Lucene search
+L

25 matches found

nvd
nvd
added 2026/05/30 4:16 p.m.19 views

CVE-2018-25405

eNdonesia Portal 8.7 contains multiple SQL injection vulnerabilities that allow unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through parameters in mod.php. Attackers can inject SQL through the artid, cid, did, contid, and aboutid parameters to extract...

8.8CVSS0.0027EPSS
Exploits0References4
cnnvd
cnnvd
added 2026/04/21 12:0 a.m.9 views

Oracle Financial Services Analytical Applications Infrastructure 安全漏洞

Oracle Financial Services Analytical Applications Infrastructure is a financial data analysis and modeling platform developed by Oracle Corporation. Versions 8.0.7.9, 8.0.8.7, and 8.1.2.5 of Oracle Financial Services Analytical Applications Infrastructure contain security vulnerabilities. These...

4.8CVSS7.2AI score0.00196EPSS
Exploits0References2
osv
osv
added 2026/02/27 11:53 a.m.4 views

SUSE-SU-2026:0685-1 Security update for valkey

This update for valkey fixes the following issues: Update to version 8.0.7. Security issues fixed: - CVE-2025-67733: data tampering and denial of service via improper null character handling in Lua scripts bsc1258746. - CVE-2026-21863: denial of service via invalid clusterbus packet bsc1258788...

8.5CVSS5.8AI score0.00586EPSS
Exploits0References5
patchstack
patchstack
added 2025/10/28 5:27 a.m.12 views

WordPress Soledad theme <= 8.7.0 - Local File Inclusion vulnerability

Local File Inclusion vulnerability discovered by João Pedro S Alcântara Kinorth in WordPress Theme Soledad versions = 8.7.0...

7.5CVSS7AI score0.00333EPSS
Exploits0Affected Software1
nvd
nvd
added 2025/05/05 6:15 a.m.28 views

CVE-2025-3583

The Newsletter WordPress plugin before 8.7.1 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...

4.8CVSS0.00274EPSS
Exploits1References1
osv
osv
added 2024/03/18 9:7 p.m.5 views

CVE-2024-23333 LAM vulnerable to Authenticated Remote Code Execution

LDAP Account Manager LAM is a webfrontend for managing entries stored in an LDAP directory. LAM's log configuration allows to specify arbitrary paths for log files. Prior to version 8.7, an attacker could exploit this by creating a PHP file and cause LAM to log some PHP code to this file. When th...

7.9CVSS7.7AI score0.17868EPSS
Exploits0References4
ptsecurity
ptsecurity
added 2024/03/18 12:0 a.m.10 views

PT-2024-19815

Name of the Vulnerable Software and Affected Versions LDAP Account Manager LAM versions prior to 8.7 Description LDAP Account Manager LAM is a web frontend for managing entries stored in an LDAP directory. LAM's log configuration allows specifying arbitrary paths for log files. An attacker could...

7.9CVSS7.9AI score0.17868EPSS
Exploits0References18
cnnvd
cnnvd
added 2024/01/16 12:0 a.m.9 views

HYPR Buffer Error Vulnerability

HYPR is a security application from HYPR that implements passwordless security. A security vulnerability exists in HYPR versions prior to 8.7 that stems from a buffer overflow due to improperly restricted operations within a memory buffer range...

7.8CVSS7.2AI score0.00147EPSS
Exploits0References2
cnnvd
cnnvd
added 2024/01/16 12:0 a.m.6 views

HYPR Input Validation Error Vulnerability

HYPR is a security application from HYPR that implements passwordless security. A security vulnerability exists in HYPR versions prior to 8.7 that stems from the inclusion of incorrect input validation that results in path traversal...

7CVSS6.7AI score0.00187EPSS
Exploits0References2
ptsecurity
ptsecurity
added 2024/01/16 12:0 a.m.6 views

PT-2024-14933 · Hypr · Hypr Workforce Access

Name of the Vulnerable Software and Affected Versions: HYPR Workforce Access versions prior to 8.7 Description: The issue is related to an Improper Link Resolution Before File Access, also known as 'Link Following', which allows User-Controlled Filename. This affects HYPR Workforce Access on MacO...

7.8CVSS7.4AI score0.00165EPSS
Exploits0References4
cnnvd
cnnvd
added 2024/01/16 12:0 a.m.6 views

HYPR Backlink Vulnerability

HYPR is a security application from HYPR that implements password-less security. A security vulnerability exists in HYPR Workforce Access prior to version 8.7 that stems from an incorrectly resolved file access link that allows a user to take control of a file name...

7.8CVSS6.7AI score0.00165EPSS
Exploits0References2
cnnvd
cnnvd
added 2023/10/04 12:0 a.m.4 views

SAMSUNG Mobile devices security vulnerability

SAMSUNG Mobile devices are a range of Samsung mobile devices, including cell phones, tablets, etc. from the South Korean company Samsung SAMSUNG. A security vulnerability exists in SAMSUNG Mobile devices version 8.7.00.1, which stems from improper authorization of Samsung Assistant PushMsgReceive...

5.4CVSS6.7AI score0.0024EPSS
Exploits0References2
osv
osv
added 2023/07/19 5:15 a.m.4 views

CVE-2023-3759

A vulnerability, which was classified as critical, was found in Intergard SGS 8.7.0. Affected is an unknown function. The manipulation leads to permission issues. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The identifier of this...

9.8CVSS5.3AI score0.00775EPSS
Exploits1References3
susecve
susecve
added 2023/02/15 4:53 a.m.6 views

SUSE CVE-2016-20012

OpenSSH through 8.7 allows remote attackers, who have a suspicion that a certain combination of username and public key is known to an SSH server, to test whether this suspicion is correct. This occurs because a challenge is sent only when that combination could be valid for a login session. NOTE...

5.3CVSS8.2AI score0.05326EPSS
Exploits1References3
cnnvd
cnnvd
added 2022/11/28 12:0 a.m.4 views

IBM Maximo Mobile 安全漏洞

IBM Maximo Mobile is a generation of mobile application platform from International Business Machines IBM. A security vulnerability exists in IBM Maximo Mobile versions 8.7 and 8.8 that stems from storing user credentials in plaintext...

6.2CVSS5.7AI score0.00166EPSS
Exploits0References3
osv
osv
added 2022/05/26 5:15 p.m.7 views

CVE-2021-33016

An attacker can gain full access read/write/delete to sensitive folders due to hard-coded credentials on KUKA KR C4 control software for versions prior to 8.7 or any product running KSS...

9.8CVSS5.8AI score0.00912EPSS
Exploits0References1
ncsc
ncsc
added 2021/11/05 12:0 a.m.64 views

Vulnerabilities fixed in GitLab

Vulnerabilities have been fixed in GitLab. The vulnerabilities allow a malicious person to perform attacks that lead to the following categories of damage: Denial-of-Service DoS Manipulation of data Bypassing authentication Remote code execution User rights Access to system data GitLab categorize...

8.7CVSS7.5AI score0.60729EPSS
Exploits2
osv
osv
added 2021/10/12 4:15 p.m.3 views

CVE-2021-37734

A remote unauthorized read access to files vulnerability was discovered in Aruba Instant versions: 6.4.x.x: 6.4.4.8-4.2.4.18 and below; Aruba Instant 6.5.x.x: 6.5.4.19 and below; Aruba Instant 8.5.x.x: 8.5.0.12 and below; Aruba Instant 8.6.x.x: 8.6.0.11 and below; Aruba Instant 8.7.x.x: 8.7.1.3 a...

6.5CVSS5.8AI score0.00946EPSS
Exploits0References2
osv
osv
added 2021/09/15 8:15 p.m.4 views

UBUNTU-CVE-2016-20012

OpenSSH through 8.7 allows remote attackers, who have a suspicion that a certain combination of username and public key is known to an SSH server, to test whether this suspicion is correct. This occurs because a challenge is sent only when that combination could be valid for a login session. NOTE...

5.3CVSS7.2AI score0.05326EPSS
Exploits1References6
cnvd
cnvd
added 2019/06/26 12:0 a.m.4 views

HP Support Assistant elevation of privilege vulnerability (CNVD-2019-23307)

HP Support Assistant is a utility program included in all HP computers to diagnose technical problems and manage updates. An elevation of privilege vulnerability exists in HP Support Assistant 8.7.50 and earlier versions. An attacker could use this vulnerability to gain system privileges and make...

7.8CVSS7.3AI score0.00733EPSS
Exploits0References1
Rows per page
Query Builder