Lucene search
K

32 matches found

RedhatCVE
RedhatCVE
added 2026/01/09 9:16 a.m.5 views

CVE-2025-40834

A vulnerability has been identified in Mendix RichText All versions = V4.0.0 V4.6.1. Affected widget does not properly neutralize the input. This could allow an attacker to execute cross-site scripting attacks...

6.8CVSS6.4AI score0.00206EPSS
Exploits0References1
OpenVAS
OpenVAS
added 2026/01/07 12:0 a.m.3 views

Joomla! XSS Vulnerability (20260101)

Joomla! is prone to a cross-site scripting XSS vulnerability. SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:joomla:joomla";...

8.4CVSS4.7AI score0.00175EPSS
Exploits0References1
Schneier on Security
Schneier on Security
added 2025/11/17 12:5 p.m.5 views

More Prompt||GTFO

The next three in this series on online events highlighting interesting uses of AI in cybersecurity are online: 4, 5, and 6. Well worth watching...

7AI score
Exploits0
Cvelist
Cvelist
added 2025/11/17 11:39 a.m.7 views

CVE-2025-40834

A vulnerability has been identified in Mendix RichText All versions = V4.0.0 V4.6.1. Affected widget does not properly neutralize the input. This could allow an attacker to execute cross-site scripting attacks...

6.8CVSS0.00206EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/09/26 12:0 a.m.7 views

SonarQube 操作系统命令注入漏洞

SonarQube is a code inspection tool from Sonar Open Source. An operating system command injection vulnerability exists in SonarQube versions 4.0.0 through prior to 6.0.0, which stems from a failure to properly validate user input on the Windows runner and could lead to arbitrary command execution...

7.7CVSS7.6AI score0.01507EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2025/09/10 12:0 a.m.4 views

Linux Distros Unpatched Vulnerability : CVE-2016-0803

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - libstagefright in mediaserver in Android 4.x before 4.4.4, 5.x before 5.1.1 LMY49G, and 6.x before 2016-02-01 allows remote attackers to execute arbitrary code ...

10CVSS9.1AI score0.02518EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/08/19 12:0 a.m.6 views

Linux Distros Unpatched Vulnerability : CVE-2016-3758

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Multiple buffer overflows in libdex/OptInvocation.cpp in DexClassLoader in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before...

9.3CVSS7.8AI score0.00444EPSS
Exploits0References2
CNNVD
CNNVD
added 2024/05/02 12:0 a.m.5 views

xml-crypto 安全漏洞

NPM xml-crypto is a digital signature and cryptography library from NPM. A security vulnerability in xml-crypto versions 4.0.0 through 6.0.0, which stems from a default configuration that does not check the authorization of the signer, allows attackers to bypass XML signature verification...

10CVSS8.7AI score0.00833EPSS
Exploits1References8
OSV
OSV
added 2024/03/24 1:15 a.m.6 views

UBUNTU-CVE-2024-30161

In Qt 6.5.4, 6.5.5, and 6.6.2, QNetworkReply header data might be accessed via a dangling pointer in Qt for WebAssembly wasm. Earlier and later versions are unaffected...

6.5CVSS5.8AI score0.00452EPSS
Exploits0References4
OSV
OSV
added 2023/12/26 6:15 a.m.3 views

CVE-2023-49117

PowerCMS 6 Series, 5 Series, and 4 Series contains a stored cross-site scripting vulnerability. If this vulnerability is exploited, an arbitrary script may be executed on a logged-in user's web browser. Note that all versions of PowerCMS 3 Series and earlier which are unsupported End-of-Life, EOL...

5.4CVSS5.6AI score
Exploits0References2
Positive Technologies
Positive Technologies
added 2023/12/25 12:0 a.m.3 views

PT-2023-8311 · Powercms · Powercms

Name of the Vulnerable Software and Affected Versions: PowerCMS versions 4 Series through 6 Series PowerCMS versions 3 Series and earlier Description: The issue is related to an open redirect vulnerability. It allows a remote attacker to redirect users to arbitrary web sites via a specially craft...

6.1CVSS6.3AI score0.00402EPSS
Exploits0References8
SUSE CVE
SUSE CVE
added 2023/07/15 2:18 a.m.2 views

SUSE CVE-2023-3648

Kafka dissector crash in Wireshark 4.0.0 to 4.0.6 and 3.6.0 to 3.6.14 allows denial of service via packet injection or crafted capture file...

3.3CVSS7AI score0.00232EPSS
Exploits0References4
CNNVD
CNNVD
added 2023/03/22 12:0 a.m.4 views

Hewlett Packard Enterprise Integrated Lights-Out 跨站脚本漏洞

Hewlett Packard Enterprise Integrated Lights-Out is a remote control solution from Hewlett Packard Enterprise. The solution enables remote monitoring and operation of IT assets such as servers. A security vulnerability exists in Hewlett Packard Enterprise Integrated Lights-Out 6 iLO 6, Integrated...

8.3CVSS5.5AI score0.00445EPSS
Exploits0References2
SUSE CVE
SUSE CVE
added 2023/02/15 6:10 a.m.5 views

SUSE CVE-2007-5461

Absolute path traversal vulnerability in Apache Tomcat 4.0.0 through 4.0.6, 4.1.0, 5.0.0, 5.5.0 through 5.5.25, and 6.0.0 through 6.0.14, under certain configurations, allows remote authenticated users to read arbitrary files via a WebDAV write request that specifies an entity with a SYSTEM tag...

3.5CVSS5AI score0.39681EPSS
Exploits2References9
vulnersOsv
vulnersOsv
added 2022/08/06 5:40 a.m.5 views

org.dataone.dspace:auto-versioning-xmlui (>=5.4.0 <=5.4.2), org.dspace.modules:xmlui (>=4.0 <=6.3) potentially affected by CVE-2022-31190 via org.dspace:dspace-xmlui (>=4.0 <=6.3)

org.dspace:dspace-xmlui MAVEN version =4.0, =5.4.0, =4.0, =6.3 Source cves: CVE-2022-31190 Source advisory: OSV:GHSA-7W85-PP86-P4PQ...

5.3CVSS6AI score0.00712EPSS
Exploits0
CNNVD
CNNVD
added 2022/08/01 12:0 a.m.4 views

DSpace 路径遍历漏洞

DSpace is an open source turnkey repository application from the DuraSpace community. A path traversal vulnerability exists in DSpace versions 4.0 through 6.3, which stems from the intention that the SAF Simple Archive Format package could lead to the creation of files/directories in any location...

7.2CVSS7AI score0.01118EPSS
Exploits0References4
CNNVD
CNNVD
added 2022/08/01 12:0 a.m.5 views

DSpace 输入验证错误漏洞

DSpace is an open source turnkey repository application from the DuraSpace community. An input validation error vulnerability exists in DSpace versions 4.0 through 6.3, which stems from the vulnerability of a JSPUI-controlled vocabulary servlet to an open redirection attack, where an attacker can...

7.1CVSS6.6AI score0.00579EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2021/01/13 12:0 a.m.5 views

PT-2021-10922 · Unknown · Thinkadmin

Name of the Vulnerable Software and Affected Versions: ThinkAdmin versions 4.x through 6.x Description: An insecure unserialize vulnerability was discovered in ThinkAdmin, which may lead to arbitrary remote code execution. The issue is located in files such as "app/admin/controller/api/Update.php...

9.8CVSS9.6AI score0.04099EPSS
Exploits1References8
OSV
OSV
added 2020/04/02 8:15 p.m.4 views

CVE-2019-19093

eSOMS versions 4.0 to 6.0.3 do not enforce password complexity settings, potentially resulting in lower access security due to insecure user passwords...

6.5CVSS6.6AI score0.00832EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2020/04/02 8:15 p.m.4 views

CVE-2019-19000

For ABB eSOMS 4.0 to 6.0.3, the Cache-Control and Pragma HTTP headers have not been properly configured within the application response. This can potentially allow browsers and proxies to cache sensitive information...

6.5CVSS6.5AI score0.01052EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder