Lucene search
K

208 matches found

Vulnrichment
Vulnrichment
added 2025/09/29 12:0 a.m.4 views

CVE-2025-57483

A reflected cross-site scripting XSS vulnerability in tawk.to chatbox widget v4 allows attackers to execute arbitrary Javascript in the context of the user's browser via injecting a crafted payload into the vulnerable parameter...

5.6AI score0.00275EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/09/03 12:0 a.m.4 views

Linux Distros Unpatched Vulnerability : CVE-2017-11183

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - front/backup.php in GLPI before 9.1.5 allows remote authenticated administrators to delete arbitrary files via a crafted file parameter. CVE-2017-11183 Note tha...

5.5CVSS6.2AI score0.01309EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/08/18 12:0 a.m.6 views

Linux Distros Unpatched Vulnerability : CVE-2021-30020

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the function gfhevcreadppsbsinternal function in mediatools/avparsers.c in GPAC 1.0.1 there is a loop, which with crafted file, pps-numtilecolumns may be...

5.5CVSS6.6AI score0.00911EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2025/06/16 11:28 a.m.2 views

Astra Linux – Vulnerability in libfcgi

FastCGI fcgid2 also known as fcgi versions 2.x through 2.4.4 have a integer overflow vulnerability resulting in a heap-based buffer overflow due to crafted values for nameLen or valueLen in the data sent to the IPC socket. This issue occurs in the ReadParams function in fcgiapp.c...

9.3CVSS7.5AI score0.00566EPSS
Exploits0References3
VulnCheck KEV
VulnCheck KEV
added 2025/06/07 12:0 a.m.6 views

VulnCheck KEV: CVE-2024-52763

A cross-site scripting XSS vulnerability in the component /graphallperiods.php of Ganglia-web v3.73 to v3.75 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the "g" parameter...

5.4CVSS5.9AI score0.00628EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/22 11:13 a.m.9 views

CVE-2013-4615

The Canon MG3100, MG5300, MG6100, MP495, MX340, MX870, MX890, MX920, and MX922 printers allow remote attackers to cause a denial of service device hang via a crafted LANTXT24 parameter to English/pagesMacUS/cgilan.cgi followed by a direct request to English/pagesMacUS/lansetcontent.html. NOTE: th...

5CVSS6.8AI score0.15641EPSS
Exploits3References1
RedhatCVE
RedhatCVE
added 2025/05/22 4:13 a.m.7 views

CVE-2013-1647

Multiple CRLF injection vulnerabilities in Open-Xchange Server before 6.20.7 rev14, 6.22.0 before rev13, and 6.22.1 before rev14 allow remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via a crafted parameter, as demonstrated by 1 the location parameter...

5CVSS7.4AI score0.01797EPSS
Exploits5References1
RedhatCVE
RedhatCVE
added 2025/05/21 9:2 p.m.12 views

CVE-2009-3113

Unspecified vulnerability in OXID eShop Professional, Enterprise, and Community Edition before 4.1.2, 3.x, and 2.x allows remote attackers to gain write access to product reviews via a crafted parameter...

5CVSS7.2AI score0.00949EPSS
Exploits0References1
BDU FSTEC
BDU FSTEC
added 2025/04/28 12:0 a.m.7 views

The vulnerability of the ReadParams function in the implementation of the FastCGI protocol, provided by the fcgii2 library (fcgi), allows a hacker to execute arbitrary code.

The vulnerability of the ReadParams function in the FastCGI protocol implementation of the fcgii2 fcgi library is related to integer overflow. Exploiting this vulnerability allows a malicious actor to execute arbitrary code by sending requests containing specially crafted values for parameters...

10CVSS7.6AI score0.00566EPSS
Exploits0References9Affected Software4
Vulnrichment
Vulnrichment
added 2024/11/26 7:38 a.m.19 views

CVE-2024-36251

The web interface of the affected devices process some crafted HTTP requests improperly, leading to a device crash. More precisely, a crafted parameter to billcodedefsubsel.html is not processed properly and device-crash happens. As for the details of affected product names, model numbers, and...

7.5CVSS7AI score0.03521EPSS
Exploits1References6
BDU FSTEC
BDU FSTEC
added 2024/10/03 12:0 a.m.6 views

The vulnerability of Siemens Solid Edge’s design and simulation tools relates to the execution of operations beyond the buffer boundaries in memory. This allows attackers to execute arbitrary code.

The vulnerability of Siemens Solid Edge’s design and simulation tools relates to the execution of operations beyond the buffer boundaries in memory. Exploiting this vulnerability can allow attackers to execute arbitrary code using specially crafted PAR files...

7.8CVSS6.4AI score0.00235EPSS
Exploits0References2
NVD
NVD
added 2024/08/26 7:15 a.m.43 views

CVE-2024-45256

An arbitrary file write issue in the exfiltration endpoint in BYOB Build Your Own Botnet 2.0 allows attackers to overwrite SQLite databases and bypass authentication via an unauthenticated HTTP request with a crafted parameter. This occurs in fileadd in api/files/routes.py...

9.8CVSS0.05635EPSS
Exploits3References3
CVE
CVE
added 2024/08/26 12:0 a.m.141 views

CVE-2024-45256

CVE-2024-45256 affects BYOB (Build Your Own Botnet) 2.0. The issue is an arbitrary file write in the exfiltration endpoint (file_add in api/files/routes.py) that lets unauthenticated attackers overwrite SQLite databases and bypass authentication via a crafted HTTP parameter. Several sources confi...

9.8CVSS7.6AI score0.05635EPSS
Exploits3References3
Cvelist
Cvelist
added 2024/04/11 12:0 a.m.23 views

CVE-2024-30916

An issue was discovered in eProsima FastDDS v.2.14.0 and before, allows a local attacker to cause a denial of service DoS and obtain sensitive information via a crafted maxsamples parameter in DurabilityService QoS component...

6.4AI score0.00235EPSS
Exploits1References1
NVD
NVD
added 2024/03/28 8:15 a.m.25 views

CVE-2024-2818

An issue has been discovered in GitLab CE/EE affecting all versions before 16.8.5, all versions starting from 16.9 before 16.9.3, all versions starting from 16.10 before 16.10.1. It was possible for an attacker to cause a denial of service using malicious crafted description parameter for labels...

6.5CVSS4.6AI score0.00945EPSS
Exploits0References1
BDU FSTEC
BDU FSTEC
added 2024/01/15 12:0 a.m.8 views

The vulnerability of Siemens Solid Edge’s design and simulation tools relates to the execution of operations beyond the buffer boundaries in memory. This allows attackers to execute arbitrary code.

The vulnerability of Siemens Solid Edge’s design and simulation tools relates to the execution of operations beyond the buffer boundaries in memory. Exploiting this vulnerability can allow attackers to execute arbitrary code using specially crafted PAR files...

7.8CVSS8AI score0.00201EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2024/01/15 12:0 a.m.4 views

The vulnerability of Siemens Solid Edge’s design and simulation tools relates to writing beyond buffer boundaries in memory, allowing a hacker to execute arbitrary code.

The vulnerability of Siemens Solid Edge’s design and simulation tools relates to the writing of code beyond buffer boundaries in memory. Exploiting this vulnerability can allow attackers to execute arbitrary code using specially crafted PAR files...

7.8CVSS7.8AI score0.00204EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2023/11/04 12:0 a.m.12 views

CVE-2023-46981

SQL injection vulnerability in Novel-Plus v.4.2.0 allows a remote attacker to execute arbitrary code via a crafted script to the sort parameter in /common/log/list...

8.8AI score0.01119EPSS
Exploits1References1
BDU FSTEC
BDU FSTEC
added 2023/11/02 12:0 a.m.10 views

The vulnerability of Siemens Solid Edge’s design and simulation tools relates to reading beyond the memory boundary, allowing a malicious actor to execute arbitrary code.

The vulnerability of Siemens Solid Edge’s design and simulation tools is related to reading beyond the memory limit. Exploiting this vulnerability can allow an attacker to execute arbitrary code using specially created PAR files...

7.8CVSS7.6AI score0.00217EPSS
Exploits0References3
BDU FSTEC
BDU FSTEC
added 2023/11/02 12:0 a.m.7 views

The vulnerability of Siemens Solid Edge’s design and simulation tools relates to reading beyond the memory boundary, allowing a malicious actor to execute arbitrary code.

The vulnerability of Siemens Solid Edge’s design and simulation tools is related to reading beyond the memory limit. Exploiting this vulnerability can allow an attacker to execute arbitrary code using specially created PAR files...

7.8CVSS7.6AI score0.00217EPSS
Exploits0References3
Rows per page
Query Builder