Lucene search
K

13 matches found

CNNVD
CNNVD
added 2026/05/02 12:0 a.m.10 views

WordPress plugin Gravity Forms 跨站脚本漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. WordPres...

7.2CVSS5.8AI score0.00239EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/02/10 3:2 a.m.29 views

CVE-2026-23686 CRLF Injection vulnerability in SAP NetWeaver Application Server Java

Due to a CRLF Injection vulnerability in SAP NetWeaver Application Server Java, an authenticated attacker with administrative access could submit specially crafted content to the application. If processed by the application, this content enables injection of untrusted entries into generated...

3.4CVSS0.00164EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.3 views

EUVD-2022-5162

Malicious code in bioql PyPI...

4.3CVSS6.2AI score0.01268EPSS
Exploits0References11
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2022-0479

Malicious code in bioql PyPI...

4.3CVSS6.1AI score0.00855EPSS
Exploits0References4
OSV
OSV
added 2023/04/11 5:15 p.m.3 views

CVE-2022-43955

An improper neutralization of input during web page generation CWE-79 in the FortiWeb web interface 7.0.0 through 7.0.3, 6.3.0 through 6.3.21, 6.4 all versions, 6.2 all versions, 6.1 all versions and 6.0 all versions may allow an unauthenticated and remote attacker to perform a reflected cross si...

6.1CVSS5.3AI score0.00642EPSS
Exploits0References1
RedHat Linux
RedHat Linux
added 2022/07/07 2:19 p.m.5 views

springframework: malicious input leads to insertion of additional log entries

In Spring Framework versions 5.3.0 - 5.3.10, 5.2.0 - 5.2.17, and older unsupported versions, it is possible for a user to provide malicious input to cause the insertion of additional log entries...

4.3CVSS6.8AI score0.01268EPSS
Exploits0References4
Github Security Blog
Github Security Blog
added 2022/01/12 11:4 p.m.70 views

Log entry injection in Spring Framework

In Spring Framework versions 5.3.0 - 5.3.13, 5.2.0 - 5.2.18, and older unsupported versions, it is possible for a user to provide malicious input to cause the insertion of additional log entries. This is a follow-up to CVE-2021-22096 that protects against additional types of input and in more...

4.3CVSS3.2AI score0.00855EPSS
Exploits0References4Affected Software1
OSV
OSV
added 2022/01/12 11:4 p.m.3 views

GHSA-6GF2-PVQW-37PH Log entry injection in Spring Framework

In Spring Framework versions 5.3.0 - 5.3.13, 5.2.0 - 5.2.18, and older unsupported versions, it is possible for a user to provide malicious input to cause the insertion of additional log entries. This is a follow-up to CVE-2021-22096 that protects against additional types of input and in more...

4.3CVSS7.1AI score0.00855EPSS
Exploits0References3
OSV
OSV
added 2021/10/28 4:15 p.m.4 views

DEBIAN-CVE-2021-22096

In Spring Framework versions 5.3.0 - 5.3.10, 5.2.0 - 5.2.17, and older unsupported versions, it is possible for a user to provide malicious input to cause the insertion of additional log entries...

4.3CVSS6.2AI score0.01268EPSS
Exploits0References1
OSV
OSV
added 2019/12/11 10:7 a.m.14 views

SUSE-SU-2019:3248-1 Security update for the Linux Kernel (Live Patch 0 for SLE 15 SP1)

This update for the Linux Kernel 4.12.14-195 fixes several issues. The following security issues were fixed: - CVE-2019-13272: Fixed a privilege escalation from user to root due to improper handling of credentials by leveraging certain scenarios with a parent-child process relationship bsc1156321...

9.3CVSS8.5AI score0.52199EPSS
Exploits21References5
Tenable Nessus
Tenable Nessus
added 2017/04/14 12:0 a.m.46 views

Cisco Firepower Threat Defense Device Manager Web UI Request Handling Arbitrary Log Entry Injection (cisco-sa-20170201-fpw2)

According to its version and configuration, the Cisco Firepower Threat Defense FTD software installed on the remote device is affected by an arbitrary log entry injection vulnerability in the Firepower Device Manager FDM due to improper validation of user-supplied input. An unauthenticated, remot...

5.3CVSS6AI score0.01479EPSS
Exploits0References2
CNVD
CNVD
added 2016/10/27 12:0 a.m.2 views

Atlassian Crowd LDAP Entry Injection Vulnerability

Atlassian Crowd is a web-based single sign-on system. A security vulnerability exists in Atlassian Crowd that could be exploited by a remote attacker to submit a special LDAP entry that injects malicious elements to execute arbitrary code...

9.8CVSS7.5AI score0.04705EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2006/09/05 12:0 a.m.16 views

Mailman < 2.1.9rc1 Spoofed Log Entry Injection

Binary data 3737.prm...

6.8CVSS7AI score0.06425EPSS
Exploits1References7
Rows per page
Query Builder