Lucene search
+L

365 matches found

CVE
CVE
added 2025/08/20 8:36 a.m.20 views

CVE-2025-9229

MiR software (Mobile Industrial Robots MiR controllers/robotics ecosystem) is affected prior to version 3.0.0. The issue is an information-disclosure vulnerability rooted in the error handling mechanism, which allows unauthenticated attackers to access verbose error pages and view detailed data s...

5.3CVSS7AI score0.00266EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2025/08/20 8:36 a.m.4 views

CVE-2025-9229 Information Disclosure in MiR robots and MiR fleet through verbose error pages

Information disclosure vulnerability in error handling in MiR software prior to version 3.0.0 allows unauthenticated attackers to view detailed error information, such as file paths and other data, via access to verbose error pages...

5.3CVSS7AI score0.00266EPSS
Exploits0References2
Cvelist
Cvelist
added 2025/08/20 8:36 a.m.14 views

CVE-2025-9229 Information Disclosure in MiR robots and MiR fleet through verbose error pages

Information disclosure vulnerability in error handling in MiR software prior to version 3.0.0 allows unauthenticated attackers to view detailed error information, such as file paths and other data, via access to verbose error pages...

5.3CVSS0.00266EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/08/08 12:0 a.m.4 views

Linux Distros Unpatched Vulnerability : CVE-2017-5664

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The error page mechanism of the Java Servlet Specification requires that, when an error occurs and an error page is configured for the error that occurred, the...

7.5CVSS7.8AI score0.16567EPSS
Exploits1References2
Wiz blog
Wiz blog
added 2025/07/23 12:0 p.m.3 views

Soco404: Multiplatform Cryptomining Campaign Uses Fake Error Pages to Hide Payload

Wiz Research has identified a new iteration of a broader malicious cryptomining campaign, which we’ve dubbed Soco404...

7.2AI score
Exploits0
RedhatCVE
RedhatCVE
added 2025/05/23 3:34 a.m.12 views

CVE-2023-27998

A lack of custom error pages vulnerability CWE-756 in FortiPresence versions 1.2.0 through 1.2.1 and all versions of 1.1 and 1.0 may allow an unauthenticated attacker with the ability to navigate to the login GUI to gain sensitive information via navigating to specific HTTPs paths...

5.3CVSS6.8AI score0.004EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 12:42 a.m.12 views

CVE-2022-32269

In Real Player 20.0.8.310, the G2 Control allows injection of unsafe javascript: URIs in local HTTP error pages displayed by Internet Explorer core. This leads to arbitrary code execution...

9.8CVSS7.5AI score0.03164EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/22 5:30 p.m.7 views

CVE-2020-6254

SAP Enterprise Threat Detection, versions 1.0, 2.0, does not sufficiently encode error response pages in case of errors, allowing XSS payload reflecting in the response, leading to reflected Cross Site Scripting...

6.1CVSS6.1AI score0.00654EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 4:45 p.m.9 views

CVE-2020-6223

The open document of SAP Business Objects Business Intelligence Platform, versions 4.1, 4.2, allows an attacker to modify certain error pages to include malicious content. This can misdirect a user who is tricked into accessing these error pages rendered by the application, leading to Content...

6.1CVSS6.7AI score0.00655EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 5:10 a.m.13 views

CVE-2018-12297

Cross-site scripting in API error pages in Seagate NAS OS version 4.3.15.1 allows attackers to execute JavaScript via URL path names...

6.1CVSS6.7AI score0.00692EPSS
Exploits1References1
OSV
OSV
added 2025/04/01 12:30 a.m.8 views

GHSA-RHXM-R44M-4325 Drupal Ignition Cross-Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Drupal Ignition Error Pages allows Cross-Site Scripting XSS. This issue affects Ignition Error Pages: from 0.0.0 before 1.0.4...

6.1CVSS6.5AI score0.00242EPSS
Exploits0References3
Github Security Blog
Github Security Blog
added 2025/04/01 12:30 a.m.16 views

Drupal Ignition Cross-Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Drupal Ignition Error Pages allows Cross-Site Scripting XSS. This issue affects Ignition Error Pages: from 0.0.0 before 1.0.4...

6.1CVSS6.5AI score0.00242EPSS
Exploits0References3Affected Software1
NVD
NVD
added 2025/03/31 10:15 p.m.8 views

CVE-2025-31679

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Drupal Ignition Error Pages allows Cross-Site Scripting XSS.This issue affects Ignition Error Pages: from 0.0.0 before 1.0.4...

6.1CVSS0.00242EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/03/31 9:38 p.m.7 views

CVE-2025-31679 Ignition Error Pages - Critical - Cross Site Scripting - SA-CONTRIB-2025-007

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Drupal Ignition Error Pages allows Cross-Site Scripting XSS.This issue affects Ignition Error Pages: from 0.0.0 before 1.0.4...

6.1AI score0.00242EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/03/31 9:38 p.m.39 views

CVE-2025-31679 Ignition Error Pages - Critical - Cross Site Scripting - SA-CONTRIB-2025-007

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Drupal Ignition Error Pages allows Cross-Site Scripting XSS.This issue affects Ignition Error Pages: from 0.0.0 before 1.0.4...

0.00242EPSS
Exploits0References1
OSV
OSV
added 2025/03/31 9:38 p.m.6 views

CVE-2025-31679 Ignition Error Pages - Critical - Cross Site Scripting - SA-CONTRIB-2025-007

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Drupal Ignition Error Pages allows Cross-Site Scripting XSS.This issue affects Ignition Error Pages: from 0.0.0 before 1.0.4...

6.1CVSS5.9AI score0.00242EPSS
Exploits0References5
CNNVD
CNNVD
added 2025/03/31 12:0 a.m.8 views

Drupal Ignition Error Pages 跨站脚本漏洞

Drupal Ignition Error Pages is a module of the Drupal community that provides custom error pages e.g. 404, 500, etc. to improve the user experience. A cross-site scripting vulnerability exists in Drupal Ignition Error Pages versions prior to 1.0.4, which stems from improper input neutralization a...

6.1CVSS5.7AI score0.00242EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2025/03/31 12:0 a.m.5 views

PT-2025-13843 · Drupal · Ignition Error Pages

Name of the Vulnerable Software and Affected Versions: Ignition Error Pages versions 0.0.0 through 1.0.3 Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting XSS, in Drupal Ignition Error Pages. This allows for...

6.1CVSS5.6AI score0.00242EPSS
Exploits0References7
Tenable Nessus
Tenable Nessus
added 2025/03/04 12:0 a.m.18 views

Linux Distros Unpatched Vulnerability : CVE-2018-10547

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in ext/phar/pharobject.c in PHP before 5.6.36, 7.0.x before 7.0.30, 7.1.x before 7.1.17, and 7.2.x before 7.2.5. There is Reflected XSS ...

6.1CVSS7AI score0.0363EPSS
Exploits0References2
CNNVD
CNNVD
added 2025/02/11 12:0 a.m.4 views

Octopus Server 安全漏洞

Octopus Server is a deployment automation and release management tool for continuous delivery from Octopus Australia. A security vulnerability exists in Octopus Server that stems from insecure handling of error messages on error pages...

5.4CVSS6.7AI score0.00234EPSS
Exploits0References1
Rows per page
Query Builder