Lucene search
K

41 matches found

OpenVAS
OpenVAS
added 2021/10/29 12:0 a.m.25 views

Apache Tomcat 5.5.x < 5.5.32, 7.0.x < 7.0.6 XSS Vulnerability - Linux

Apache Tomcat is prone to a cross-site scripting XSS vulnerability. Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free...

4.3CVSS4.2AI score0.10228EPSS
Exploits2References2
Huntr
Huntr
added 2021/06/24 8:25 p.m.12 views

in phpservermon/phpservermon

✍️ Description The program creates a cookie without setting the secure flag to true. Modern web browsers support a secure flag for each cookie. If the flag is set, the browser will only send the cookie over HTTPS. Sending cookies over an unencrypted channel can expose them to network sniffing...

0.2AI score
Exploits0References1
CNNVD
CNNVD
added 2021/05/18 12:0 a.m.6 views

Emerson Rosemount X-STREAM Gas Analyzer 跨站脚本漏洞

The Emerson Rosemount X-STREAM Gas Analyzer is an Emerson gas analyzer for industrial environments. The device supports up to five component gas analyzers and features NDIR/UV/VIS photometry, paramagnetic and electrochemical O2, thermal conductivity and humidity sensors. A cross-site scripting...

6.1CVSS5.2AI score0.00642EPSS
Exploits0References4
CNVD
CNVD
added 2021/04/13 12:0 a.m.9 views

Unspecified Vulnerability in IBM Jazz Team Server (CNVD-2021-29110)

IBM Jazz Team Server is an application server from IBM USA. Provides base services that enable a group of tools to work together as a single logical server and includes any number of Jazz Team Server Extensions that provide tool-specific functionality. A security vulnerability exists in IBM Jazz...

4.3CVSS6.3AI score0.00638EPSS
Exploits0References1
NVD
NVD
added 2020/07/01 3:15 p.m.24 views

CVE-2020-5905

In version 11.6.1-11.6.5.2 of the BIG-IP system Configuration utility Network WCCP page, the system does not sanitize all user-provided data before display...

6CVSS0.00681EPSS
Exploits0References2
OSV
OSV
added 2020/07/01 3:15 p.m.3 views

CVE-2020-5905

In version 11.6.1-11.6.5.2 of the BIG-IP system Configuration utility Network WCCP page, the system does not sanitize all user-provided data before display...

4.3CVSS5.8AI score0.00681EPSS
Exploits0References2
Friends Of PHP
Friends Of PHP
added 2020/03/05 5:34 p.m.31 views

SQL injection relating to data display

More info at https://www.phpmyadmin.net/security/PMASA-2020-4/...

5.4CVSS7.2AI score0.01593EPSS
Exploits0Affected Software1
Positive Technologies
Positive Technologies
added 2019/08/10 12:0 a.m.6 views

PT-2019-13634 · Shapeshift · Keepkey

Name of the Vulnerable Software and Affected Versions: ShapeShift KeepKey devices affected versions not specified Description: A side channel vulnerability was discovered related to the row-based OLED display on ShapeShift KeepKey devices. The power consumption of each display cycle varies based ...

2.4CVSS6.9AI score0.00347EPSS
Exploits0References2
CNVD
CNVD
added 2019/01/28 12:0 a.m.2 views

IBM QRadar SIEM Content Spoofing Vulnerability

IBM QRadar SIEM is an IBM USA solution that utilizes security intelligence to protect assets and information from advanced threats. The solution provides oversight of the entire scope of the IT architecture, generates detailed reports on data access and user activity, and more. A security...

5.3CVSS6.5AI score0.01654EPSS
Exploits0References1
CNVD
CNVD
added 2017/10/10 12:0 a.m.4 views

Red Hat FreeIPA Design Vulnerability

Red Hat FreeIPA is an integrated security information management solution from Red Hat, Inc. The solution provides an easy-to-manage identity, policy and audit IPA suite for Linux and Unix computer networks. A security vulnerability exists in Red Hat FreeIPA. An attacker could exploit this...

7.5CVSS7.2AI score0.01065EPSS
Exploits1References1
UbuntuCve
UbuntuCve
added 2017/09/20 4:29 p.m.26 views

CVE-2015-5179

FreeIPA might display user data improperly via vectors involving non-printable characters...

7.5CVSS7.1AI score0.01065EPSS
Exploits1References1
Cvelist
Cvelist
added 2017/09/20 4:0 p.m.20 views

CVE-2015-5179

FreeIPA might display user data improperly via vectors involving non-printable characters...

7.5AI score0.01065EPSS
Exploits1References2
CNVD
CNVD
added 2017/07/28 12:0 a.m.4 views

Zoho ManageEngine Event Log Analyzer Cross-Site Scripting Vulnerability (CNVD-2017-26266)

Zoho ManageEngine Event Log Analyzer is the United States ZhuoHao Zoho company's set of systems, event log analysis software. A cross-site scripting vulnerability exists in the search and display of event data in Zoho ManageEngine Event Log Analyzer versions 11.4 and 11.5. A remote attacker can...

6.1CVSS6AI score0.01265EPSS
Exploits1References1
NVD
NVD
added 2017/07/17 1:18 p.m.18 views

CVE-2017-1000012

MySQL Dumper version 1.24 is vulnerable to stored XSS when displaying the data in the database to the user...

6.1CVSS6AI score0.00757EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2017/02/03 3:53 p.m.26 views

CVE-2017-5341

Multiple out of bounds read and integer overflow vulnerabilities were found in tcpdump affecting the decoding of various protocols. An attacker could create a crafted pcap file or send specially crafted packets to the network segment where tcpdump is running in live capture mode without -w which...

9.8CVSS1.4AI score0.05333EPSS
Exploits0References1
Citrix
Citrix
added 2016/11/03 12:0 a.m.10 views

How to Troubleshoot Citrix ADC(NetScaler) Reporting Tab Related Issues

This article describes how to troubleshoot NetScaler Reporting tab related issues. An example scenario used in this article is when users go to Reporting tab on NetScaler and it does show any data or reports...

7.1AI score
Exploits0
Fedora
Fedora
added 2013/06/18 6:22 a.m.30 views

[SECURITY] Fedora 19 Update: rrdtool-1.4.8-2.fc19

RRD is the Acronym for Round Robin Database. RRD is a system to store and display time-series data i.e. network bandwidth, machine-room temperature, server load average. It stores the data in a very compact way that will not expand over time, and it presents useful graphs by processing the data t...

5CVSS1AI score0.10912EPSS
Exploits0
OpenVAS
OpenVAS
added 2009/02/27 12:0 a.m.43 views

CentOS Update for firefox CESA-2008:0549 centos3 i386

Check for the Version of firefox OpenVAS Vulnerability Test CentOS Update for firefox CESA-2008:0549 centos3 i386 Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it...

10CVSS0.3AI score0.13949EPSS
Exploits2References2
NVD
NVD
added 2006/12/27 1:28 a.m.21 views

CVE-2006-6753

Event Viewer eventvwr.exe in Microsoft Windows does not properly display log data that contains '%' percent characters, which might make it impossible to use Event Viewer to determine the actual data that triggered an event, and might produce long strings that are not properly handled by certain...

4.1CVSS6.4AI score0.01586EPSS
Exploits0References5
CVE
CVE
added 2006/12/27 1:0 a.m.40 views

CVE-2006-6753

Event Viewer (eventvwr.exe) in Microsoft Windows is affected by a parsing issue when log data contains '%' characters. The vulnerability, as described in the CVE-2006-6753 entry, states that logs with '%' may not be displayed correctly, potentially preventing users from determining the actual dat...

4.1CVSS6.8AI score0.01586EPSS
Exploits0References5Affected Software1
Rows per page
Query Builder