Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

8 matches found

NVD
NVDadded 2025/02/26 7:1 a.m.13 views

CVE-2022-49269

In the Linux kernel, the following vulnerability has been resolved: can: isotp: sanitize CAN ID checks in isotpbind Syzbot created an environment that lead to a state machine status that can not be reached with a compliant CAN ID address configuration. The provided address information consisted o...

5.5CVSS0.00246EPSS
Exploits0References5
Cvelist
Cvelistadded 2025/02/26 1:56 a.m.14 views

CVE-2022-49269 can: isotp: sanitize CAN ID checks in isotp_bind()

In the Linux kernel, the following vulnerability has been resolved: can: isotp: sanitize CAN ID checks in isotpbind Syzbot created an environment that lead to a state machine status that can not be reached with a compliant CAN ID address configuration. The provided address information consisted o...

0.00246EPSS
Exploits0References5
CVE
CVEadded 2025/02/26 1:56 a.m.91 views

CVE-2022-49269

The CVE-2022-49269 issue affects the Linux kernel CAN subsystem: isotp_bind() incorrectly validates CAN IDs, allowing a state machine path that can be reached with non-standard IDs (ex: 0x6000001 and 0xC28001) that map to 11-bit IDs 0x001. The fix sanitizes SFF/EFF CAN ID values before address ch...

5.5CVSS5.2AI score0.00246EPSS
Exploits0References5Affected Software1
OSV
OSVadded 2025/01/23 2:27 p.m.3 views

USN-7226-1 cacti vulnerability

It was discovered that Cacti did not properly sanitize the 'pollerid' parameter in the "remoteagent.php" file. A remote attacker could possibly use this issue to achieve remote code execution...

9.8CVSS7.7AI score0.99826EPSS
Exploits48References2
NVD
NVDadded 2023/03/06 10:15 p.m.12 views

CVE-2021-36398

In moodle, ID numbers displayed in the web service token list required additional sanitizing to prevent a stored XSS risk...

5.4CVSS5.1AI score0.00516EPSS
Exploits0References1
Vulnrichment
Vulnrichmentadded 2022/12/05 4:50 p.m.5 views

CVE-2022-3892 WP OAuth Server < 4.2.2 - Admin+ Stored XSS

The WP OAuth Server OAuth Authentication WordPress plugin before 4.2.2 does not sanitize and escape Client IDs, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...

5.7AI score0.00485EPSS
Exploits2References1
OSV
OSVadded 2022/03/14 3:15 p.m.2 views

CVE-2022-0321

The WP Voting Contest WordPress plugin before 3.0 does not sanitise and escape the postid parameter before outputting it back in the response via the wpvcsocialshareicons AJAX action available to both unauthenticated and authenticated users, leading to a Reflected Cross-Site Scripting issue...

6.1CVSS5.8AI score0.00783EPSS
Exploits2References1
OpenVAS
OpenVASadded 2019/08/27 12:0 a.m.31 views

Discourse < 2.4.0.beta3 Multiple Vulnerabilities

Discourse is prone to multiple vulnerabilities including CSRF flaws. SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

6.5CVSS6.8AI score0.00615EPSS
Exploits0References2
Rows per page
Query Builder