Lucene search
K

21 matches found

EUVD
EUVD
added 2026/06/26 3:32 p.m.5 views

EUVD-2026-39778

Mattermost Plugins versions =11.6 10.18.11 11.3.6 11.6.5.0 fail to sanitize error responses from the OpenAI API before logging, which allows a user with access to server logs or support packets to obtain a valid or partially reconstructable OpenAI API key via inspection of mattermost.log entries...

6.8CVSS5.8AI score0.00325EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/06/02 12:0 a.m.8 views

Spacelabs Healthcare Sentinel 安全漏洞

Spacelabs Healthcare Sentinel is a cardiology information management system developed by Spacelabs Healthcare in the United States. Vulnerabilities exist in Spacelabs Healthcare Sentinel versions 10.5.x and later, as well as versions 11.6.0 and earlier under the 11.x.x range. These vulnerabilitie...

9.8CVSS6.3AI score0.00664EPSS
Exploits0References3
EUVD
EUVD
added 2026/03/17 7:41 p.m.6 views

EUVD-2026-12627

GLPI is a free Asset and IT management software package. Starting in version 11.0.0 and prior to version 11.0.6, an authenticated user can perfom a SQL injection. Version 11.0.6 fixes the issue...

6.5CVSS5.8AI score0.00339EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/10/14 12:0 a.m.4 views

Adobe Experience Manager 跨站脚本漏洞

Adobe Experience Manager AEM is a set of content management solutions that can be used to build websites, mobile applications and forms from the American company Audobee Adobe. The solution supports mobile content management, marketing and sales campaign management, and multi-site management. A...

5.4CVSS5.7AI score0.00222EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 3:46 a.m.18 views

CVE-2023-3124

The Elementor Pro plugin for WordPress is vulnerable to unauthorized data modification due to a missing capability check on the updatepageoption function in versions up to, and including, 3.11.6. This makes it possible for authenticated attackers with subscriber-level capabilities to update...

8.8CVSS6.5AI score0.2272EPSS
Exploits2References1
RedhatCVE
RedhatCVE
added 2025/05/22 11:49 p.m.8 views

CVE-2022-22579

An information disclosure issue was addressed with improved state management. This issue is fixed in iOS 15.3 and iPadOS 15.3, tvOS 15.3, Security Update 2022-001 Catalina, macOS Monterey 12.2, macOS Big Sur 11.6.3. Processing a maliciously crafted STL file may lead to unexpected application...

9.3CVSS6.3AI score0.01688EPSS
Exploits0References1
OSV
OSV
added 2023/06/23 1:15 p.m.4 views

CVE-2023-29100

Unauth. Reflected Cross-Site Scripting XSS vulnerability in Dream-Theme The7 plugin = 11.6.0 versions...

6.1CVSS7.3AI score0.00382EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2023/06/17 12:0 a.m.6 views

PT-2023-25325 · Sugarcrm · Sugarcrm Enterprise

Name of the Vulnerable Software and Affected Versions: SugarCRM Enterprise versions prior to 11.0.6 SugarCRM Enterprise versions 12.x prior to 12.0.3 Description: An Unrestricted File Upload issue has been identified in the Notes module due to missing input validation. This allows custom PHP code...

8.8CVSS7.5AI score0.01255EPSS
Exploits2References7
CNVD
CNVD
added 2023/05/30 12:0 a.m.7 views

SeaCMS Denial of Service Vulnerability (CNVD-2024-37629)

SeaCMS is designed to solve the core needs of station owners and content management system, a set of programs to adapt to computers, cell phones, tablets, APP multiple terminal entrances, without any encryption code, safe and secure, is the best station building tools. SeaCMS 11.6 version of the...

6.5CVSS6.7AI score0.0087EPSS
Exploits1References1
CNNVD
CNNVD
added 2022/08/16 12:0 a.m.6 views

WWBN AVideo 安全漏洞

WWBN AVideo is a video platform builder written in PHP by the WWBN team. A security vulnerability exists in WWBN AVideo version 11.6. An attacker exploits the vulnerability to access and take over resources via specially crafted HTTP requests...

5CVSS5.4AI score0.00665EPSS
Exploits0References4
CNNVD
CNNVD
added 2022/08/16 12:0 a.m.2 views

WWBN AVideo SQL注入漏洞

WWBN AVideo is a video platform builder written in PHP by the WWBN team. WWBN AVideo version 11.6 suffers from a SQL injection vulnerability that stems from a sql injection vulnerability in the ObjectYPT function. An attacker can use this vulnerability to cause an sql injection via a specially...

8.8CVSS8AI score0.01636EPSS
Exploits0References4
CNNVD
CNNVD
added 2022/08/16 12:0 a.m.4 views

WWBN AVideo SQL注入漏洞

WWBN AVideo is a video platform builder written in PHP by the WWBN team. WWBN AVideo version 11.6 suffers from a SQL injection vulnerability that stems from a sql injection vulnerability in the ObjectYPT function. An attacker can use this vulnerability to cause an sql injection via a specially...

8.8CVSS8AI score0.00973EPSS
Exploits0References4
CNNVD
CNNVD
added 2022/08/16 12:0 a.m.3 views

WWBN AVideo 跨站脚本漏洞

WWBN AVideo is a video platform builder written in PHP by the WWBN team. A cross-site scripting vulnerability exists in WWBN AVideo version 11.6. An attacker can exploit this vulnerability to execute arbitrary Javascript via a specially crafted HTTP request...

9.6CVSS7.7AI score0.83583EPSS
Exploits1References4
CNNVD
CNNVD
added 2022/08/16 12:0 a.m.3 views

WWBN AVideo 安全漏洞

WWBN AVideo is a video platform builder written in PHP by the WWBN team. A security vulnerability exists in WWBN AVideo version 11.6, which stems from a missing HttpOnly flag in the session cookie and pass cookie, which can disclose sensitive information...

7.5CVSS7.5AI score0.01983EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2022/06/20 12:0 a.m.7 views

PT-2022-14124 · WordPress · Very Simple Contact Form

Name of the Vulnerable Software and Affected Versions: Very Simple Contact Form WordPress plugin versions prior to 11.6 Description: The issue allows bots to bypass the captcha check by exposing the solution in the rendered contact form as hidden input fields and plain text, making the page a...

7.5CVSS7.5AI score0.01191EPSS
Exploits2References3
CNNVD
CNNVD
added 2022/05/12 12:0 a.m.6 views

HCL Technologies HCL Sametime 安全漏洞

HCL Sametime, a conferencing solution from HCL Technologies, has a security vulnerability in HCL Technologies HCL Sametime version 11.6 that could be exploited by attackers to conduct clickjacking attacks in conference chats...

4.3CVSS5.2AI score0.00438EPSS
Exploits0References2
CNNVD
CNNVD
added 2022/05/04 12:0 a.m.7 views

SeaCMS 安全漏洞

SeaCMS is a free and open source web content management system written in PHP. The system is primarily designed to manage video-on-demand resources. A security vulnerability exists in SeaCMS version 11.6, which stems from the discovery of a Remote Command Execution RCE vulnerability containing a...

7.2CVSS7.1AI score0.02091EPSS
Exploits1References2
CNNVD
CNNVD
added 2022/04/05 12:0 a.m.8 views

Wwbn Avideo 跨站脚本漏洞

Wwbn Avideo is a video platform builder written in PHP by the Wwbn WWBN team. A security vulnerability exists in objects/function.php in the function getDeviceID in Wwbn Avideo before 11.6, which allows an attacker to view /include/head.php with the yptDevice parameter...

6.1CVSS6.3AI score0.00597EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2022/03/04 12:0 a.m.9 views

PT-2022-15910 · Netapp · Storagegrid

Name of the Vulnerable Software and Affected Versions: StorageGRID formerly StorageGRID Webscale versions prior to 11.6.0 Description: The issue allows disabled, expired, or locked external user accounts to access S3 data to which they previously had access. In StorageGRID 11.6.0, the user accoun...

4.9CVSS5AI score0.00753EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2021/03/10 12:0 a.m.18 views

PT-2021-2432 · Linux +5 · Linux Kernel +5

Name of the Vulnerable Software and Affected Versions: Linux kernel versions through 5.11.6 Description: The issue is related to the rtw wx set scan function in the Linux kernel, which allows writing beyond the end of the -ssid array. This can lead to a buffer overflow in memory. The exploitation...

9.8CVSS7.6AI score0.89063EPSS
Exploits212References1210
Rows per page
Query Builder