Lucene search
K

335 matches found

ATTACKERKB
ATTACKERKB
added 2023/11/14 5:15 a.m.4 views

CVE-2023-43902

Incorrect access control in the Forgot Your Password function of EMSigner v2.8.7 allows unauthenticated attackers to access accounts of all registered users, including those with administrator privileges via a crafted password reset token...

9.8CVSS5.9AI score0.00857EPSS
Exploits1References2
RedHat Linux
RedHat Linux
added 2023/11/07 8:52 a.m.6 views

qt: Uninitialized variable usage in m_unitsPerEm

A vulnerability was found in qt. The security flaw occurs due to uninitialized variable usage in munitsPerEm...

6.5CVSS7.3AI score0.00877EPSS
Exploits0References4
Openbugbounty
Openbugbounty
added 2023/10/18 7:36 p.m.9 views

casa-em-portugal.pt Cross Site Scripting vulnerability OBB-3753875

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

6.1AI score
Exploits0
OSV
OSV
added 2023/09/02 11:5 a.m.4 views

OESA-2023-1580 qt security update

Qt pronounced as "cute", not "cu-tee" is a cross-platform framework that is usually used as a graphical toolkit, although it is also very helpful in creating CLI applications. It runs on the three major desktop OSes, as well as on mobile OSes, such as Symbian, Nokia Belle, Meego Harmattan, MeeGo ...

6.5CVSS6.8AI score0.00877EPSS
Exploits0References2
OSV
OSV
added 2023/08/26 11:5 a.m.4 views

OESA-2023-1547 qt security update

Qt pronounced as "cute", not "cu-tee" is a cross-platform framework that is usually used as a graphical toolkit, although it is also very helpful in creating CLI applications. It runs on the three major desktop OSes, as well as on mobile OSes, such as Symbian, Nokia Belle, Meego Harmattan, MeeGo ...

6.5CVSS6.8AI score0.00877EPSS
Exploits0References2
Openbugbounty
Openbugbounty
added 2023/05/21 9:28 p.m.6 views

casa-em-portugal.com Cross Site Scripting vulnerability OBB-3357016

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

6.1AI score
Exploits0
OSV
OSV
added 2023/05/10 6:15 a.m.5 views

AZL-26670 CVE-2023-32573 affecting package qt5-qtsvg for versions less than 5.15.9-1

In Qt before 5.15.14, 6.0.x through 6.2.x before 6.2.9, and 6.3.x through 6.5.x before 6.5.1, QtSvg QSvgFont munitsPerEm initialization is mishandled...

6.5CVSS7AI score0.00877EPSS
Exploits0References1
OSV
OSV
added 2023/05/10 6:15 a.m.2 views

DEBIAN-CVE-2023-32573

In Qt before 5.15.14, 6.0.x through 6.2.x before 6.2.9, and 6.3.x through 6.5.x before 6.5.1, QtSvg QSvgFont munitsPerEm initialization is mishandled...

6.5CVSS6.2AI score0.00877EPSS
Exploits0References1
OSV
OSV
added 2023/05/10 6:15 a.m.6 views

UBUNTU-CVE-2023-32573

In Qt before 5.15.14, 6.0.x through 6.2.x before 6.2.9, and 6.3.x through 6.5.x before 6.5.1, QtSvg QSvgFont munitsPerEm initialization is mishandled...

6.5CVSS6.9AI score0.00877EPSS
Exploits0References4
CNNVD
CNNVD
added 2023/05/10 12:0 a.m.5 views

Qt 数字错误漏洞

Qt is a cross-platform C++ application development framework from the Norwegian company Qt. It is widely used to develop GUI programs, in which case it is also known as the widget toolkit. It can also be used to develop non-GUI programs, such as console tools and servers. A security vulnerability...

6.5CVSS6.8AI score0.00877EPSS
Exploits0References6
SUSE CVE
SUSE CVE
added 2023/02/15 5:20 a.m.6 views

SUSE CVE-2015-2646

Unspecified vulnerability in the Enterprise Manager for Oracle Database component in Oracle Enterprise Manager Grid Control EM Base Platform: 11.1.0.1; EM Plugin for DB: 12.1.0.5, 12.1.0.6, 12.1.0.7; EM DB Control: 11.1.0.7, 11.2.0.3, and 11.2.0.4 allows remote attackers to affect integrity via...

4.3CVSS6.3AI score0.01957EPSS
Exploits0References4
CVE
CVE
added 2023/01/03 11:0 a.m.65 views

CVE-2022-4871

CVE-2022-4871 affects nflpick-em.com up to version 2.2.x. The vulnerability is in the _Load_Users function of html/includes/runtime/admin/JSON/LoadUsers.php, where manipulating the sort parameter enables SQL injection. The administrative JSON entrypoint is required for exploitation, and remote in...

7.2CVSS6.2AI score0.00651EPSS
Exploits0References3Affected Software1
OSSF Malicious Packages
OSSF Malicious Packages
added 2022/06/20 8:8 p.m.3 views

Malicious code in babel-plugin-svg-em-dimensions (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware f9313bfc7ff221388bac4316b84a9101c98eeb6b714f66930ec782a9ef19c4ee Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

6.9AI score
Exploits0References1
BDU FSTEC
BDU FSTEC
added 2022/03/04 12:0 a.m.10 views

The vulnerability of the server application for managing food manufacturing enterprises AK-EM 800, related to the use of rigidly encrypted accounting data, allows a perpetrator to increase their privileges.

The vulnerability of the server application for managing food manufacturing enterprises AK-EM 800 is related to the use of rigidly encrypted accounting data. Exploiting this vulnerability can allow attackers to enhance their privileges...

7.8CVSS5.5AI score
Exploits0References1Affected Software1
BDU FSTEC
BDU FSTEC
added 2022/03/04 12:0 a.m.11 views

The vulnerability of the server application for managing food manufacturing enterprises AK-EM 800 is related to incorrect default access rights settings, allowing a perpetrator to execute arbitrary codes.

The vulnerability of the server application for managing food manufacturing enterprises AK-EM 800 is related to incorrect default access rights settings. Exploiting this vulnerability could allow an attacker to execute arbitrary code with privileges of SYSTEM...

7.8CVSS6AI score
Exploits0References1Affected Software1
Openbugbounty
Openbugbounty
added 2022/02/02 8:23 a.m.8 views

em-consulte.com Cross Site Scripting vulnerability OBB-2355489

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

6.2AI score
Exploits0
OpenVAS
OpenVAS
added 2022/01/28 12:0 a.m.18 views

Mageia: Security Advisory (MGASA-2021-0172)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.4CVSS7.5AI score0.00905EPSS
Exploits1References4
Openbugbounty
Openbugbounty
added 2021/10/31 5:8 p.m.5 views

em-stede.eu Improper Access Control vulnerability OBB-2219496

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

0.1AI score
Exploits0
BDU FSTEC
BDU FSTEC
added 2021/10/13 12:0 a.m.10 views

The vulnerability of the Bluetooth Classic microprogramming device implementation for CC256xCQFN-EM devices allows a intruder to cause a service failure.

The vulnerability of the Bluetooth Classic microprogramming device implementation for CC256xCQFN-EM devices is related to overflow errors in dynamic memory buffers. Exploiting this vulnerability can allow a remote attacker to cause the device to fail to perform its functions...

6.5CVSS6.6AI score0.00581EPSS
Exploits0References3
BDU FSTEC
BDU FSTEC
added 2021/10/08 12:0 a.m.6 views

The vulnerability of the Bluetooth Classic microprogramming device implementation for CC256xCQFN-EM devices allows a intruder to cause a service failure.

The vulnerability of the Bluetooth Classic microprogramming device implementation for CC256xCQFN-EM devices is related to overflow errors in dynamic memory buffers. Exploiting this vulnerability can allow a remote attacker to cause the device to fail to perform its functions...

6.5CVSS6.7AI score0.00504EPSS
Exploits0References5
Rows per page
Query Builder