org.apache.felix, org.apache.felix.http.webconsoleplugin is vulnerable to cross-site scripting XSS. The vulnerability is due to improper neutralization of user input during web page generation, allowing an attacker to inject and execute malicious scripts in a victim’s browser through improperly...

5.6CVSS6.2AI score0.00512EPSS
Exploits0References4Affected Software1
Cvelist
Cvelist
added 2025/02/18 5:54 p.m.11 views

CVE-2024-4028 Keycloak-core: stored xss in keycloak when creating a items in admin console

A vulnerability was found in Keycloak. This issue may allow a privileged attacker to use a malicious payload as the permission while creating items Resource and Permissions from the admin console, leading to a stored cross-site scripting XSS attack...

3.8CVSS0.00278EPSS
Exploits0References2
Citrix
Citrix
added 2025/02/18 7:13 a.m.17 views

NetScaler Console and NetScaler Agent Security Bulletin for CVE-2024-12284

Description of Problem A vulnerability has been discovered in NetScaler Console formerly NetScaler ADM and NetScaler Agent. Refer to below for further details: Affected Versions The following supported versions of NetScaler Console and NetScaler Agent are affected: NetScaler Console 14.1 BEFORE...

8.8CVSS9.9AI score0.11919EPSS
Exploits0Affected Software2
NVD
NVD
added 2025/01/29 11:15 a.m.18 views

CVE-2025-0617

An attacker with access to an HX 10.0.0 and previous versions, may send specially-crafted data to the HX console. The malicious detection would then trigger file parsing containing exponential entity expansions in the consumer process thus causing a Denial of Service...

5.9CVSS0.0038EPSS
Exploits0References1
CVE
CVE
added 2025/01/29 10:8 a.m.88 views

CVE-2025-0617

CVE-2025-0617 affects Trellix HX (HX console) for version 10.0.0 and earlier. The vulnerability arises when an attacker with access to the HX console sends specially crafted data, triggering file parsing that allows exponential entity expansions in the consumer process, resulting in a Denial of S...

5.9CVSS5.9AI score0.0038EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/01/29 12:0 a.m.7 views

PT-2025-3984 · Hx · Hx

Name of the Vulnerable Software and Affected Versions: HX versions 10.0.0 and earlier Description: An attacker with access to the vulnerable software may send specially-crafted data to the HX console. The malicious detection would then trigger file parsing containing exponential entity expansions...

5.9CVSS6.9AI score0.0038EPSS
Exploits0References6
vulnersOsv
vulnersOsv
added 2025/01/16 7:5 p.m.5 views

org.jboss.hal:hal-standalone (>=3.5.0.Final <=3.7.19.Final) potentially affected by CVE-2025-23366 via org.jboss.hal:hal-console (>=3.5.0.Final <=3.7.6.Final)

org.jboss.hal:hal-console MAVEN version =3.5.0.Final, =3.5.0.Final, =3.7.19.Final Source cves: CVE-2025-23366 Source advisory: OSV:GHSA-JHVJ-F397-8W6Q...

6.5CVSS6.5AI score0.00426EPSS
Exploits0
BDU FSTEC
BDU FSTEC
added 2024/12/25 12:0 a.m.6 views

The vulnerability of the console-based MPEG audio player mpg123, related to the ability to write beyond the allocated memory, allows a hacker to execute arbitrary code or cause a service failure.

The vulnerability of the console-based MPEG audio player mpg123 lies in its ability to write beyond the allocated memory boundaries. Exploiting this vulnerability allows an attacker to execute arbitrary code or cause system failures...

6.7CVSS7.1AI score0.00348EPSS
Exploits0References11Affected Software7
vulnersOsv
vulnersOsv
added 2024/12/23 8:15 p.m.6 views

org.jboss.hal:hal-standalone (>=3.5.0.Final <=3.7.19.Final) potentially affected by unknown CVE via org.jboss.hal:hal-console (>=3.5.0.Final <=3.7.6.Final)

org.jboss.hal:hal-console MAVEN version =3.5.0.Final, =3.5.0.Final, =3.7.19.Final Source cves: unknown CVE Source advisory: OSV:GHSA-64GP-R758-8PFM...

5.8AI score
Exploits0
BDU FSTEC
BDU FSTEC
added 2024/11/08 12:0 a.m.7 views

The vulnerability of the Intel Raid Web Console web console, related to deficiencies in access control, allows attackers to disclose protected information.

The vulnerability of the Intel Raid Web Console web console relates to deficiencies in access control. Exploiting this vulnerability could allow an attacker to disclose protected information...

3.3CVSS5.4AI score0.00153EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2024/11/08 12:0 a.m.8 views

The vulnerability of the Intel Raid Web Console web console, related to deficiencies in access control, allows a intruder to trigger a service failure.

The vulnerability of the Intel Raid Web Console web console relates to deficiencies in access control. Exploiting this vulnerability could allow a malicious actor to cause service interruptions...

6.5CVSS5.5AI score0.00226EPSS
Exploits0References3
BDU FSTEC
BDU FSTEC
added 2024/10/29 12:0 a.m.6 views

The vulnerability of the Dell OpenManage Enterprise console, related to the lack of protective measures for the SQL query structure, allows a perpetrator to gain unauthorized access to protected information.

The vulnerability of the Dell OpenManage Enterprise system management console is related to the lack of protective measures for the SQL query structure. Exploiting this vulnerability could allow an attacker to gain unauthorized access to protected information...

4.3CVSS5.6AI score0.00312EPSS
Exploits0References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2024/10/23 12:0 a.m.8 views

The vulnerability of the Console component of the Oracle WebLogic Server application server, a software platform of Oracle Fusion Middleware, allows a perpetrator to cause a service failure.

The vulnerability of the Console component of the Oracle WebLogic Server application server software, part of the Oracle Fusion Middleware platform, relates to improper cleaning or release of resources due to copying of buffers without checking the size of the input data. Exploiting this...

7.8CVSS7.6AI score0.00657EPSS
Exploits0References4Affected Software1
Tenable Nessus
Tenable Nessus
added 2024/10/17 12:0 a.m.145 views

Oracle WebLogic Server (October 2024 CPU)

The 12.2.1.4.0 and 14.1.1.0.0 versions of WebLogic Server installed on the remote host are affected by multiple vulnerabilities as referenced in the October 2024 CPU advisory: - Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware component: Core. Supported versions tha...

9.8CVSS6.6AI score0.01939EPSS
Exploits0References8
CNNVD
CNNVD
added 2024/09/25 12:0 a.m.5 views

Dover Fueling Solutions ProGauge MAGLINK LX CONSOLE 命令注入漏洞

The Dover Fueling Solutions ProGauge MAGLINK LX CONSOLE DFS ProGauge MAGLINK LX CONSOLE is an industrial console from Dover Fueling Solutions, Inc. designed for expansion. A command injection vulnerability exists in Dover Fueling Solutions ProGauge MAGLINK LX CONSOLE version 3.4.2.2.6 and prior...

10CVSS7.7AI score0.00788EPSS
Exploits0References2
Rows per page
Query Builder