Lucene search
+L

8 matches found

Positive Technologies
Positive Technologies
added 2026/06/26 12:0 a.m.11 views

PT-2026-52843

Name of the Vulnerable Software and Affected Versions LXD versions prior to 6.9 LXD version 5.21 Description A nil-pointer dereference occurs in the CreateCustomVolumeFromBackup function when processing a specially crafted custom-volume backup tarball that omits the expires at snapshot field. An...

6.5CVSS6AI score0.00389EPSS
Exploits1References5
OSV
OSV
added 2025/07/01 10:15 a.m.8 views

CVE-2025-6756

The Ultra Addons for Contact Form 7 plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's UACF7CUSTOMFIELDS shortcode in all versions up to, and including, 3.5.21 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it...

5.4CVSS6AI score0.00204EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2025/05/23 3:27 a.m.5 views

CVE-2023-2614

Cross-site Scripting XSS - DOM in GitHub repository pimcore/pimcore prior to 10.5.21...

6.8CVSS6AI score0.00497EPSS
Exploits1References1
Positive Technologies
Positive Technologies
added 2024/12/10 12:0 a.m.15 views

PT-2024-9906 · Adobe · Experience Manager

Name of the Vulnerable Software and Affected Versions: Adobe Experience Manager versions 6.5.21 and earlier Description: The issue is related to insufficient protection of the web page structure in Adobe Experience Manager, which could allow a remote attacker to execute arbitrary code...

5.5CVSS6.1AI score0.00517EPSS
Exploits0References8
OSV
OSV
added 2024/11/07 10:15 p.m.4 views

CVE-2024-49524

Adobe Experience Manager versions 6.5.20 and earlier are affected by a DOM-based Cross-Site Scripting XSS vulnerability that could be exploited by an attacker to execute arbitrary code in the context of the victim's browser session. By manipulating a DOM element through a crafted URL or user inpu...

5.4CVSS6AI score0.00369EPSS
Exploits0References1
CNNVD
CNNVD
added 2024/09/10 12:0 a.m.20 views

Zyxel NAS542和NAS326 操作系统命令注入漏洞

Zyxel NAS542 and Zyxel NAS326 are both products of the Chinese company Hopkins Zyxel.Zyxel NAS542 is a NAS Network Attached Storage device.Zyxel NAS326 is a cloud storage NAS. An operating system command injection vulnerability exists in Zyxel NAS326 version V5.21AAZF.18C0 and earlier and NAS542...

9.8CVSS9.2AI score0.02064EPSS
Exploits0References2
OSV
OSV
added 2024/06/04 2:15 a.m.7 views

CVE-2024-29973

UNSUPPORTED WHEN ASSIGNED The command injection vulnerability in the “setCookie” parameter in Zyxel NAS326 firmware versions before V5.21AAZF.17C0 and NAS542 firmware versions before V5.21ABAG.14C0 could allow an unauthenticated attacker to execute some operating system OS commands by sending a...

9.8CVSS5.9AI score0.86089EPSS
Exploits7References2
Vulnrichment
Vulnrichment
added 2023/04/27 12:0 a.m.9 views

CVE-2023-2342 Cross-site Scripting (XSS) - Reflected in pimcore/pimcore

Cross-site Scripting XSS - Reflected in GitHub repository pimcore/pimcore prior to 10.5.21...

4CVSS4.7AI score0.00419EPSS
Exploits1References2
Rows per page
Query Builder