Lucene search
K

200 matches found

Tenable Nessus
Tenable Nessus
added 2024/09/05 12:0 a.m.46 views

Amazon Linux 2 : docker (ALASECS-2024-041)

The version of docker installed on the remote host is prior to 25.0.3-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2ECS-2024-041 advisory. A malicious HTTP sender can use chunk extensions to cause a receiver reading from a request or response body to read man...

10CVSS7AI score0.02983EPSS
Exploits0References12
CNNVD
CNNVD
added 2024/07/23 12:0 a.m.5 views

WordPress plugin Request a Quote 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A security vulnerability exists in the...

5.9CVSS6AI score0.00369EPSS
Exploits1References2
CNNVD
CNNVD
added 2024/07/09 12:0 a.m.6 views

Fortinet FortiExtender 访问控制错误漏洞

Fortinet FortiExtender is a wireless WAN wide area network extender device from Fortinet. An Access Control Error vulnerability exists in Fortinet FortiExtender, which stems from the presence of improper access control and can be exploited by an attacker to create a user with elevated privileges...

8.8CVSS6.8AI score0.0064EPSS
Exploits0References2
OSV
OSV
added 2024/07/09 12:0 a.m.3 views

UBUNTU-CVE-2024-38081

.NET, .NET Framework, and Visual Studio Elevation of Privilege Vulnerability...

7.3CVSS5.8AI score0.01292EPSS
Exploits0References5
CNNVD
CNNVD
added 2024/07/02 12:0 a.m.5 views

WordPress Plugin EazyDocs Security Vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security...

4.8CVSS6AI score0.00397EPSS
Exploits2References2
CNNVD
CNNVD
added 2024/06/26 12:0 a.m.3 views

WordPress Plugin Video Widget Cross-Site Scripting Vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers running PHP and MySQL. WordPress plugin is an application plugin. A cross-site scripting vulnerabili...

4.8CVSS6AI score0.00399EPSS
Exploits2References2
CNNVD
CNNVD
added 2024/05/29 12:0 a.m.4 views

WordPress plugin Gianism 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security...

4.8CVSS5.8AI score0.00372EPSS
Exploits2References2
CNNVD
CNNVD
added 2024/05/23 12:0 a.m.4 views

WordPress plugin Pet Manager 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A security vulnerability exists in WordPres...

4.8CVSS5.8AI score0.00351EPSS
Exploits2References2
CNNVD
CNNVD
added 2024/05/22 12:0 a.m.6 views

Veeam Backup Enterprise Manager 安全漏洞

Veeam Backup Enterprise Manager is a centralized management and monitoring tool from Veeam USA. A security vulnerability exists in Veeam Backup Enterprise Manager that originates from allowing an elevated privilege user to read backup session logs...

2.7CVSS4.5AI score0.0053EPSS
Exploits0References2
CNNVD
CNNVD
added 2024/05/21 12:0 a.m.7 views

WordPress Plugin Survey Maker 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting...

4.8CVSS5.9AI score0.00422EPSS
Exploits2References2
CNNVD
CNNVD
added 2024/05/03 12:0 a.m.3 views

SolarWinds Serv-U FTP Server 日志信息泄露漏洞

SolarWinds Serv-U FTP Server is a suite of FTP and MFT file transfer software from the U.S. company SolarWinds. A log information disclosure vulnerability exists in SolarWinds Serv-U FTP Server 15.4.2 and earlier versions, which stems from log file path labels that are not properly cleaned up,...

5.7CVSS6.3AI score0.00638EPSS
Exploits0References3
NVD
NVD
added 2024/04/15 10:15 a.m.15 views

CVE-2024-22437

A potential security vulnerability has been identified in VSS Provider and CAPI Proxy software for certain HPE MSA storage products. This vulnerability could be exploited to gain elevated privilege on the system...

7.3CVSS7.4AI score0.00181EPSS
Exploits0References1
CVE
CVE
added 2024/04/15 9:21 a.m.60 views

CVE-2024-22437

CVE-2024-22437 affects HPE MSA SAN Storage VSS Provider and CAPI Proxy software. Vulnerability allows elevation of privilege on affected MSA storage products via a local attack with low privileges and required user interaction. Impact is reported as high for confidentiality, integrity, and availa...

7.3CVSS7.1AI score0.00181EPSS
Exploits0References1
CNNVD
CNNVD
added 2024/04/15 12:0 a.m.5 views

WordPress Plugin Everest Backup 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security...

6.5CVSS8.4AI score0.00649EPSS
Exploits2References2
CNNVD
CNNVD
added 2024/04/09 12:0 a.m.4 views

SAP Asset Accounting 安全漏洞

SAP Asset Accounting is an asset accounting program from SAP, Germany. It is used to manage and monitor fixed assets. A security vulnerability exists in SAP Asset Accounting that stems from allowing an elevated-privilege attacker to exploit insufficient authentication of user-supplied path...

7.2CVSS6.6AI score0.00726EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2024/04/08 12:0 a.m.28 views

SUSE SLES15 Security Update : docker (SUSE-SU-2024:0586-2)

The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:0586-2 advisory. Vendor latest buildkit v0.11 including bugfixes for the following: CVE-2024-23653: BuildKit API doesn't validate entitlement on...

10CVSS7.2AI score0.02983EPSS
Exploits0References10
CVE
CVE
added 2024/01/31 10:3 p.m.426 views

CVE-2024-23653

CVE-2024-23653 involves BuildKit allowing a container with elevated privileges via interactive APIs unless entitlement checks are enforced. Description notes that privileged containers are normally gated by security.insecure entitlement and user authorization, and that the issue has been fixed in...

9.8CVSS9.3AI score0.02983EPSS
Exploits0References3Affected Software1
CNNVD
CNNVD
added 2024/01/29 12:0 a.m.4 views

WordPress plugin Wp-Adv-Quiz security vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A security vulnerability in the WordPress...

4.8CVSS6.1AI score0.00402EPSS
Exploits2References2
CNNVD
CNNVD
added 2024/01/16 12:0 a.m.3 views

WordPress plugin EventON security vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress is a blogging platform developed in the PHP language that supports personal blogs on PHP and MySQL servers.WordPress plugin is an application...

4.8CVSS6.7AI score0.0043EPSS
Exploits2References2
CNNVD
CNNVD
added 2023/11/06 12:0 a.m.6 views

WordPress Plugin User Registration Cross-Site Scripting Vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site scripting vulnerability exists...

4.8CVSS6.1AI score0.00562EPSS
Exploits2References2
Rows per page
Query Builder