Lucene search
K

3038 matches found

RedhatCVE
RedhatCVE
added 2025/05/22 10:35 a.m.11 views

CVE-2019-16957

SolarWinds Web Help Desk 12.7.0 allows XSS via the First Name field of a User Account...

5.4CVSS5.9AI score0.0147EPSS
Exploits1References1
CNVD
CNVD
added 2025/05/22 12:0 a.m.1 views

Employee Record System current_employees.php file cross-site scripting vulnerability

Employee Record System is an employee record system. Employee Record System suffers from a cross-site scripting vulnerability that stems from the lack of effective filtering and escaping of user-supplied data in the parameters employeedid/firstname/middlename/lastname in the file...

5.4CVSS4.4AI score0.00285EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/21 9:30 p.m.10 views

CVE-2004-2629

Multiple vulnerabilities in the H.323 protocol implementation for First Virtual Communications Click to Meet Express when used with H.323 conferencing endpoints, Click to Meet Premier, Conference Server, and V-Gate allow remote attackers to cause a denial of service, as demonstrated by the...

7.8CVSS7.4AI score0.0228EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/05/20 12:0 a.m.3 views

TYPO3 安全漏洞

TYPO3 is a free and open source content management system framework CMS/CMF from the Swiss TYPO3 Association. A security vulnerability exists in TYPO3 that stems from a database query where FrontendGroupRestriction is applied only to the first table, which could lead to a data leak. The following...

5.3CVSS6.3AI score0.00253EPSS
Exploits0References3
OSV
OSV
added 2025/05/16 9:14 p.m.10 views

CLSA-2025-1747430081 Fix of 50 CVEs

CVE-url: https://ubuntu.com/security/CVE-2021-47352 - virtio-net: Add validation for used length CVE-url: https://ubuntu.com/security/CVE-2024-46745 - Input: uinput - reject requests with unreasonable number of slots CVE-url: https://ubuntu.com/security/CVE-2024-44952 - driver core: Fix ueventsho...

7.8CVSS7AI score0.00351EPSS
Exploits3References1
CNNVD
CNNVD
added 2025/05/16 12:0 a.m.4 views

Code-Projects Employee Record System 代码注入漏洞

Code-Projects Employee Record System is a Code-Projects open source employee record system. Code-Projects Employee Record System version 1.0 has a code injection vulnerability, the vulnerability stems from the parameter employeedid/firstname/middlename/lastname in the file...

5.1CVSS4.8AI score0.00285EPSS
Exploits1References6
Schneier on Security
Schneier on Security
added 2025/05/15 11:0 a.m.11 views

AI-Generated Law

On April 14, Dubai's ruler, Sheikh Mohammed bin Rashid Al Maktoum, announced that the United Arab Emirates would begin using artificial intelligence to help write its laws. A new Regulatory Intelligence Office would use the technology to "regularly suggest updates" to the law and "accelerate the...

7.2AI score
Exploits0
OSV
OSV
added 2025/05/14 5:15 p.m.5 views

CVE-2025-44184

SourceCodester Best Employee Management System V1.0 is vulnerable to Cross Site Scripting XSS in /admin/profile.php via the websiteimage, fname, lname, contact, username, and address parameters...

4.8CVSS5.8AI score0.00231EPSS
Exploits2References2
GithubExploit
GithubExploit
added 2025/05/14 8:7 a.m.101 views

Exploit for Cross-site Scripting in Mayurik Best_Employee_Management_System

Vulnerabilities in SourceCodester Best Employee Management Sys...

5.4CVSS7AI score0.00231EPSS
Exploits4
Packet Storm News
Packet Storm News
added 2025/05/14 12:0 a.m.4 views

Detecting Sybil Addresses in Blockchain Airdrops: a Subgraph-Based Feature Propagation and Fusion Approach

Sybil attacks pose a significant security threat to blockchain ecosystems, particularly in token airdrop events. This paper proposes a novel sybil address identification method based on subgraph feature extraction lightGBM. The method first constructs a two-layer deep transaction subgraph for eac...

6.8AI score
Exploits0
CNNVD
CNNVD
added 2025/05/14 12:0 a.m.3 views

SourceCodester Best Employee Management System 跨站脚本漏洞

SourceCodester Best Employee Management System is a SourceCodester open source employee management system. A security vulnerability exists in version 1.0 of the SourceCodester Best Employee Management System due to an improper cleanup of the input of the parameters websiteimage, fname, lname,...

4.8CVSS6AI score0.00231EPSS
Exploits2References4
RedHat Linux
RedHat Linux
added 2025/05/13 9:7 a.m.4 views

requests: subsequent requests to the same host ignore cert verification

An incorrect control flow implementation vulnerability was found in Requests. If the first request in a session is made with verify=False, all subsequent requests to the same host will continue to ignore cert verification...

5.6CVSS7.1AI score0.0034EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2025/05/13 8:28 a.m.7 views

kernel: ext4: make sure the first directory block is not a hole

The syzbot constructs a directory that has no dirblock but is non-inline, i.e. the first directory block is a hole. And no errors are reported when creating files in this directory. Then, we get a directory block without '.' and '..' but with a valid dentry. This may cause some code that relies o...

5.5CVSS7.4AI score0.00224EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2025/05/13 8:28 a.m.5 views

kernel: dm cache: fix potential out-of-bounds access on the first resume

In the Linux kernel, the following vulnerability has been resolved: dm cache: fix potential out-of-bounds access on the first resume Out-of-bounds access occurs if the fast device is expanded unexpectedly before the first-time resume of the cache table. This happens because expanding the fast...

7.1CVSS6.8AI score0.00262EPSS
Exploits0References5
Circl
Circl
added 2025/05/12 1:52 a.m.6 views

CVE-2025-47187

creationtimestamp| type| source ---|---|--- 2025-05-12 01:52:58+00:00| seen| https://t.me/CyberBulletin/3248 2025-07-23 18:34:36+00:00| seen| https://infosec.exchange/users/cR0w/statuses/114903985408711756 2025-07-23 21:07:01+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3lunwfk7st...

7.5CVSS4.8AI score0.00861EPSS
Exploits0References3
Citrix
Citrix
added 2025/05/12 12:0 a.m.12 views

Fresh User layers hang/freeze on first logon

When logging on with a fresh profile/ user layer, the UL is created but logon process comes to a halt at a black screen force log off and log back fix the issue, the session is established and user desktop is shown...

7.1AI score
Exploits0
OpenVAS
OpenVAS
added 2025/05/07 12:0 a.m.2 views

Ensure That Users Are Required to Change Their Passwords Upon the First Login

If a password, such as one reset by an administrator, is not promptly changed in the service environment when it is not set by the user, it may lead to low-cost attacks. Therefore, it is necessary for users to change their password upon their initial login. However, the root user...

7AI score
Exploits0References3
Packet Storm News
Packet Storm News
added 2025/05/07 12:0 a.m.3 views

Large Language Models Are Autonomous Cyber Defenders

Fast and effective incident response is essential to prevent adversarial cyberattacks. Autonomous Cyber Defense ACD aims to automate incident response through Artificial Intelligence AI agents that plan and execute actions. Most ACD approaches focus on single-agent scenarios and leverage...

7.2AI score
Exploits0
Packet Storm News
Packet Storm News
added 2025/05/06 12:0 a.m.3 views

Directed Greybox Fuzzing Via Large Language Model

Directed greybox fuzzing DGF focuses on efficiently reaching specific program locations or triggering particular behaviors, making it essential for tasks like vulnerability detection and crash reproduction. However, existing methods often suffer from path explosion and randomness in input mutatio...

7.4AI score
Exploits0
OSV
OSV
added 2025/05/01 6:15 p.m.4 views

CVE-2025-32886

An issue was discovered on goTenna v1 devices with app 5.5.3 and firmware 0.25.5. All packets sent over RF are also sent over UART with USB Shell, allowing someone with local access to gain information about the protocol and intercept sensitive data...

5.5CVSS5.8AI score0.00126EPSS
Exploits0References2
Rows per page
Query Builder