Lucene search
+L

57 matches found

SUSE CVE
SUSE CVE
added 2023/02/15 4:13 a.m.3 views

SUSE CVE-2019-10732

In KDE KMail 5.2.3, an attacker in possession of S/MIME or PGP encrypted emails can wrap them as sub-parts within a crafted multipart email. The encrypted parts can further be hidden using HTML/CSS or ASCII newline characters. This modified multipart email can be re-sent by the attacker to the...

4.3CVSS5.1AI score0.00586EPSS
Exploits1References5
Circl
Circl
added 2022/11/18 2:23 a.m.6 views

CVE-2022-42533

creationtimestamp| type| source ---|---|--- 2022-11-18 02:23:24+00:00| seen| https://t.me/cibsecurity/53138...

7.8CVSS7.1AI score0.00093EPSS
Exploits0References1
CNNVD
CNNVD
added 2020/12/30 12:0 a.m.10 views

Plone 代码问题漏洞

Plone is an open source content management system. A XXE XML External Entity Injection vulnerability exists in Plone versions prior to 5.2.3. An attacker can exploit this vulnerability to conduct XXE attacks...

8.8CVSS5.8AI score0.01066EPSS
Exploits0References4
CNVD
CNVD
added 2020/05/13 12:0 a.m.4 views

TYPO3 Direct Mail Component Input Validation Error Vulnerability

TYPO3 is a free and open source content management system framework CMS/CMF from the TYPO3 Association in Switzerland. direct Mail is an email marketing extension plugin used in it. A security vulnerability exists in the Direct Mail component of TYPO3 5.2.3 and earlier versions, which stems from...

6.1CVSS6.8AI score0.00781EPSS
Exploits0References1
CNVD
CNVD
added 2020/05/13 12:0 a.m.8 views

TYPO3 Direct Mail Component Denial of Service Vulnerability

TYPO3 is a free and open source content management system framework CMS/CMF from the TYPO3 Association in Switzerland. direct Mail is an email marketing extension plugin used in it. A security vulnerability exists in the Direct Mail component of TYPO3 5.2.3 and earlier versions. An attacker could...

5.3CVSS6.7AI score0.01279EPSS
Exploits0References1
CNVD
CNVD
added 2020/01/16 12:0 a.m.5 views

Pivotal Software Spring Framework Cross-Site Request Forgery Vulnerability

Pivotal Software Spring Framework is the U.S. Pivotal Software's set of open source Java, JavaEE application framework. The framework helps developers build high-quality applications . A cross-site request forgery vulnerability exists in Pivotal Software Spring Framework versions 5.2.x prior to...

5.3CVSS6.9AI score0.02382EPSS
Exploits1References1
OSV
OSV
added 2019/09/11 2:15 p.m.2 views

DEBIAN-CVE-2019-16221

WordPress before 5.2.3 allows reflected XSS in the dashboard...

6.1CVSS6.9AI score0.01767EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2019/09/11 12:0 a.m.10 views

PT-2019-5212 · WordPress · Wordpress

Name of the Vulnerable Software and Affected Versions: WordPress versions prior to 5.2.3 Description: The issue is related to incorrect URL sanitization in the wp kses bad protocol once function, which can lead to cross-site scripting XSS attacks. This could allow a remote attacker to compromise...

9.8CVSS6.3AI score0.4375EPSS
Exploits16References76
CNVD
CNVD
added 2019/08/21 12:0 a.m.5 views

Linux kernel resource management error vulnerability (CNVD-2019-32365)

Linux kernel is the kernel used by Linux, the open source operating system released by the Linux Foundation in the United States. A resource management error vulnerability exists in the drivers/media/usb/dvb-usb/dvb-usb-init.c file in versions of Linux kernel prior to 5.2.3. The vulnerability...

4.9CVSS7.7AI score0.00624EPSS
Exploits1References1
CNVD
CNVD
added 2019/07/30 12:0 a.m.5 views

Linux kernel integer overflow vulnerability (CNVD-2019-25055)

Linux kernel is the kernel used by Linux, the open source operating system released by the Linux Foundation in the United States. An integer overflow vulnerability exists in the 'setupformatparams' function in the drivers/block/floppy.c file in Linux kernel versions prior to 5.2.3. The...

6.2CVSS6.8AI score0.00703EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2019/04/29 12:0 a.m.9 views

PT-2019-4191 · Linux +3 · Linux Kernel +3

Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 5.2.3 Description: The issue is caused by an out-of-bounds access in the ath6kl wmi pstream timeout event rx and ath6kl wmi cac event rx functions in the file drivers/net/wireless/ath/ath6kl/wmi.c. This can allo...

10CVSS7.3AI score0.98745EPSS
Exploits63References938
RedHat Linux
RedHat Linux
added 2019/01/03 5:45 p.m.6 views

grafana: authentication bypass knowing only a username of an LDAP or OAuth user

Grafana 2.x, 3.x, and 4.x before 4.6.4 and 5.x before 5.2.3 allows authentication bypass because an attacker can generate a valid "remember me" cookie knowing only a username of an LDAP or OAuth user...

9.8CVSS7.4AI score0.64284EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2018/08/29 12:0 a.m.6 views

PT-2018-3433 · Grafana +1 · Grafana +1

Name of the Vulnerable Software and Affected Versions: Grafana versions 2.x through 4.x before 4.6.4 Grafana versions 5.x before 5.2.3 Description: The issue is related to authentication errors in the Grafana web tool, allowing an attacker to bypass authentication. This can be achieved by...

10CVSS6.5AI score0.64284EPSS
Exploits4References130
CNVD
CNVD
added 2015/10/22 12:0 a.m.5 views

Fortinet FortiOS Access Privilege Vulnerability

Fortinet FortiOS is a set of security operating system developed by the U.S. Fiat Fortinet company dedicated to FortiGate network security platform. The system provides users with firewall, antivirus, IPSec/SSL VPN, Web content filtering and anti-spam and other security features. An access...

9.3CVSS7.2AI score0.03401EPSS
Exploits0References1
CNVD
CNVD
added 2015/07/30 12:0 a.m.5 views

Fortinet FortiGate FortiOS Security Bypass Vulnerability

Fortinet FortiGate running FortiOS is a set of security operating system developed by American Fitta Fortinet company dedicated to FortiGate network security platform. The system provides users with firewall, antivirus, IPSec/SSL VPN, Web content filtering and anti-spam and other security feature...

6.7AI score
Exploits0References1
Positive Technologies
Positive Technologies
added 2014/05/14 12:0 a.m.6 views

PT-2014-3466 · Red Hat · Red Hat Cloudforms Management Engine

Name of the Vulnerable Software and Affected Versions: Red Hat CloudForms Management Engine CFME versions prior to 5.2.3.2 Description: The issue allows remote authenticated users to delete arbitrary catalogs by guessing the catalog ID, specifically targeting the CatalogController. Recommendation...

4CVSS6.3AI score0.01019EPSS
Exploits0References3
RedHat Linux
RedHat Linux
added 2008/07/16 9:55 a.m.6 views

php crash in glob() and fnmatch() functions

PHP before 5.2.3 allows context-dependent attackers to cause a denial of service application crash via 1 a long string in the pattern parameter to the glob function; or 2 a long string in the string parameter to the fnmatch function, accompanied by a pattern parameter value with undefined...

5CVSS6AI score0.04696EPSS
Exploits1References4
Rows per page
Query Builder