Lucene search
K

9 matches found

EUVD
EUVD
added 4 days ago7 views

EUVD-2026-41008

Improper neutralization of input during web page generation 'cross-site scripting' vulnerability in DivvyDrive Information Technologies Inc. DivvyDrive allows Stored XSS. This issue affects DivvyDrive: from 4.8.2.23 before v.4.8.3.1...

6.4CVSS5.8AI score0.00148EPSS
Exploits0References1
IBM Security Bulletins
IBM Security Bulletins
added 2026/05/15 2:40 p.m.11 views

Security Bulletin: A vulnerability in the Axios package affects IBM® Db2® Big SQL on IBM Cloud Pak for Data.

Summary Security Bulletin: A vulnerability in the Axios package affects IBM® Db2® Big SQL 8 and earlier on IBM Cloud Pak for Data 5.3.1 and earlier. Vulnerability Details CVEID:CVE-2026-25639 DESCRIPTION: Axios is a promise based HTTP client for the browser and Node.js. Prior to versions 0.30.3 a...

7.5CVSS7AI score0.02591EPSS
Exploits1Affected Software1
Tenable Nessus
Tenable Nessus
added 2026/03/10 12:0 a.m.5 views

Oracle Linux 10 : mysql8.4 (ELSA-2026-4162)

The remote Oracle Linux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2026-4162 advisory. 8.4.8-1 - Rebase to 8.4.8 8.4.7-2 - Skip tests that are failing on Konflux - Resolves: ROK-831 Tenable has extracted the preceding description block...

6.5CVSS5.9AI score0.00337EPSS
Exploits0References7
ATTACKERKB
ATTACKERKB
added 2026/01/29 2:28 p.m.6 views

CVE-2020-37020

SonarQube 8.3.1 contains an unquoted service path vulnerability that allows local attackers to gain SYSTEM privileges by exploiting the service executable path. Attackers can replace the wrapper.exe in the service path with a malicious executable to execute code with highest system privileges...

8.5CVSS6.1AI score0.00121EPSS
Exploits0References3Affected Software1
Positive Technologies
Positive Technologies
added 2025/01/23 12:0 a.m.4 views

PT-2025-1271 · Fastify · Fastify-Multipart

Name of the Vulnerable Software and Affected Versions: @fastify/multipart versions prior to 8.3.1 and 9.0.3 Description: The issue is related to the saveRequestFiles function in the @fastify/multipart plugin for Fastify, which fails to delete uploaded temporary files when a user cancels a request...

7.8CVSS7.2AI score0.00552EPSS
Exploits0References9
CNNVD
CNNVD
added 2023/07/11 12:0 a.m.4 views

SuiteCRM 跨站请求伪造漏洞

SuiteCRM is an open source enterprise-level customer relationship management CRM software application. A cross-site request forgery vulnerability exists in SuiteCRM versions prior to 8.3.1, which can be exploited by an attacker to spoof a user's identity and send malicious requests...

8.8CVSS6.7AI score0.00302EPSS
Exploits1References3
OSV
OSV
added 2020/08/17 1:15 p.m.3 views

CVE-2020-4686

IBM Spectrum Virtualize 8.3.1 could allow a remote user authenticated via LDAP to escalate their privileges and perform actions they should not have access to. IBM X-Force ID: 186678...

8.1CVSS5.8AI score0.01578EPSS
Exploits0References2
OSV
OSV
added 2018/10/31 10:29 p.m.4 views

CVE-2018-15707

Advantech WebAccess 8.3.1 and 8.3.2 are vulnerable to cross-site scripting in the Bwmainleft.asp page. An attacker could leverage this vulnerability to disclose credentials amongst other things...

5.4CVSS5.6AI score
Exploits0References2
CNVD
CNVD
added 2016/04/08 12:0 a.m.3 views

NetApp Clustered Data ONTAP Man-in-the-Middle Attack Vulnerability

NetApp Data ONTAP is the data management platform. A security vulnerability exists in NetApp Clustered Data ONTAP 8.3.1 due to failure to properly validate the x.509 certificate of the TLS server. A man-in-the-middle attacker could exploit this vulnerability via a constructed certificate to spoof...

6.8CVSS6.6AI score0.00584EPSS
Exploits0References1
Rows per page
Query Builder