Lucene search
+L

62 matches found

redos
redos
added 2022/02/01 12:0 a.m.32 views

ROS-20220125-14

Lxml library vulnerability is related to insufficient cleansing of user data in the cleanup program HTML in the lxml.html file. Exploitation of the vulnerability could allow an attacker acting remotely to cause a victim to click on a specially crafted link and execute arbitrary HTML code and scri...

8.2CVSS7.6AI score0.02456EPSS
Exploits0
bdu_fstec
bdu_fstec
added 2021/10/05 12:0 a.m.7 views

The vulnerability of the highly efficient pglogical logical replication system, related to the failure to cleanse input data, allows attackers to access confidential data, compromise its integrity, and cause service failures.

The vulnerability of the highly efficient pglogical logical replication system is related to the failure to perform data cleansing on input data. Exploiting this vulnerability can allow attackers to access confidential data, compromise its integrity, and even cause service failures...

7.2CVSS6.6AI score0.0046EPSS
Exploits0References4Affected Software2
redos
redos
added 2021/09/08 12:0 a.m.6 views

ROS-2-1692

2.1692 Multiple vulnerabilities in Moodle CVE-2021-32472 - CVE-2021-32478 1. Vulnerability Description: CVE-2021-32478 A vulnerability exists due to insufficient cleansing of user-provided data at the LTI authorization endpoint. A remote attacker could trick a victim into clicking a specially...

7.5CVSS8.7AI score0.01157EPSS
Exploits0
redos
redos
added 2021/09/08 12:0 a.m.13 views

ROS-2-982

2.982 Multiple vulnerabilities in Moodle CVE-2021-32472 - CVE-2021-32478 1. Vulnerability Description: CVE-2021-32478 A vulnerability exists due to insufficient cleansing of user-provided data at the LTI authorization endpoint. A remote attacker could trick a victim into clicking a specially...

9.8CVSS8.4AI score0.23293EPSS
Exploits1
redos
redos
added 2021/09/08 12:0 a.m.25 views

ROS-2-581

2.581 Multiple Vulnerabilities in Moodle CVE-2021-32472 - CVE-2021-32478 1. Vulnerability Description: CVE-2021-32478 A vulnerability exists due to insufficient cleansing of user-provided data at the LTI authorization endpoint. A remote attacker could trick a victim into clicking a specially...

6.9AI score0.01157EPSS
Exploits0
redos
redos
added 2021/09/08 12:0 a.m.13 views

ROS-2-545

2.545 Multiple vulnerabilities in Moodle CVE-2021-32472 - CVE-2021-32478 1. Vulnerability Description: CVE-2021-32478 A vulnerability exists due to insufficient cleansing of user-provided data at the LTI authorization endpoint. A remote attacker could trick a victim into clicking a specially...

7.5CVSS8.3AI score0.01905EPSS
Exploits0
redos
redos
added 2021/09/08 12:0 a.m.5 views

ROS-2-1948

2.1948 Multiple Vulnerabilities in Moodle CVE-2021-32472 - CVE-2021-32478 1. Vulnerability Description: CVE-2021-32478 A vulnerability exists due to insufficient cleansing of user-provided data at the LTI authorization endpoint. A remote attacker could trick a victim into clicking a specially...

7.5CVSS7.6AI score0.01157EPSS
Exploits0
redos
redos
added 2021/09/08 12:0 a.m.12 views

ROS-2-1875

2.1875 Multiple vulnerabilities in Moodle CVE-2021-32472 - CVE-2021-32478 1. Vulnerability Description: CVE-2021-32478 A vulnerability exists due to insufficient cleansing of user-provided data at the LTI authorization endpoint. A remote attacker could trick a victim into clicking a specially...

7.5CVSS8.5AI score0.01905EPSS
Exploits0
redos
redos
added 2021/09/08 12:0 a.m.12 views

ROS-2-828

2.828 Multiple Vulnerabilities in Moodle CVE-2021-32472 - CVE-2021-32478 1. Vulnerability Description: CVE-2021-32478 A vulnerability exists due to insufficient cleansing of user-provided data at the LTI authorization endpoint. A remote attacker could trick a victim into clicking a specially...

7.8CVSS8.3AI score0.01236EPSS
Exploits1
redos
redos
added 2021/09/08 12:0 a.m.19 views

ROS-2-498

2.498 Multiple Vulnerabilities in Moodle CVE-2021-32472 - CVE-2021-32478 1. Vulnerability Description: CVE-2021-32478 A vulnerability exists due to insufficient cleansing of user-provided data at the LTI authorization endpoint. A remote attacker could trick a victim into clicking a specially...

7.8CVSS8.2AI score0.01236EPSS
Exploits1
cnnvd
cnnvd
added 2021/08/25 12:0 a.m.5 views

Six Apart Movable Type 跨站脚本漏洞

Six Apart Movable Type MT is a blogging system from Six Apart USA. The system includes features such as multiple users, comments, quotes, and topics. Six Apart Movable Type suffers from a cross-site scripting vulnerability that stems from the application's insufficient cleansing of user-supplied...

6.1CVSS6.4AI score0.00904EPSS
Exploits0References3
bdu_fstec
bdu_fstec
added 2021/08/13 12:0 a.m.9 views

The vulnerability of PDF viewing and editing programs such as Adobe Acrobat Document Cloud, Adobe Acrobat Reader Document Cloud, Adobe Acrobat, and Adobe Acrobat Reader lies in the lack of data cleansing measures at the management level. This allows attackers to execute arbitrary code.

The vulnerabilities of PDF viewing and editing programs such as Adobe Acrobat Document Cloud, Adobe Acrobat Reader Document Cloud, Adobe Acrobat 2019, and Adobe Acrobat Reader 2019 are related to the lack of data cleansing measures at the management level. Exploiting these vulnerabilities can all...

10CVSS8.2AI score0.06045EPSS
Exploits0References2
bdu_fstec
bdu_fstec
added 2021/08/13 12:0 a.m.8 views

The vulnerability of the ColdFusion software platform, related to the lack of measures taken to clean data at the management level, allows attackers to execute arbitrary code.

The vulnerability of the ColdFusion software platform is related to the lack of measures taken to clean data at the management level. Exploiting this vulnerability allows a malicious actor to execute arbitrary code remotely...

10CVSS8.5AI score0.44098EPSS
Exploits1References2
bdu_fstec
bdu_fstec
added 2020/07/15 12:0 a.m.7 views

The vulnerability of the SAP NetWeaver software integration platform, related to the lack of measures for cleaning input data, allows attackers to carry out cross-site scripting attacks.

The vulnerability of the SAP NetWeaver software integration platform is related to the lack of measures for cleaning incoming data. Exploiting this vulnerability allows a malicious actor to perform cross-site scripting attacks remotely...

6.4CVSS6AI score0.01064EPSS
Exploits0References4Affected Software1
bdu_fstec
bdu_fstec
added 2020/07/03 12:0 a.m.6 views

The vulnerability in the web interface for managing microprogrammed software routers of Cisco Small Business RV320, Cisco Small Business RV325, Cisco Small Business RV016, Cisco Small Business RV042, and Cisco Small Business RV082 allows a perpetrator to execute arbitrary commands.

The vulnerability of the web-based management interfaces for Cisco Small Business RV320, Cisco Small Business RV325, Cisco Small Business RV016, Cisco Small Business RV042, and Cisco Small Business RV082 is related to the lack of measures for input data cleansing. Exploiting this vulnerability...

9CVSS7.5AI score0.028EPSS
Exploits0References3Affected Software6
bdu_fstec
bdu_fstec
added 2020/06/10 12:0 a.m.7 views

The vulnerability in the Cisco IOS XE operating system’s web interface, related to insufficient validation of input data, allows attackers to compromise the confidentiality, integrity, or accessibility of protected information.

The vulnerability of the Cisco IOS XE operating system’s web interface is related to the lack of measures taken to clean data at the management level. Exploiting this vulnerability allows a remote attacker to compromise the confidentiality, integrity, or accessibility of protected information...

8.3CVSS7.2AI score0.03531EPSS
Exploits0References3Affected Software1
bdu_fstec
bdu_fstec
added 2020/05/13 12:0 a.m.5 views

The vulnerability of the Application::runExternalProgram() function, located in app/application.cpp, exposes the cross-platform BitTorrent client qBittorrent to data cleansing vulnerabilities at the operating level. This allows an intruder to gain unauthorized access to confidential data, cause service failures, or compromise data integrity.

The vulnerability of the Application::runExternalProgram function, located in app/application.cpp, in cross-platform BitTorrent clients like qBittorrent, is related to deficiencies in data cleaning measures at the management level. Exploiting this vulnerability could allow an attacker to gain...

10CVSS7.7AI score0.07913EPSS
Exploits1References9Affected Software5
bdu_fstec
bdu_fstec
added 2020/01/08 12:0 a.m.20 views

The vulnerability of the Web Intelligence HTML interface of the SAP BusinessObjects Business Intelligence platform, related to the lack of measures for cleaning incoming data, allows attackers to execute cross-site scripting attacks.

The vulnerability of the Web Intelligence HTML interface of the SAP BusinessObjects Business Intelligence platform is related to the lack of measures for cleaning incoming data. Exploiting this vulnerability allows a malicious actor to perform cross-site scripting attacks remotely...

5.5CVSS5.6AI score0.00526EPSS
Exploits0References3Affected Software1
bdu_fstec
bdu_fstec
added 2019/10/03 12:0 a.m.10 views

The vulnerability of Cisco IOS and Cisco IOS XE operating systems, related to the lack of measures for cleaning input data, allows attackers to execute cross-site scripting attacks.

The vulnerability of Cisco IOS and Cisco IOS XE systems is related to the lack of measures for cleaning incoming data. Exploiting this vulnerability allows a remote attacker to perform domain-to-domain scenario attacks using the HTTP banner parameter...

5.5CVSS5.5AI score0.00804EPSS
Exploits0References2Affected Software1
bdu_fstec
bdu_fstec
added 2017/04/03 12:0 a.m.9 views

The vulnerability of the QTS operating system allows a perpetrator to execute arbitrary commands and elevate their privileges to that of the system administrator.

The vulnerability of the QTS operating system is related to the lack of measures for cleaning input data. Exploiting this vulnerability allows a remote attacker to execute arbitrary commands and increase their privileges to that of the system administrator using undefined vectors...

10CVSS8.2AI score0.26854EPSS
Exploits5References6
Rows per page
Query Builder