Lucene search
+L

64 matches found

NVD
NVD
added 2025/08/27 5:15 p.m.6 views

CVE-2025-20262

A vulnerability in the Protocol Independent Multicast Version 6 PIM6 feature of Cisco Nexus 3000 Series Switches and Cisco Nexus 9000 Series Switches in standalone NX-OS mode could allow an authenticated, low-privileged, remote attacker to trigger a crash of the PIM6 process, resulting in a denia...

5CVSS0.00321EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/08/27 4:23 p.m.22 views

CVE-2025-20262 Cisco Nexus 3000 and 9000 Series Switches Protocol Independent Multicast Version 6 Denial of Service Vulnerability

A vulnerability in the Protocol Independent Multicast Version 6 PIM6 feature of Cisco Nexus 3000 Series Switches and Cisco Nexus 9000 Series Switches in standalone NX-OS mode could allow an authenticated, low-privileged, remote attacker to trigger a crash of the PIM6 process, resulting in a denia...

5CVSS0.00321EPSS
Exploits0References1
CVE
CVE
added 2025/08/27 4:23 p.m.22 views

CVE-2025-20262

CVE-2025-20262 affects Cisco Nexus 3000/9000 NX-OS standalone in PIM6. The issue arises from improper processing of PIM6 ephemeral data queries, allowing an authenticated, low-privileged remote attacker to crash the PIM6 process and cause DoS via adjacency flaps and DoS of PIM6/ephemeral query pr...

5CVSS6.8AI score0.00321EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2025/08/27 12:0 a.m.2 views

Linux Distros Unpatched Vulnerability : CVE-2023-39513

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Cacti is an open source operational monitoring and fault management framework. Affected versions are subject to a Stored Cross-Site-Scripting XSS Vulnerability...

6.1CVSS6.8AI score0.00769EPSS
Exploits1References2
Fedora
Fedora
added 2025/06/29 1:24 a.m.36 views

[SECURITY] Fedora 41 Update: salt-3007.4-4.fc41

Salt is a distributed remote execution system used to execute commands and query data. It was developed in order to bring the best solutions found in the world of remote execution together and make them better, faster and more malleable. Salt accomplishes this via its ability to handle larger loa...

9.6CVSS6AI score0.00982EPSS
Exploits0
IBM Security Bulletins
IBM Security Bulletins
added 2025/06/25 4:15 p.m.6 views

Security Bulletin: IBM Storage Fusion is affected by exposure of information through cross-site scripting or data queries (CVE-2023-45288, CVE-2023-3978)

Summary IBM Storage Fusion Data Foundation uses HTTP to communicate. This bulletin identifies the steps to take to address the vulnerability in IBM Storage Fusion Data Foundation. CVE-2023-45288, CVE-2023-3978. Vulnerability Details CVEID:CVE-2023-45288 DESCRIPTION: An attacker may cause an HTTP/...

7.5CVSS7.6AI score0.91969EPSS
Exploits1Affected Software1
RedhatCVE
RedhatCVE
added 2025/06/15 10:14 p.m.7 views

CVE-2025-6083

In ExtremeCloud Universal ZTNA, a syntax error in the 'searchKeyword' condition caused queries to bypass the ownerid filter. This issue may allow users to search data across the entire table instead of being restricted to their specific ownerid...

5.2CVSS6.4AI score0.00205EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/06/13 9:6 p.m.16 views

CVE-2025-6083 ExtremeCloud Universal ZTNA Improper Authorization

In ExtremeCloud Universal ZTNA, a syntax error in the 'searchKeyword' condition caused queries to bypass the ownerid filter. This issue may allow users to search data across the entire table instead of being restricted to their specific ownerid...

5.2CVSS0.00205EPSS
Exploits0References1
OSV
OSV
added 2025/06/10 6:15 p.m.6 views

CVE-2025-36575

Dell Wyse Management Suite, versions prior to WMS 5.2, contain an Exposure of Sensitive Information Through Data Queries vulnerability. An unauthenticated attacker with remote access could potentially exploit this vulnerability, leading to Information disclosure...

7.5CVSS5.8AI score0.00293EPSS
Exploits0References1
NVD
NVD
added 2025/04/02 1:15 a.m.30 views

CVE-2025-29981

Dell Wyse Management Suite, versions prior to WMS 5.1, contains an Exposure of Sensitive Information Through Data Queries vulnerability. An unauthenticated attacker with remote access could potentially exploit this vulnerability, leading to Information disclosure...

7.5CVSS0.00365EPSS
Exploits0References1
Snyk
Snyk
added 2025/03/20 12:32 p.m.4 views

Excessive Data Query Operations in a Large Data Table

Overview aim is a super-easy way to record, search and compare AI experiments. Affected versions of this package are vulnerable to Excessive Data Query Operations in a Large Data Table through the tracking and simultaneous querying of a large number of Text objects via the web API. An attacker ca...

8.7CVSS6.9AI score0.0059EPSS
Exploits1References2
Github Security Blog
Github Security Blog
added 2025/03/20 12:32 p.m.22 views

Aim Excessive Data Query Operations in a Large Data Table vulnerability

In version 3.25.0 of aimhubio/aim, a denial of service vulnerability exists. By tracking a large number of Text objects and then querying them simultaneously through the web API, the Aim web server becomes unresponsive to other requests for an extended period while processing and returning these...

7.5CVSS7.1AI score0.0059EPSS
Exploits1References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2025/03/10 12:0 a.m.6 views

The vulnerability of the WhoDB database management system lies in the insufficient neutralization of special elements in data queries, allowing attackers to gain unauthorized access to protected information.

The vulnerability of the WhoDB database management system is related to the insufficient neutralization of special elements in data queries. Exploiting this vulnerability can allow an attacker operating remotely to gain unauthorized access to protected information...

8.6CVSS7AI score0.00543EPSS
Exploits0References3Affected Software1
CNNVD
CNNVD
added 2025/01/09 12:0 a.m.7 views

Drupal 安全漏洞

Drupal is an open source content management system developed in the PHP language by the Drupal community. A security vulnerability exists in Drupal RESTful Web Services versions 7.X-2.0 through 7.X-2.10, which stems from the inclusion of an Exposure of Sensitive Information via Data Queries...

7.5CVSS6.8AI score0.00495EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2024/10/04 12:15 p.m.17 views

CVE-2024-6400

Cleartext Storage of Sensitive Information, Exposure of Sensitive Information Through Data Queries vulnerability in Finrota Netahsilat allows Retrieve Embedded Sensitive Data, Authentication Bypass, IMAP/SMTP Command Injection, Collect Data from Common Resource Locations. This issue solved in...

8.2CVSS5.8AI score0.0062EPSS
Exploits0References3
BDU FSTEC
BDU FSTEC
added 2024/07/25 12:0 a.m.6 views

The vulnerability of the form_save() function (data_queries.php) in the Cacti network monitoring software allows a hacker to execute cross-site scripting attacks.

The vulnerability of the formsave function in the Cacti monitoring software’s dataqueries.php file is related to the lack of protective measures for the website structure. Exploiting this vulnerability could allow a malicious actor to carry out XSS attacks...

5.5CVSS7.7AI score0.00838EPSS
Exploits1References7Affected Software2
OSV
OSV
added 2024/07/23 12:0 a.m.7 views

UBUNTU-CVE-2024-4076

Client queries that trigger serving stale data and that also require lookups in local authoritative zone data may result in an assertion failure. This issue affects BIND 9 versions 9.16.13 through 9.16.50, 9.18.0 through 9.18.27, 9.19.0 through 9.19.24, 9.11.33-S1 through 9.11.37-S1, 9.16.13-S1...

7.5CVSS7.2AI score0.02111EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2024/05/15 2:29 a.m.3 views

SUSE CVE-2024-31443

Cacti provides an operational monitoring and fault management framework. Prior to 1.2.27, some of the data stored in formsave function in dataqueries.php is not thoroughly checked and is used to concatenate the HTML statement in growrightpanetree function from lib/html.php , finally resulting in...

5.4CVSS6.2AI score0.00838EPSS
Exploits1References5
UbuntuCve
UbuntuCve
added 2024/05/14 3:25 p.m.33 views

CVE-2024-31443

Cacti provides an operational monitoring and fault management framework. Prior to 1.2.27, some of the data stored in formsave function in dataqueries.php is not thoroughly checked and is used to concatenate the HTML statement in growrightpanetree function from lib/html.php , finally resulting in...

5.7CVSS6.7AI score0.00838EPSS
Exploits1References4
OSV
OSV
added 2024/05/14 3:25 p.m.4 views

UBUNTU-CVE-2024-31443

Cacti provides an operational monitoring and fault management framework. Prior to 1.2.27, some of the data stored in formsave function in dataqueries.php is not thoroughly checked and is used to concatenate the HTML statement in growrightpanetree function from lib/html.php , finally resulting in...

5.7CVSS7AI score0.00838EPSS
Exploits1References5
Rows per page
Query Builder