Lucene search
+L

54 matches found

osv
osv
added 2021/12/27 11:15 a.m.4 views

CVE-2021-24969

The WordPress Download Manager WordPress plugin before 3.2.22 does not sanitise and escape Template data before outputting it in various pages such as admin dashboard and frontend. Due to the lack of authorisation and CSRF checks in the wpdmsavetemplate AJAX action, any authenticated users such a...

5.4CVSS6.1AI score0.006EPSS
Exploits2References1
cnvd
cnvd
added 2021/12/07 12:0 a.m.17 views

Johnson Controls exacqVision Server Information Disclosure Vulnerability

Johnson Controls exacqVision Server is a surveillance video management software from Johnson Controls, a U.S. company. Johnson Controls is vulnerable to an information disclosure vulnerability that stems from excessive data output from the application. An attacker could use this vulnerability to...

8.3CVSS2.6AI score0.01076EPSS
Exploits0
cnnvd
cnnvd
added 2021/10/05 12:0 a.m.3 views

Emerson WirelessHART Gateway 信息泄露漏洞

Emerson WirelessHART Gateway is a type of wireless gateway from Emerson Corporation. An information disclosure vulnerability exists in Emerson WirelessHART Gateway that stems from the application outputting too much data. An attacker could use this vulnerability to gain unauthorized access to...

5.5AI score
Exploits0References3
kitploit
kitploit
added 2021/07/30 12:30 p.m.865 views

Rtl_433 - Program To Decode Radio Transmissions From Devices On The ISM Bands (And Other Frequencies)

rtl433 despite the name is a generic data receiver, mainly for the 433.92 MHz, 868 MHz SRD, 315 MHz, 345 MHz, and 915 MHz ISM bands. The official source code is in the https://github.com/merbanan/rtl433/ repository. For more documentation and related projects see the https://triq.org/ site. It...

7.5AI score
Exploits0References7
cnvd
cnvd
added 2021/06/29 12:0 a.m.41 views

Linux kernel information disclosure vulnerability (CNVD-2021-60526)

Linux kernel is the kernel used by the Linux Foundation's open source operating system, Linux. Linux kernel is vulnerable due to an excessive amount of data output in the Linux kernel functions, which allows user-state applications to read the contents of a sigpage, thereby leaking the contents o...

4CVSS2AI score0.00496EPSS
Exploits1References1
nessus
nessus
added 2021/03/11 12:0 a.m.56 views

Security Update for Microsoft Power BI Report Server (March 2021)

An information disclosure vulnerability exists in Microsoft Power BI Report Server due to excessive data output by the application in Microsoft Power BI. An authenticated, remote attacker can exploit this, to disclose potentially sensitive information. Note that Nessus has not tested for this iss...

7.7CVSS7.4AI score0.02839EPSS
Exploits0References2
ptsecurity
ptsecurity
added 2020/07/03 12:0 a.m.12 views

PT-2022-9681

Name of the Vulnerable Software and Affected Versions: kubernetes affected versions not specified Description: The issue is related to the handling of raw data output to a terminal by kubectl. Specifically, it does not neutralize escape, meta, or control sequences contained in this data. This...

8.8CVSS8.1AI score0.99999EPSS
Exploits26References146
cnvd
cnvd
added 2020/05/06 12:0 a.m.2 views

BTC Public Chain Portfolio Output Overflow

The BTC public chain is an Ethernet-based public chain. There is a data output overflow vulnerability in the public chain portfolio. An attacker can exploit the vulnerability to not pay or underpay an amount...

7.1AI score
Exploits0
ubuntucve
ubuntucve
added 2018/01/10 3:29 p.m.33 views

CVE-2016-6810

In Apache ActiveMQ 5.x before 5.14.2, an instance of a cross-site scripting vulnerability was identified to be present in the web based administration console. The root cause of this issue is improper user data output validation...

6.1CVSS6.6AI score0.06093EPSS
Exploits0References2
osv
osv
added 2018/01/10 3:29 p.m.33 views

CVE-2016-6810

In Apache ActiveMQ 5.x before 5.14.2, an instance of a cross-site scripting vulnerability was identified to be present in the web based administration console. The root cause of this issue is improper user data output validation...

6.1CVSS6.1AI score0.06093EPSS
Exploits0References5
cvelist
cvelist
added 2018/01/10 3:0 p.m.23 views

CVE-2016-6810

In Apache ActiveMQ 5.x before 5.14.2, an instance of a cross-site scripting vulnerability was identified to be present in the web based administration console. The root cause of this issue is improper user data output validation...

6AI score0.06093EPSS
Exploits0References5
veracode
veracode
added 2016/12/12 7:41 a.m.30 views

Cross-site Scripting (XSS)

Apache ActiveMQ is vulnerable to cross-site scripting. It is caused by improper user data output validation in the web based administration console...

6.1CVSS6.2AI score0.06093EPSS
Exploits0References3Affected Software1
n0where
n0where
added 2015/05/08 2:41 p.m.27 views

focused Web Crawler: ACHE

ACHE is a focused Web crawler that can be customized to search for pages the belong to a given topic or have a given property. To configure ACHE, you need to: define a topic of interest e.g., Ebola, terrorism, cooking recipes; create a model to detect Web pages that belong to this topic; and...

0.8AI score
Exploits0References2
redos
redos
added 1976/01/01 12:0 a.m.12 views

ROS-2-1459

2.1459 Multiple vulnerabilities in Moodle CVE-2021-32472 - CVE-2021-32478 1. Vulnerability Description: CVE-2021-32478 A vulnerability exists due to insufficient cleansing of user-provided data at the LTI authorization endpoint. A remote attacker could trick a victim into clicking a specially...

7.5CVSS8.4AI score0.01157EPSS
Exploits0
Rows per page
Query Builder