Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

27 matches found

OSV
OSVadded 2022/04/07 8:15 p.m.1 views

CVE-2021-36202

Server-Side Request Forgery SSRF vulnerability in Johnson Controls Metasys could allow an authenticated attacker to inject malicious code into the MUI PDF export feature. This issue affects: Johnson Controls Metasys All 10 versions versions prior to 10.1.5; All 11 versions versions prior to 11.0....

8.8CVSS7.4AI score0.0019EPSS
Exploits0References2
NVD
NVDadded 2022/02/09 10:15 p.m.12 views

CVE-2022-23620

XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. In affected versions AbstractSxExportURLFactoryActionHandlerprocessSx does not escape anything from SSX document references when serializing it on filesystem, it is possible to for the HTML...

6.8CVSS0.00307EPSS
Exploits0References3
Prion
Prionadded 2022/02/09 10:15 p.m.16 views

Design/Logic Flaw

XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. In affected versions AbstractSxExportURLFactoryActionHandlerprocessSx does not escape anything from SSX document references when serializing it on filesystem, it is possible to for the HTML...

5.8CVSS5.4AI score0.00307EPSS
Exploits0References3Affected Software1
Cvelist
Cvelistadded 2022/02/09 9:15 p.m.15 views

CVE-2022-23620 Path traversal in xwiki-platform-skin-skinx

XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. In affected versions AbstractSxExportURLFactoryActionHandlerprocessSx does not escape anything from SSX document references when serializing it on filesystem, it is possible to for the HTML...

6.8CVSS6.7AI score0.00307EPSS
Exploits0References3
Positive Technologies
Positive Technologiesadded 2021/04/26 12:0 a.m.10 views

PT-2021-18239 · Hedgedoc · Hedgedoc

Name of the Vulnerable Software and Affected Versions: HedgeDoc versions prior to 1.5.0 Description: The issue affects HedgeDoc, an open-source collaborative markdown editor, where an attacker can receive arbitrary files from the file system when exporting a note to PDF. This exploit requires the...

10CVSS9.3AI score0.00259EPSS
Exploits0References4
OSV
OSVadded 2019/06/17 8:15 p.m.1 views

CVE-2018-19449

A File Write can occur for specially crafted PDF files in Foxit Reader SDK ActiveX Professional 5.4.0.1031 when the JavaScript API Doc.exportAsFDF is used. An attacker can leverage this to gain remote code execution...

7.8CVSS6AI score0.00312EPSS
Exploits1References1
BDU FSTEC
BDU FSTECadded 2019/05/06 12:0 a.m.0 views

The vulnerability of the “Security Management Center” component of the Dr.Web Enterprise Security Suite antivirus tool allows a hacker to gain access to protected information.

The vulnerability of the “Security Management Center” component of the Dr.Web Enterprise Security Suite antivirus tool is related to deficiencies in the document export mechanism. Exploiting this vulnerability allows a malicious actor to obtain information about the installed components of the...

4.3CVSS5.5AI score
Exploits0Affected Software1
Rows per page
Query Builder