Lucene search
+L

48 matches found

redhatcve
redhatcve
added 2025/05/22 8:37 a.m.6 views

CVE-2019-20153

An issue was discovered in Determine formerly Selectica Contract Lifecycle Management CLM in v5.4. An XML external entity XXE vulnerability in the upload definition feature in definitionuploadattach.jsp allows authenticated remote attackers to read arbitrary files including configuration files...

4.9CVSS7AI score0.01201EPSS
Exploits1References1
susecve
susecve
added 2025/01/14 12:23 a.m.4 views

SUSE CVE-2024-52333

An improper array index validation vulnerability exists in the determineMinMax functionality of OFFIS DCMTK 3.6.8. A specially crafted DICOM file can lead to an out-of-bounds write. An attacker can provide a malicious file to trigger this vulnerability...

7.8CVSS6.8AI score0.0061EPSS
Exploits1References5
osv
osv
added 2025/01/13 3:15 p.m.2 views

DEBIAN-CVE-2024-52333

An improper array index validation vulnerability exists in the determineMinMax functionality of OFFIS DCMTK 3.6.8. A specially crafted DICOM file can lead to an out-of-bounds write. An attacker can provide a malicious file to trigger this vulnerability...

7.8CVSS6.9AI score0.0061EPSS
Exploits1References1
fedora
fedora
added 2024/06/05 1:41 a.m.14 views

[SECURITY] Fedora 40 Update: qt5-qtlocation-5.15.14-1.fc40

The Qt Location and Qt Positioning APIs gives developers the ability to determine a position by using a variety of possible sources, including satellite, or wifi, or text file, and so on...

9.8CVSS6.4AI score0.0097EPSS
Exploits0
cvelist
cvelist
added 2023/10/30 4:56 p.m.35 views

CVE-2023-21316

In Content, there is a possible way to determine whether an app is installed, without query permissions, due to side channel information disclosure. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation...

6AI score0.00086EPSS
Exploits0References1
cnvd
cnvd
added 2021/04/06 12:0 a.m.25 views

Atlassian Jira Server and Data Center has an unspecified vulnerability

Atlassian JIRA Server and Atlassian JIRA Data Center are both products of Atlassian Australia, Atlassian JIRA Server is a server version of a defect tracking management system. Atlassian JIRA Data Center is the data center version of Atlassian JIRA, which is a security vulnerability that could be...

5.3CVSS4.9AI score0.01591EPSS
Exploits0References1
nvd
nvd
added 2020/01/05 11:15 p.m.18 views

CVE-2019-20155

An issue was discovered in reportedit.jsp in Determine formerly Selectica Contract Lifecycle Management CLM v5.4. Any authenticated user may execute Groovy code when generating a report, resulting in arbitrary code execution on the underlying server...

9CVSS8.8AI score0.02467EPSS
Exploits1References1
nvd
nvd
added 2020/01/05 11:15 p.m.16 views

CVE-2019-20153

An issue was discovered in Determine formerly Selectica Contract Lifecycle Management CLM in v5.4. An XML external entity XXE vulnerability in the upload definition feature in definitionuploadattach.jsp allows authenticated remote attackers to read arbitrary files including configuration files...

4.9CVSS5.2AI score0.01201EPSS
Exploits1References1
nvd
nvd
added 2020/01/05 11:15 p.m.14 views

CVE-2019-20154

An issue was discovered in Determine formerly Selectica Contract Lifecycle Management CLM v5.4. A cross-site scripting XSS vulnerability in multiple getchart.jsp parameters allows remote attackers to inject arbitrary web script or HTML...

6.1CVSS6AI score0.00806EPSS
Exploits1References1
prion
prion
added 2020/01/05 11:15 p.m.13 views

Code injection

An issue was discovered in reportedit.jsp in Determine formerly Selectica Contract Lifecycle Management CLM v5.4. Any authenticated user may execute Groovy code when generating a report, resulting in arbitrary code execution on the underlying server...

9CVSS8.8AI score0.02467EPSS
Exploits1References1Affected Software1
prion
prion
added 2020/01/05 11:15 p.m.17 views

Xxe

An issue was discovered in Determine formerly Selectica Contract Lifecycle Management CLM in v5.4. An XML external entity XXE vulnerability in the upload definition feature in definitionuploadattach.jsp allows authenticated remote attackers to read arbitrary files including configuration files...

4CVSS5.2AI score0.01201EPSS
Exploits1References1Affected Software1
prion
prion
added 2020/01/05 11:15 p.m.12 views

Cross site scripting

An issue was discovered in Determine formerly Selectica Contract Lifecycle Management CLM v5.4. A cross-site scripting XSS vulnerability in multiple getchart.jsp parameters allows remote attackers to inject arbitrary web script or HTML...

4.3CVSS6AI score0.00806EPSS
Exploits1References1Affected Software1
cve
cve
added 2020/01/05 10:23 p.m.83 views

CVE-2019-20155

CVE-2019-20155 affects Determine CLM v5.4 (report_edit.jsp). The issue allows an authenticated user to cause Groovy code execution on the server during report generation, enabling arbitrary code execution. Affected component is the report generation flow in report_edit.jsp; root cause is code exe...

9CVSS8.8AI score0.02467EPSS
Exploits1References1Affected Software1
cve
cve
added 2020/01/05 10:15 p.m.65 views

CVE-2019-20154

Determine Contract Lifecycle Management (CLM) v5.4 contains a Cross‑Site Scripting (XSS) vulnerability in multiple getchart.jsp parameters, enabling remote attackers to inject arbitrary web script or HTML. The affected component is CLM 5.4; root cause stems from inadequate input validation in get...

6.1CVSS5.9AI score0.00806EPSS
Exploits1References1Affected Software1
cvelist
cvelist
added 2020/01/05 10:12 p.m.16 views

CVE-2019-20153

An issue was discovered in Determine formerly Selectica Contract Lifecycle Management CLM in v5.4. An XML external entity XXE vulnerability in the upload definition feature in definitionuploadattach.jsp allows authenticated remote attackers to read arbitrary files including configuration files...

5.2AI score0.01201EPSS
Exploits1References1
cve
cve
added 2020/01/05 10:12 p.m.81 views

CVE-2019-20153

CVE-2019-20153 concerns Determine Contract Lifecycle Management (CLM) v5.4, where an XML External Entity (XXE) flaw in the upload definition feature (definition_upload_attach.jsp) allows authenticated remote attackers to read arbitrary files, including configuration files with administrative cred...

4.9CVSS5.1AI score0.01201EPSS
Exploits1References1Affected Software1
cnvd
cnvd
added 2020/01/05 12:0 a.m.2 views

Determine Contract Lifecycle Management Cross-Site Scripting Vulnerability

Determine Contract Lifecycle Management CLM is a suite of enterprise contract lifecycle management solutions from Determine Corporation. A cross-site scripting vulnerability exists in the getchart.jsp file in Determine CLM version 5.4, which stems from the lack of proper validation of client-side...

6.1CVSS6.4AI score0.00806EPSS
Exploits1References1
cnvd
cnvd
added 2020/01/05 12:0 a.m.2 views

Determine Contract Lifecycle Management XML External Entity Injection Vulnerability

Determine Contract Lifecycle Management CLM is a suite of enterprise contract lifecycle management solutions from Determine Corporation. An XML external entity injection vulnerability exists in the definitionuploadattach.jsp file in Determine CLM version 5.4, which can be exploited by an attacker...

4.9CVSS7.3AI score0.01201EPSS
Exploits1References1
debiancve
debiancve
added 2018/06/01 12:0 p.m.38 views

CVE-2018-11645

psi/zfile.c in Artifex Ghostscript before 9.21rc1 permits the status command even if -dSAFER is used, which might allow remote attackers to determine the existence and size of arbitrary files, a similar issue to CVE-2016-7977...

5.3CVSS8.1AI score0.02582EPSS
Exploits0
zdt
zdt
added 2017/06/29 12:0 a.m.74 views

Linux Kernel - offset2lib Stack Clash Exploit

Exploit for linux platform in category local exploits / Linuxoffset2lib.c for CVE-2017-1000370 and CVE-2017-1000371 Copyright C 2017 Qualys, Inc. This program is free software: you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free...

4.4CVSS5.6AI score0.02428EPSS
Exploits17
Rows per page
Query Builder