Lucene search
+L

370 matches found

RedHat Linux
RedHat Linux
added 2025/07/01 2:30 p.m.8 views

spring-security-core: Spring Security BCryptPasswordEncoder does not enforce maximum password length

A flaw was found in the spring-security-core password encoder. This vulnerability allows incorrect password matching via input manipulation...

7.4CVSS7.1AI score0.00568EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2025/07/01 1:48 p.m.15 views

spring-security-core: Spring Security BCryptPasswordEncoder does not enforce maximum password length

A flaw was found in the spring-security-core password encoder. This vulnerability allows incorrect password matching via input manipulation...

7.4CVSS7.1AI score0.00568EPSS
Exploits0References5
RedhatCVE
RedhatCVE
added 2025/06/23 9:24 p.m.4 views

CVE-2025-6516

A heap-based buffer overflow was found in HDF5. This flaw exists in the H5Faddrdecodelen function of the /hdf5/src/H5Fint.c file and may be triggered by input manipulation to the function. Local access is required to exploit this flaw. Mitigation Mitigation for this issue is either not available ...

7.8CVSS7.5AI score0.00308EPSS
Exploits1References8
AstraLinux
AstraLinux
added 2025/06/16 11:28 a.m.6 views

Astra Linux – Vulnerability in fig2dev

A flaw was discovered in xfig. This vulnerability allows for possible code execution through local input manipulation using the bezierspline function...

7.8CVSS6.2AI score0.00267EPSS
Exploits1References3
AstraLinux
AstraLinux
added 2025/06/16 11:28 a.m.6 views

Astra Linux – Vulnerability in fig2dev

A flaw was discovered in fig2dev. This vulnerability allows for availability through local input manipulation using the gengeitpspline function...

5.5CVSS5.4AI score0.00211EPSS
Exploits1References3
RedhatCVE
RedhatCVE
added 2025/06/10 8:34 a.m.10 views

CVE-2025-5898

A flaw was found in GNU PSPP's parsevariablesoption function within the pspp-convert utility. This vulnerability allows an out-of-bounds write via local input manipulation. Mitigation Mitigation for this issue is either not available or the currently available options do not meet the Red Hat...

5.3CVSS4.9AI score0.00139EPSS
Exploits0References2
Hacker One
Hacker One
added 2025/06/06 11:16 a.m.206 views

Lichess: Path Traversal Vulnerability in Lila Project

A path traversal vulnerability was discovered in the Lila project that allowed an attacker to access arbitrary files on the server by manipulating user-supplied input to traverse outside the intended directory structure...

7.1AI score
Exploits0
CVE
CVE
added 2025/05/29 6:0 p.m.60 views

CVE-2025-5323

CVE-2025-5323 affects fossasia open-event-server 1.19.1, specifically the Mail Verification Handler’s function send_email_change_user_email . The issue is described as relying on obfuscation or encryption of security-relevant inputs without integrity checks, with possible remote activation and hi...

6.3CVSS7AI score0.00118EPSS
Exploits0References5
RedhatCVE
RedhatCVE
added 2025/05/23 10:35 a.m.6 views

CVE-2024-9142

External Control of File Name or Path, : Incorrect Permission Assignment for Critical Resource vulnerability in Olgu Computer Systems e-Belediye allows Manipulating Web Input to File System Calls. This issue affects e-Belediye: before 2.0.642...

9.8CVSS5.8AI score0.00422EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 8:15 a.m.3 views

CVE-2024-9297

A vulnerability was found in SourceCodester Online Railway Reservation System 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /admin/. The manipulation of the argument page with the input trains/schedules/systeminfo leads to improper...

6.5CVSS6.9AI score0.00444EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/23 7:34 a.m.7 views

CVE-2024-13039

A vulnerability was found in code-projects Simple Chat System 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file /adduser.php. The manipulation of the argument name/email/password/number leads to sql injection. The attack may be launched remotely...

8.8CVSS8.9AI score0.00552EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/23 4:32 a.m.9 views

CVE-2023-5697

A vulnerability classified as problematic has been found in CodeAstro Internet Banking System 1.0. This affects an unknown part of the file pageswithdrawmoney.php. The manipulation of the argument accountnumber with the input 287359614--alert1234...

6.1CVSS7AI score0.00505EPSS
Exploits1
RedhatCVE
RedhatCVE
added 2025/05/22 10:35 p.m.5 views

CVE-2022-2956

A vulnerability classified as problematic has been found in ConsoleTVs Noxen. Affected is an unknown function of the file /Noxen-master/users.php. The manipulation of the argument createuserusername with the input " leads to cross site scripting. It is possible to launch the attack remotely. The...

6.1CVSS6.3AI score0.00544EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/22 9:22 p.m.7 views

CVE-2021-29529

TensorFlow is an end-to-end open source platform for machine learning. An attacker can trigger a heap buffer overflow in tf.rawops.QuantizedResizeBilinear by manipulating input values so that float rounding results in off-by-one error in accessing image elements. This is because the...

7.8CVSS7.3AI score0.00251EPSS
Exploits1References1
OSV
OSV
added 2025/05/22 1:15 p.m.3 views

CVE-2025-3942

Improper Output Neutralization for Logs vulnerability in Tridium Niagara Framework on Windows, Linux, QNX, Tridium Niagara Enterprise Security on Windows, Linux, QNX allows Input Data Manipulation. This issue affects Niagara Framework: before 4.14.2, before 4.15.1, before 4.10.11; Niagara...

7.5CVSS5.8AI score0.00239EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2025/05/22 10:5 a.m.7 views

CVE-2019-13097

The application API of Cat Runner Decorate Home version 2.8.0 for Android does not sufficiently verify inputs that are assumed to be immutable but are actually externally controllable. Attackers can manipulate users' score parameters exchanged between client and server...

7.5CVSS7AI score0.0137EPSS
Exploits1References1
CNNVD
CNNVD
added 2025/05/22 12:0 a.m.7 views

Tridium Niagara Framework和Tridium Niagara Enterprise Security 安全漏洞

Tridium Niagara Framework and Tridium Niagara Enterprise Security are both products of Tridium, Inc.Tridium Niagara Framework is a comprehensive software infrastructure that solves the challenges of creating appliance to enterprise applications. Tridium Niagara Enterprise Security is a...

9.8CVSS6.7AI score0.0047EPSS
Exploits0References2
CNNVD
CNNVD
added 2025/05/22 12:0 a.m.5 views

Tridium Niagara Framework和Tridium Niagara Enterprise Security 安全漏洞

Tridium Niagara Framework and Tridium Niagara Enterprise Security are both products of Tridium, Inc.Tridium Niagara Framework is a comprehensive software infrastructure that solves the challenges of creating appliance to enterprise applications. Tridium Niagara Enterprise Security is a...

7.5CVSS6.6AI score0.00239EPSS
Exploits0References2
Cvelist
Cvelist
added 2025/05/19 3:58 p.m.15 views

CVE-2025-22678 WordPress my white theme <= 2.0.8 - Reflected Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in mythemes my white allows Reflected XSS.This issue affects my white: from n/a through 2.0.8...

7.1CVSS0.00192EPSS
Exploits0References1
SUSE CVE
SUSE CVE
added 2025/05/17 2:54 a.m.6 views

SUSE CVE-2025-46397

A flaw was found in xfig. This vulnerability allows possible code execution via local input manipulation via bezierspline function...

4.7CVSS7AI score0.00267EPSS
Exploits1References10
Rows per page
Query Builder