Lucene search
+L

92 matches found

bdu_fstec
bdu_fstec
added 2024/04/02 12:0 a.m.5 views

The vulnerability of Adobe Experience Manager’s content and media data management system, which stems from the lack of measures taken to protect the website structure, allows attackers to execute arbitrary code.

The vulnerability of the Adobe Experience Manager content and media data management system exists due to the lack of measures taken to protect the website structure. Exploiting this vulnerability could allow a malicious actor to execute arbitrary code remotely...

5.5CVSS5.9AI score0.00427EPSS
Exploits0References3Affected Software1
bdu_fstec
bdu_fstec
added 2024/04/02 12:0 a.m.10 views

The vulnerability of Adobe Experience Manager’s content and media data management system, which stems from the lack of measures taken to protect the website structure, allows attackers to execute arbitrary code.

The vulnerability of the Adobe Experience Manager content and media data management system exists due to the lack of measures taken to protect the website structure. Exploiting this vulnerability could allow a malicious actor to execute arbitrary code remotely...

5.5CVSS5.9AI score0.00427EPSS
Exploits0References3Affected Software1
vulnrichment
vulnrichment
added 2024/03/27 1:1 p.m.31 views

CVE-2024-27091 GeoNode stored XSS to full account takeover

GeoNode is a geospatial content management system, a platform for the management and publication of geospatial data. An issue exists within GEONODE where the current rich text editor is vulnerable to Stored XSS. The applications cookies are set securely, but it is possible to retrieve a victims...

6.1CVSS6.5AI score0.00376EPSS
Exploits0References2
cnnvd
cnnvd
added 2024/03/13 12:0 a.m.6 views

CKAN Log Information Disclosure Vulnerability

CKAN is an open source Dms data management system. It is used to power data centers and data portals. A security vulnerability exists in CKAN 2.0 and later versions that stems from a log injection vulnerability in the reset user endpoint...

5.3CVSS7.1AI score0.00434EPSS
Exploits0References3
bdu_fstec
bdu_fstec
added 2024/01/11 12:0 a.m.6 views

The vulnerability of Adobe Experience Manager’s content and media data management system, related to the lack of measures taken to protect the website structure, allows attackers to execute XSS attacks.

The vulnerability of the Adobe Experience Manager content and media data management system is related to the lack of measures taken to protect the website structure. Exploiting this vulnerability could allow a malicious actor to carry out XSS attacks...

5.5CVSS5.9AI score0.00562EPSS
Exploits0References3Affected Software1
bdu_fstec
bdu_fstec
added 2024/01/11 12:0 a.m.7 views

The vulnerability of Adobe Experience Manager’s content and media data management system, related to the lack of measures taken to protect the website structure, allows attackers to execute XSS attacks.

The vulnerability of the Adobe Experience Manager content and media data management system is related to the lack of measures taken to protect the website structure. Exploiting this vulnerability could allow a malicious actor to carry out XSS attacks...

5.5CVSS5.9AI score0.00597EPSS
Exploits0References3Affected Software1
bdu_fstec
bdu_fstec
added 2024/01/06 12:0 a.m.5 views

The vulnerability of Adobe Experience Manager’s content and media data management system, related to the lack of measures taken to protect the website structure, allows attackers to carry out XSS attacks.

The vulnerability of the Adobe Experience Manager content and media data management system is related to the lack of measures taken to protect the website structure. Exploiting this vulnerability could allow a malicious actor to carry out XSS attacks...

5.5CVSS5.9AI score0.00597EPSS
Exploits0References2Affected Software1
bdu_fstec
bdu_fstec
added 2024/01/05 12:0 a.m.8 views

The vulnerability of Adobe Experience Manager’s content and media data management system, related to the lack of measures taken to protect the website structure, allows attackers to carry out XSS attacks.

The vulnerability of the Adobe Experience Manager content and media data management system is related to the lack of measures taken to protect the website structure. Exploiting this vulnerability could allow a malicious actor to carry out XSS attacks...

5.5CVSS5.5AI score0.00603EPSS
Exploits1References3Affected Software1
bdu_fstec
bdu_fstec
added 2024/01/02 12:0 a.m.8 views

The vulnerability of Adobe Experience Manager’s content and media data management system, related to the lack of measures taken to protect the website structure, allows attackers to carry out XSS attacks.

The vulnerability of the Adobe Experience Manager content and media data management system is related to the lack of measures taken to protect the website structure. Exploiting this vulnerability could allow a malicious actor to carry out XSS attacks...

5.5CVSS5.9AI score0.00597EPSS
Exploits0References2Affected Software1
bdu_fstec
bdu_fstec
added 2023/12/21 12:0 a.m.6 views

The vulnerability of Adobe Experience Manager’s content and media data management system, which stems from the lack of measures taken to protect the website structure, allows attackers to carry out cross-site scripting attacks.

The vulnerability of Adobe Experience Manager’s content and media data management system exists due to the lack of measures taken to protect the website structure. Exploiting this vulnerability allows a malicious actor to carry out XSS attacks based on DOM...

5.5CVSS5.9AI score0.00597EPSS
Exploits0References2Affected Software1
bdu_fstec
bdu_fstec
added 2023/12/19 12:0 a.m.6 views

The vulnerability of the Adobe Experience Manager (AEM) content and media data management system, related to the lack of measures taken to protect the website structure, allows a perpetrator to execute arbitrary code.

The vulnerability of the Adobe Experience Manager AEM content and media data management system is related to the lack of measures taken to protect the structure of web pages. Exploiting this vulnerability could allow a malicious actor to execute arbitrary code remotely...

5.5CVSS6.3AI score0.00597EPSS
Exploits0References3Affected Software1
bdu_fstec
bdu_fstec
added 2023/12/19 12:0 a.m.7 views

The vulnerability of the Adobe Experience Manager (AEM) content and media data management system, related to the lack of measures taken to protect the website structure, allows a perpetrator to execute arbitrary code.

The vulnerability of the Adobe Experience Manager AEM content and media data management system is related to the lack of measures taken to protect the structure of web pages. Exploiting this vulnerability could allow a malicious actor to execute arbitrary code remotely...

5.5CVSS6.3AI score0.00597EPSS
Exploits0References3Affected Software1
bdu_fstec
bdu_fstec
added 2023/12/19 12:0 a.m.5 views

The vulnerability of the Adobe Experience Manager (AEM) content and media data management system, related to the lack of measures taken to protect the website structure, allows a perpetrator to execute arbitrary code.

The vulnerability of the Adobe Experience Manager AEM content and media data management system is related to the lack of measures taken to protect the structure of web pages. Exploiting this vulnerability could allow a malicious actor to execute arbitrary code remotely...

5.5CVSS6.3AI score0.00597EPSS
Exploits0References3Affected Software1
bdu_fstec
bdu_fstec
added 2023/12/19 12:0 a.m.7 views

The vulnerability of the Adobe Experience Manager (AEM) content and media data management system, related to the lack of measures taken to protect the website structure, allows a perpetrator to execute arbitrary code.

The vulnerability of the Adobe Experience Manager AEM content and media data management system is related to the lack of measures taken to protect the structure of web pages. Exploiting this vulnerability could allow a malicious actor to execute arbitrary code remotely...

4.8CVSS6.3AI score0.00597EPSS
Exploits0References2Affected Software1
bdu_fstec
bdu_fstec
added 2023/12/18 12:0 a.m.11 views

The vulnerability of the Adobe Experience Manager (AEM) content and media data management system, related to the lack of measures taken to protect the website structure, allows a perpetrator to execute arbitrary code.

The vulnerability of the Adobe Experience Manager AEM content and media data management system is related to the lack of measures taken to protect the structure of web pages. Exploiting this vulnerability could allow a malicious actor to execute arbitrary code remotely...

5.5CVSS6.3AI score0.00597EPSS
Exploits0References3Affected Software1
cve
cve
added 2023/12/13 8:47 p.m.56 views

CVE-2023-50248

CKAN vulnerability CVE-2023-50248 affects versions 2.0.0 up to prior to 2.9.10 and 2.10.3. When a user with dataset-create/edit permissions submits a POST to /dataset/new with a specially crafted field (auth cookie or Authorization header), the hosting server can trigger an out-of-memory error. T...

6.5CVSS5.4AI score0.00576EPSS
Exploits0References2Affected Software1
cvelist
cvelist
added 2023/12/13 8:47 p.m.27 views

CVE-2023-50248 CKAN out of memory error when submitting the dataset form with a specially-crafted field

CKAN is an open-source data management system for powering data hubs and data portals. Starting in version 2.0.0 and prior to versions 2.9.10 and 2.10.3, when submitting a POST request to the /dataset/new endpoint including either the auth cookie or the Authorization header with a specially-craft...

4.5CVSS6.6AI score0.00576EPSS
Exploits0References2
cnnvd
cnnvd
added 2023/12/13 12:0 a.m.6 views

CKAN Security Vulnerabilities

CKAN is an open source Dms data management system. It is used to power data centers and data portals. CKAN has a security vulnerability that stems from the fact that an attacker can create an out of memory error in the hosting server...

6.5CVSS6.8AI score0.00576EPSS
Exploits0References3
cvelist
cvelist
added 2023/05/30 6:33 p.m.21 views

CVE-2023-32696 Excessive permissions for ckan user

CKAN is an open-source data management system for powering data hubs and data portals. Prior to versions 2.9.9 and 2.10.1, the ckan user equivalent to www-data owned code and configuration files in the docker container and the ckan user had the permissions to use sudo. These issues allowed for co...

8.8CVSS9.3AI score0.00794EPSS
Exploits0References2
cvelist
cvelist
added 2023/05/26 10:57 p.m.50 views

CVE-2023-32321 CKAN remote code execution and private information access via crafted resource ids

CKAN is an open-source data management system for powering data hubs and data portals. Multiple vulnerabilities have been discovered in Ckan which may lead to remote code execution. An arbitrary file write in resourcecreate and packageupdate actions, using the ResourceUploader object. Also...

9.8CVSS10AI score0.01684EPSS
Exploits0References2
Rows per page
Query Builder