Lucene search
K

334 matches found

Tenable Nessus
Tenable Nessus
added 2025/02/10 12:0 a.m.7 views

Azure Linux 3.0 Security Update: libcxx / llvm / rust (CVE-2024-31852)

The version of libcxx / llvm / rust installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-31852 advisory. - LLVM before 18.1.3 generates code in which the LR register can be overwritten without data bei...

5.9CVSS6.1AI score0.00991EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/02/10 12:0 a.m.8 views

Azure Linux 3.0 Security Update: mysql (CVE-2024-21203)

The version of mysql installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-21203 advisory. - Vulnerability in the MySQL Server product of Oracle MySQL component: Server: FTS. Supported versions that are...

4.9CVSS6.2AI score0.00894EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2025/01/21 12:0 a.m.5 views

PT-2025-4254 · Oracle · Oracle Analytics Desktop

Name of the Vulnerable Software and Affected Versions: Oracle Analytics Desktop versions prior to 8.1.0 Description: The issue is related to a vulnerability in the Oracle Analytics Desktop product, specifically in the Install component. This vulnerability can be easily exploited by a low-privileg...

7.8CVSS8.7AI score0.00258EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2025/01/16 12:0 a.m.6 views

PT-2025-4739

Name of the Vulnerable Software and Affected Versions RE11S version 1.11 Description A stack overflow issue was discovered in the setWAN function via the pptpUserName parameter. This issue can be exploited, potentially leading to unintended consequences. No information is available about the...

10CVSS7.2AI score0.00606EPSS
Exploits1References13
Positive Technologies
Positive Technologies
added 2025/01/08 12:0 a.m.5 views

PT-2025-1086 · Gitlab · Gitlab Ce/Ee

Name of the Vulnerable Software and Affected Versions: GitLab CE/EE versions 15.7 through 17.5.5 GitLab CE/EE versions 17.6 through 17.6.3 GitLab CE/EE versions 17.7 through 17.7.1 Description: An issue was discovered in GitLab CE/EE that allows a denial of service DoS by creating cyclic referenc...

4.3CVSS4.2AI score0.00692EPSS
Exploits1References15
OSV
OSV
added 2024/12/26 12:15 p.m.6 views

CVE-2024-47155

Some Honor products are affected by information leak vulnerability, successful exploitation could cause the information leak...

5.5CVSS5.8AI score0.00157EPSS
Exploits0References1
CVE
CVE
added 2024/12/13 2:22 p.m.37 views

CVE-2022-46811

CVE-2022-46811 affects the WordPress plugin ALD – Dropshipping and Fulfillment for AliExpress and WooCommerce (VillaTheme) up to version 1.0.21. The root cause is Missing Authorization / Access Control allowing broken access control and CSRF-related issues. The CVSSv3.1 base score is 4.3 (Medium)...

4.3CVSS8.6AI score0.00512EPSS
Exploits0References1
CVE
CVE
added 2024/12/10 12:0 a.m.229 views

CVE-2024-55550

CVE-2024-55550 affects Mitel MiCollab up to 9.8 SP2. The primary description indicates an authenticated administrator can perform a local file read due to insufficient input sanitization, exposing non-sensitive system information without modification or privilege escalation. The connected nuclei ...

4.4CVSS6.5AI score0.38104EPSS
In wildExploits0References3Affected Software1
Positive Technologies
Positive Technologies
added 2024/11/03 12:0 a.m.8 views

PT-2024-16509 · Unknown · Datatables +1

Name of the Vulnerable Software and Affected Versions: PHPGurukul Online Shopping Portal version 2.0 Description: A vulnerability was found in the PHPGurukul Online Shopping Portal, affecting some unknown functionality of the file /admin/assets/plugins/DataTables/media/unit...

6.1CVSS4.3AI score0.00367EPSS
Exploits1References11
Positive Technologies
Positive Technologies
added 2024/10/27 12:0 a.m.3 views

PT-2024-16267 · Unknown · Sourcecodester Attendance/Payroll System

Name of the Vulnerable Software and Affected Versions: SourceCodester Attendance and Payroll System version 1.0 Description: A critical issue has been found in the system, affecting the processing of the file /admin/overtime add.php. The manipulation of the id argument leads to SQL injection. The...

9.8CVSS7.1AI score0.00414EPSS
Exploits0References8
Positive Technologies
Positive Technologies
added 2024/10/11 12:0 a.m.5 views

PT-2025-25265 · Trend Micro · Trend Micro Endpoint Encryption

Name of the Vulnerable Software and Affected Versions: Trend Micro Endpoint Encryption versions prior to 6.0.0.4013 Description: An insecure deserialization operation in the Trend Micro Endpoint Encryption PolicyServer could lead to a pre-authentication remote code execution on affected...

9.8CVSS9.5AI score0.08324EPSS
Exploits0References21
Positive Technologies
Positive Technologies
added 2024/10/08 12:0 a.m.4 views

PT-2024-7353 · Ivanti · Ivanti Cloud Services Appliance

Name of the Vulnerable Software and Affected Versions: Ivanti Cloud Services Appliance versions prior to 5.0.2 Description: The issue is related to a SQL injection vulnerability in the admin web console of Ivanti Cloud Services Appliance. This vulnerability allows a remote authenticated attacker...

8.5CVSS9.3AI score0.62988EPSS
Exploits0References69
Positive Technologies
Positive Technologies
added 2024/09/28 12:0 a.m.7 views

PT-2024-39567 · Sourcecodester · Sourcecodester Advocate Office Management System

Name of the Vulnerable Software and Affected Versions: SourceCodester Advocate Office Management System version 1.0 Description: A critical issue has been found in the system, affecting some unknown functionality of the file /control/activate.php. The manipulation of the id argument leads to SQL...

9.8CVSS7.2AI score0.00544EPSS
Exploits1References9
Positive Technologies
Positive Technologies
added 2024/09/18 12:0 a.m.3 views

PT-2024-23818 · Open Networking Foundation · Libfluid

Name of the Vulnerable Software and Affected Versions: libfluid version 0.1.0 Description: The issue is an Out-of-bounds Read vulnerability in the Open Networking Foundation ONF libfluid, specifically in the libfluid msg modules. It is associated with the program routines fluid...

7.5CVSS7.2AI score0.00394EPSS
Exploits0References5
CNVD
CNVD
added 2024/09/12 12:0 a.m.14 views

Microsoft SharePoint Server Denial of Service Vulnerability (CNVD-2024-39522)

Microsoft SharePoint Server is an enterprise business collaboration platform from Microsoft. The platform is used to consolidate business information and enable sharing of work, collaborating with others, organizing projects and workgroups, and searching for people and information. A denial of...

7.5CVSS6.4AI score0.04501EPSS
Exploits0References1
CNNVD
CNNVD
added 2024/09/11 12:0 a.m.6 views

Reedos aiM-Star 安全漏洞

Reedos aiM-Star is a software product from Reedos for mutual fund distribution. A security vulnerability exists in Reedos aiM-Star version 2.0.1, which stems from a lack of rate limiting for OTP requests in certain API endpoints, which could allow an attacker to send multiple OTP requests through...

8.7CVSS6.7AI score0.00498EPSS
Exploits0References2
CNVD
CNVD
added 2024/08/14 12:0 a.m.7 views

Code Execution Vulnerability in Multiple Mozilla Products (CNVD-2024-40525)

Mozilla Firefox is an open source web browser.Mozilla Firefox ESR is an extended support version of Firefox the web browser.Mozilla Thunderbird is a suite of email client software separate from the Mozilla Application Suite. A code execution vulnerability exists in several Mozilla products, which...

9.6CVSS8.1AI score0.00589EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2024/08/14 12:0 a.m.14 views

PT-2024-5858

Name of the Vulnerable Software and Affected Versions NGINX Open Source and NGINX Plus versions prior to 1.26.2 NGINX Open Source and NGINX Plus versions prior to 1.27.1 Description The issue is related to a buffer overread vulnerability in the ngx http mp4 module, which might allow an attacker t...

9.8CVSS8.2AI score0.99999EPSS
Exploits43References125
BDU FSTEC
BDU FSTEC
added 2024/07/17 12:0 a.m.7 views

The vulnerability of the Remote Desktop Licensing Service for Windows operating systems allows a perpetrator to trigger a service failure.

The vulnerability of the Remote Desktop Licensing Service for Windows operating systems is related to pointer swapping errors. Exploiting this vulnerability could allow a malicious actor to cause service failures remotely...

7.8CVSS5.5AI score0.02155EPSS
Exploits0References2
Microsoft CVE
Microsoft CVE
added 2024/06/30 2:0 p.m.5 views

LLVM before 18.1.3 generates code in which the LR register can be overwritten without data being saved to the stack and thus there can sometimes be an exploitable error in the flow of control. This affects the ARM backend and can be demonstrated with Clang. NOTE: the vendor perspective is "we don't have strong objections for a CVE to be created ... It does seem that the likelihood of this miscompile enabling an exploit remains very low because the miscompile resulting in this JOP gadget is such that the function is most likely to crash on most valid inputs to the function. So if this function is covered by any testing the miscompile is most likely to be discovered before the binary is shipped to production."

...

5.9CVSS5.8AI score0.00991EPSS
Exploits0
Rows per page
Query Builder