Lucene search
K

13 matches found

Tenable Nessus
Tenable Nessus
added 2026/06/08 12:0 a.m.10 views

AlmaLinux 10 : kernel (ALSA-2026:19569)

The remote AlmaLinux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2026:19569 advisory. kernel: net: afcan: do not leave a dangling sk pointer in cancreate CVE-2024-56603 kernel: net/sched: Make cakeenqueue return NETXMITCN when past...

9.8CVSS7.2AI score0.93235EPSS
Exploits45References15
OSV
OSV
added 2026/02/22 6:15 a.m.4 views

MAL-2026-980 Malicious code in the-storyverse (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 2885a4f6fa566cedcd5c365fe4435186a31ed8913af26f8a06bbee3d760e66cb The package the-storyverse was found to contain malicious code. Source: ossf-package-analysis...

5.6AI score
Exploits0
OSV
OSV
added 2025/10/07 11:34 a.m.3 views

SUSE-SU-2025:03467-1 Security update for rubygem-puma

This update for rubygem-puma fixes the following issues: Update to version 5.6.9. - CVE-2024-45614: improper header normalization allows for clients to clobber proxy set headers, which can lead to information leaks bsc1230848, fixed in an earlier update. - CVE-2024-21647: unbounded resource...

9.8CVSS6.4AI score0.00958EPSS
Exploits0References7
OSV
OSV
added 2025/10/07 11:33 a.m.3 views

SUSE-SU-2025:03466-1 Security update for rubygem-puma

This update for rubygem-puma fixes the following issues: Update to version 5.6.9. - CVE-2024-45614: improper header normalization allows for clients to clobber proxy set headers, which can lead to information leaks bsc1230848, fixed in an earlier update. - CVE-2024-21647: unbounded resource...

9.8CVSS6.4AI score0.00958EPSS
Exploits0References7
OSV
OSV
added 2025/07/21 4:15 p.m.3 views

CVE-2025-52373

Use of hardcoded cryptographic key in BlowFish.cpp in hMailServer 5.8.6 and 5.6.9-beta allows attacker to decrypt passwords used in database connections from hMailServer.ini config file...

4.6CVSS5.8AI score0.00294EPSS
Exploits1References3
CVE
CVE
added 2025/04/14 2:0 p.m.69 views

CVE-2025-3569

Affected software: JamesZBL/code-projects db-hospital-drug 1.0. The vulnerability resides in ShiroConfig.java and involves improper authorization. Exploitation is described as possible remotely; the exploit has been publicly disclosed. Documented impact is limited to authorization control, with n...

6.5CVSS6.3AI score0.00352EPSS
Exploits1References4Affected Software1
Positive Technologies
Positive Technologies
added 2023/09/09 12:0 a.m.5 views

PT-2023-30889 · Unknown · Xintian Smart Table Integrated Management System

Name of the Vulnerable Software and Affected Versions: Xintian Smart Table Integrated Management System version 5.6.9 Description: A critical issue was found in the Xintian Smart Table Integrated Management System. It affects an unknown function of the file /SysManage/AddUpdateSites.aspx,...

8.8CVSS6.9AI score0.00635EPSS
Exploits1References6
OSV
OSV
added 2023/09/01 8:15 p.m.3 views

CVE-2023-4712

A vulnerability, which was classified as critical, was found in Xintian Smart Table Integrated Management System 5.6.9. This affects an unknown part of the file /SysManage/AddUpdateRole.aspx. The manipulation of the argument txtRoleName leads to sql injection. The exploit has been disclosed to th...

9.8CVSS6.1AI score0.00696EPSS
Exploits1References3
Positive Technologies
Positive Technologies
added 2023/09/01 12:0 a.m.4 views

PT-2023-30323 · Unknown · Xintian Smart Table Integrated Management System

Name of the Vulnerable Software and Affected Versions: Xintian Smart Table Integrated Management System version 5.6.9 Description: A critical issue was found in the Xintian Smart Table Integrated Management System. This issue affects an unknown part of the file /SysManage/AddUpdateRole.aspx. The...

9.8CVSS6.2AI score0.00696EPSS
Exploits1References8
OSV
OSV
added 2022/11/28 2:15 p.m.5 views

CVE-2022-3769

The OWM Weather WordPress plugin before 5.6.9 does not properly sanitise and escape a parameter before using it in a SQL statement, leading to a SQL injection exploitable by users with a role as low as contributor...

8.8CVSS5.8AI score0.01053EPSS
Exploits2References2
CNVD
CNVD
added 2019/08/06 12:0 a.m.2 views

EspoCRM Cross-Site Scripting Vulnerability (CNVD-2019-30788)

EspoCRM is an open source web-based customer relationship management CRM system. The system provides features such as sales automation, community and customer support. A cross-site scripting vulnerability exists in EspoCRM versions prior to 5.6.9, which can be exploited by an attacker to execute...

5.4CVSS6.4AI score0.0108EPSS
Exploits1References1
CNVD
CNVD
added 2019/08/06 12:0 a.m.7 views

EspoCRM Cross-Site Scripting Vulnerability (CNVD-2019-30786)

EspoCRM is an open source web-based customer relationship management CRM system. The system provides features such as sales automation, community and customer support. A cross-site scripting vulnerability exists in EspoCRM versions prior to 5.6.9, which can be exploited by an attacker to execute...

5.4CVSS6.4AI score0.0108EPSS
Exploits1References1
Microsoft Security Update
Microsoft Security Update
added 1976/01/01 12:0 a.m.4 views

2021-07 .NET 5.0.8 Update for ARM64 Client (KB5004698)

2021-07 .NET 5.0.8 Update for ARM64 Client KB5004698...

7AI score
Exploits0
Rows per page
Query Builder