Lucene search
K

63 matches found

Tenable Nessus
Tenable Nessus
added 2025/08/30 12:0 a.m.4 views

Linux Distros Unpatched Vulnerability : CVE-2020-1774

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - When user downloads PGP or S/MIME keys/certificates, exported file has same name for private and public keys. Therefore it's possible to mix them and to send...

4.9CVSS5.5AI score0.00912EPSS
Exploits0References2
Microsoft KB
Microsoft KB
added 2025/08/12 7:0 a.m.11 views

Description of the security update for Microsoft Exchange Server 2019: August 12, 2025 (KB5063222)

Description of the security update for Microsoft Exchange Server 2019: August 12, 2025 KB5063222 Original article content This security update rollup resolves vulnerabilities in Microsoft Exchange Server. To learn more about these vulnerabilities, see the following Common Vulnerabilities and...

7.5CVSS6.1AI score0.01267EPSS
Exploits0
OSV
OSV
added 2025/08/09 5:15 a.m.4 views

CVE-2025-8745

A vulnerability, which was classified as problematic, has been found in Weee RICEPO App 6.17.77 on Android. This issue affects some unknown processing of the file AndroidManifest.xml of the component com.ricepo.app. The manipulation leads to improper export of android application components. An...

5.5CVSS4.7AI score0.00198EPSS
Exploits1References5
OSV
OSV
added 2025/08/05 11:30 p.m.6 views

CVE-2025-54125 XWiki Platform: Password and email exposure in xml.vm fields

XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. XWiki Platform Legacy Old Core and XWiki Platform Old Core versions 1.1 through 16.4.6, 16.5.0-rc-1 through 16.10.4 and 17.0.0-rc-1 through 17.1.0, the XML export of a page in XWiki that can b...

8.7CVSS6.4AI score0.01285EPSS
Exploits0References5
NVD
NVD
added 2025/07/28 5:16 a.m.10 views

CVE-2025-8258

A vulnerability, which was classified as problematic, has been found in Cool Mo Maigcal Number App up to 1.0.3 on Android. Affected by this issue is some unknown functionality of the file AndroidManifest.xml of the component com.sdmagic.number. The manipulation leads to improper export of android...

5.3CVSS0.002EPSS
Exploits1References4
CVE
CVE
added 2025/07/28 5:2 a.m.25 views

CVE-2025-8258

Summary of CVE-2025-8258 : Affects the Android app “Cool Mo Maigcal Number App” (version up to 1.0.3) and its AndroidManifest.xml handling for component com.sdmagic.number. The vulnerability allows improper export of Android components via a local attack path. Exploitation is indicated as publicl...

5.3CVSS7.1AI score0.002EPSS
Exploits1References4Affected Software1
Positive Technologies
Positive Technologies
added 2025/07/26 12:0 a.m.5 views

PT-2025-30987 · Yeelink · Yeelight App +1

Name of the Vulnerable Software and Affected Versions: Yeelink Yeelight App versions up to 3.5.4 Description: A vulnerability exists in the Yeelink Yeelight App on Android. The issue involves improper export of android application components due to manipulation of an unknown function within the...

5.3CVSS5.3AI score0.0021EPSS
Exploits1References8
CVE
CVE
added 2025/07/20 12:44 p.m.20 views

CVE-2025-7890

CVE-2025-7890 concerns the Dunamu StockPlus App (Android) up to version 7.62.10 . The vulnerability involves improper export of AndroidManifest.xml components in the package com.dunamu.stockplus caused by manipulation of an unknown functionality. A local attack is required. The exploit has been p...

5.5CVSS5.3AI score0.00277EPSS
Exploits1References5Affected Software1
Vulnrichment
Vulnrichment
added 2025/07/20 12:32 p.m.6 views

CVE-2025-7889 CallApp Caller ID App caller.id.phone.number.block AndroidManifest.xml improper export of android application components

A vulnerability was found in CallApp Caller ID App up to 2.0.4 on Android. It has been classified as problematic. Affected is an unknown function of the file AndroidManifest.xml of the component caller.id.phone.number.block. The manipulation leads to improper export of android application...

5.3CVSS5.2AI score0.00219EPSS
Exploits1References5
AlpineLinux
AlpineLinux
added 2025/07/04 8:16 a.m.12 views

CVE-2025-5351

A flaw was found in the key export functionality of libssh. The issue occurs in the internal function responsible for converting cryptographic keys into serialized formats. During error handling, a memory structure is freed but not cleared, leading to a potential double free issue if an additiona...

6.5CVSS6.6AI score0.00494EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2025/07/04 8:16 a.m.6 views

CVE-2025-5351

A flaw was found in the key export functionality of libssh. The issue occurs in the internal function responsible for converting cryptographic keys into serialized formats. During error handling, a memory structure is freed but not cleared, leading to a potential double free issue if an additiona...

6.5CVSS6.2AI score0.00494EPSS
Exploits0References3
NVD
NVD
added 2025/07/04 3:15 a.m.7 views

CVE-2025-6814

The Booking X plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the exportnow function in versions 1.0 to 1.1.2. This makes it possible for unauthenticated attackers to download all plugin data, including user accounts, user meta, and PayPal...

7.5CVSS0.00378EPSS
Exploits0References4
CNNVD
CNNVD
added 2025/06/06 12:0 a.m.6 views

WordPress plugin Modern Events Calendar Lite 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed in the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability exist...

5.3CVSS5.4AI score0.00288EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2025/06/04 12:0 a.m.6 views

PT-2025-23752

Name of the Vulnerable Software and Affected Versions Android versions prior to SMR Jun-2025 Release 1 Description The issue concerns the improper export of Android application components in Bluetooth, allowing local attackers to make devices discoverable. Recommendations For Android versions pri...

5.1CVSS5.4AI score0.00116EPSS
Exploits0References5
RedhatCVE
RedhatCVE
added 2025/05/23 8:1 a.m.7 views

CVE-2024-23193

E-Mails exported as PDF were stored in a cache that did not consider specific session information for the related user account. Users of the same service node could access other users E-Mails in case they were exported as PDF for a brief moment until caches were cleared. Successful exploitation...

5.3CVSS6.5AI score0.00545EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 7:46 a.m.8 views

CVE-2024-28111

Canarytokens helps track activity and actions on a network. Canarytokens.org supports exporting the history of a Canarytoken's incidents in CSV format. The generation of these CSV files is vulnerable to a CSV Injection vulnerability. This flaw can be used by an attacker who discovers an HTTP-base...

6.5CVSS7.4AI score0.00634EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 6:46 a.m.8 views

CVE-2024-36615

FFmpeg n7.0 has a race condition vulnerability in the VP9 decoder. This could lead to a data race if video encoding parameters were being exported, as the side data would be attached in the decoder thread while being read in the output thread...

5.9CVSS6.6AI score0.00436EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 3:36 a.m.7 views

CVE-2023-28458

pretalx 2.3.1 before 2.3.2 allows path traversal in HTML export a non-default feature. Organizers can trigger the overwriting with the standard pretalx 404 page content of an arbitrary file...

4.3CVSS6.8AI score0.03429EPSS
Exploits3References1
RedhatCVE
RedhatCVE
added 2025/05/22 3:25 p.m.10 views

CVE-2020-27358

An issue was discovered in REDCap 8.11.6 through 9.x before 10. The messenger's CSV feature that allows users to export their conversation threads as CSV allows non-privileged users to export one another's conversation threads by changing the threadid parameter in the request to the endpoint...

4.3CVSS6.8AI score0.02031EPSS
Exploits1
Cvelist
Cvelist
added 2025/05/01 11:31 p.m.25 views

CVE-2025-4185 Wangshen SecGate 3600 g=obj_area_export_save path traversal

A vulnerability, which was classified as critical, has been found in Wangshen SecGate 3600 2024. This issue affects some unknown processing of the file ?g=objareaexportsave. The manipulation of the argument filename leads to path traversal. The attack may be initiated remotely. The exploit has be...

6.5CVSS0.08693EPSS
Exploits0References4
Rows per page
Query Builder