Lucene search
K

242 matches found

OSV
OSV
added 2019/03/15 5:29 p.m.12 views

UBUNTU-CVE-2019-9834

DISPUTED The Netdata web application through 1.13.0 allows remote attackers to inject their own malicious HTML code into an imported snapshot, aka HTML Injection. Successful exploitation will allow attacker-supplied HTML to run in the context of the affected browser, potentially allowing the...

6.1CVSS5.7AI score0.051EPSS
Exploits1References5
Positive Technologies
Positive Technologies
added 2019/03/15 12:0 a.m.6 views

PT-2019-19884 · Netdata +2 · Netdata +2

Name of the Vulnerable Software and Affected Versions: Netdata web application versions prior to 1.13.0 Description: The issue allows remote attackers to inject malicious HTML code into an imported snapshot. Successful exploitation can lead to the execution of attacker-supplied HTML in the contex...

6.1CVSS6.8AI score0.051EPSS
Exploits1References15
Tenable Nessus
Tenable Nessus
added 2019/02/01 12:0 a.m.61 views

FreeBSD : Gitlab -- Multiple vulnerabilities (467b7cbe-257d-11e9-8573-001b217b3468)

Gitlab reports : Remote Command Execution via GitLab Pages Covert Redirect to Steal GitHub/Bitbucket Tokens Remote Mirror Branches Leaked by Git Transfer Refs Denial of Service with Markdown Guests Can View List of Group Merge Requests Guest Can View Merge Request Titles via System Notes Persiste...

9.8CVSS6.5AI score0.05471EPSS
Exploits17References26
CNVD
CNVD
added 2018/09/18 12:0 a.m.15 views

Moodle Remote Code Execution Vulnerability

Moodle is a free, open-source e-learning software platform, also known as a course management system, learning management system, or virtual learning environment, developed by Dr. Martin Dougiamas of Australia. A security vulnerability exists in Moodle. The vulnerability can be exploited by an...

8.8CVSS8.6AI score0.04425EPSS
Exploits3References1
Prion
Prion
added 2018/04/20 9:29 p.m.15 views

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in the Caldera Forms plugin before 1.6.0-rc.1 for WordPress allow remote attackers to inject arbitrary web script or HTML via vectors involving 1 a greeting message, 2 the email transaction log, or 3 an imported form...

3.5CVSS5AI score0.04578EPSS
Exploits4References5Affected Software1
OSV
OSV
added 2018/04/20 9:29 p.m.5 views

CVE-2018-7747

Multiple cross-site scripting XSS vulnerabilities in the Caldera Forms plugin before 1.6.0-rc.1 for WordPress allow remote attackers to inject arbitrary web script or HTML via vectors involving 1 a greeting message, 2 the email transaction log, or 3 an imported form...

4.8CVSS5.8AI score0.04578EPSS
Exploits4References5
NVD
NVD
added 2018/04/20 9:29 p.m.19 views

CVE-2018-7747

Multiple cross-site scripting XSS vulnerabilities in the Caldera Forms plugin before 1.6.0-rc.1 for WordPress allow remote attackers to inject arbitrary web script or HTML via vectors involving 1 a greeting message, 2 the email transaction log, or 3 an imported form...

4.8CVSS5.1AI score0.04578EPSS
Exploits4References5
Cvelist
Cvelist
added 2018/04/20 9:0 p.m.26 views

CVE-2018-7747

Multiple cross-site scripting XSS vulnerabilities in the Caldera Forms plugin before 1.6.0-rc.1 for WordPress allow remote attackers to inject arbitrary web script or HTML via vectors involving 1 a greeting message, 2 the email transaction log, or 3 an imported form...

5.1AI score0.04578EPSS
Exploits4References5
WPVulnDB
WPVulnDB
added 2017/08/24 12:0 a.m.11 views

FG Joomla to WordPress <= 3.30.0 - XSS in the AJAX Imported

The FG Joomla to WordPress WordPress plugin was affected by a XSS in the AJAX Imported security vulnerability...

2.3AI score
Exploits0References1Affected Software1
CNVD
CNVD
added 2017/05/10 12:0 a.m.5 views

Hipchat Server Arbitrary Code Execution Vulnerability

Hipchat Server is a set of team chat tools that supports group and 1-to-1 voice and video chat with screen sharing. A security vulnerability exists in Hipchat Server versions prior to 2.2.3. A remote attack could exploit the vulnerability to execute arbitrary code via an imported file...

9.1CVSS7.7AI score0.02607EPSS
Exploits1References1
CNVD
CNVD
added 2016/11/04 12:0 a.m.6 views

SAP Adaptive Server Enterprise SQL Injection Vulnerability

SAP Adaptive Server Enterprise ASE is a high-performance relational database management system of Germany SAP SAP. A SQL injection vulnerability exists in SAP ASE 16.0 SP02 PL03 and earlier versions. An attacker can exploit this vulnerability to gain system administrator privileges via dbcc...

9.8CVSS8.2AI score0.01066EPSS
Exploits0References1
hackapp
hackapp
added 2016/04/01 9:14 a.m.20 views

Digitally Imported Radio - Exported components, External URLs, Native code usage vulnerabilities

HackApp vulnerability scanner discovered that application Digitally Imported Radio published at the 'play' market has multiple vulnerabilities...

0.5AI score
Exploits0References1Affected Software1
Tenable Nessus
Tenable Nessus
added 2016/01/27 12:0 a.m.32 views

openSUSE Security Update : tiff (openSUSE-2016-101)

This update to tiff 4.0.6 fixes the following issues : - CVE-2015-7554: Out-of-bounds write in the thumbnail and tiffcmp tools allowed attacker to cause a denial of service or have unspecified further impact bsc960341 - bsc942690: potential out-of-bound write in NeXTDecode 2508 This update was...

9.8CVSS7.5AI score0.04187EPSS
Exploits1References3
UbuntuCve
UbuntuCve
added 2015/10/27 12:0 a.m.20 views

CVE-2015-1341

Any Python module in sys.path can be imported if the command line of the process triggering the coredump is Python and the first argument is -m in Apport before 2.19.2 function pythonmodulepath...

7.8CVSS7AI score0.00429EPSS
Exploits0References2
Kitploit
Kitploit
added 2015/08/01 4:15 p.m.32 views

PEframe - Tool to perform static analysis on Portable Executable malware

PEframe is a open source tool to perform static analysis on Portable Executable malware. Usage $ peframe malware.exe $ peframe --option malware.exe Options --json Output in json --import Imported function and dll --export Exported function and dll --dir-import Import directory --dir-export Export...

7.1AI score
Exploits0References1
CNVD
CNVD
added 2015/05/11 12:0 a.m.3 views

AlienVault OSSIM NBE import hostname/IP cross-site scripting vulnerability

AlienVault OSSIM or Open Source Security Information Management is a popular open source security management system. AlienVault OSSIM handles NBE imported hostname/ip with a cross-site scripting vulnerability that allows remote attackers to exploit the vulnerability to inject malicious scripts or...

5.9AI score
Exploits0References1
Cvelist
Cvelist
added 2008/08/29 4:22 p.m.27 views

CVE-2008-3860

Multiple cross-site scripting XSS vulnerabilities 1 in the WYSIWYG editors, 2 during local group creation, 3 during HTML redirects, 4 in the HTML import, 5 in the Rich text editor, and 6 in link-page in IBM Lotus Quickr 8.1 services for Lotus Domino before Hotfix 15 allow remote attackers to inje...

5.7AI score0.01263EPSS
Exploits1References7
NVD
NVD
added 2007/08/14 10:17 p.m.19 views

CVE-2007-3032

Unspecified vulnerability in Windows Vista Contacts Gadget in Windows Vista allows user-assisted remote attackers to execute arbitrary code via crafted contact information that is not properly handled when it is imported...

6.8CVSS7.3AI score0.25165EPSS
Exploits1References8
Prion
Prion
added 2007/08/14 10:17 p.m.19 views

Design/Logic Flaw

Unspecified vulnerability in Windows Vista Contacts Gadget in Windows Vista allows user-assisted remote attackers to execute arbitrary code via crafted contact information that is not properly handled when it is imported...

6.8CVSS7.6AI score0.25165EPSS
Exploits1References8
Cvelist
Cvelist
added 2007/08/14 10:0 p.m.26 views

CVE-2007-3032

Unspecified vulnerability in Windows Vista Contacts Gadget in Windows Vista allows user-assisted remote attackers to execute arbitrary code via crafted contact information that is not properly handled when it is imported...

7.3AI score0.25165EPSS
Exploits1References8
Rows per page
Query Builder