Lucene search
K

318 matches found

EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2000-0145

Malware in sbrugna...

5CVSS6.4AI score0.06336EPSS
Exploits1References3
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2015-4761

Malware in sbrugna...

2.6CVSS6.4AI score0.01792EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2001-0909

Malware in sbrugna...

5CVSS6.4AI score0.02469EPSS
Exploits0References5
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2019-1162

Malware in sbrugna...

8.8CVSS8.7AI score0.01347EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2022-5430

Malicious code in bioql PyPI...

4.3CVSS6.3AI score0.02537EPSS
Exploits1References19
OSV
OSV
added 2025/10/03 7:56 p.m.9 views

RLSA-2025:11332 Important: tomcat9 security update

Tomcat is the servlet container that is used in the official Reference Implementation for the Java Servlet and JavaServer Pages technologies. The Java Servlet and JavaServer Pages specifications are developed by Sun under the Java Community Process. Tomcat is developed in an open and participator...

8.1CVSS7.5AI score0.66933EPSS
Exploits18References3
GithubExploit
GithubExploit
added 2025/09/26 12:33 p.m.226 views

adobe-connect-exploits

It is an offensive tool for Adobe Connect. Exploit module/toolki...

7.5AI score
Exploits0
RedhatCVE
RedhatCVE
added 2025/08/30 6:16 p.m.8 views

CVE-2024-13980

H3C Intelligent Management Center IMC versions up to and including E0632H07 contains a remote command execution vulnerability in the /byod/index.xhtml endpoint. Improper handling of JSF ViewState allows unauthenticated attackers to craft POST requests with forged javax.faces.ViewState parameters,...

10CVSS7.6AI score0.01176EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/08/27 9:25 p.m.4 views

CVE-2024-13980 H3C Intelligent Management Center (iMC) /byod/index.xhtml RCE

H3C Intelligent Management Center IMC versions up to and including E0632H07 contains a remote command execution vulnerability in the /byod/index.xhtml endpoint. Improper handling of JSF ViewState allows unauthenticated attackers to craft POST requests with forged javax.faces.ViewState parameters,...

10CVSS7.1AI score0.01176EPSS
Exploits0References6
Vulnrichment
Vulnrichment
added 2025/08/27 9:23 p.m.5 views

CVE-2023-7309 Dahua Smart Park Integrated Management Platform Front-End Arbitrary File Upload

A path traversal vulnerability exists in the Dahua Smart Park Integrated Management Platform also referred to as the Dahua Smart Campus Integrated Management Platform, affecting the SOAP-based GIS bitmap upload interface. The flaw allows unauthenticated remote attackers to upload arbitrary files ...

10CVSS7.8AI score0.00758EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2025/08/19 12:0 a.m.5 views

Linux Distros Unpatched Vulnerability : CVE-2020-1745

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A file inclusion vulnerability was found in the AJP connector enabled with a default AJP configuration port of 8009 in Undertow version 2.0.29.Final and before...

9.8CVSS6.8AI score0.04837EPSS
Exploits0References2
Exploit DB
Exploit DB
added 2025/08/11 12:0 a.m.247 views

JetBrains TeamCity 2023.11.4 - Authentication Bypass

!/usr/bin/env python3 -- coding: utf-8 -- """ Exploit Title: JetBrains TeamCity 2023.11.4 - Authentication Bypass Date: 2024-02-21 Exploit Author: ibrahimsql https://github.com/ibrahimsql Vendor Homepage: https://www.jetbrains.com/teamcity/ Version: =2.25.1 """ import requests import argparse...

9.8CVSS7.4AI score0.99938EPSS
Exploits24
CNVD
CNVD
added 2025/06/11 12:0 a.m.6 views

Apache Tomcat Security Bypass Vulnerability (CNVD-2025-16619)

Apache Tomcat is the United States Apache Apache Foundation of a lightweight Web application server . Used to implement the Servlet and JavaServer Page JSP support. A security bypass vulnerability exists in Apache Tomcat due to improper handling of a case-sensitive vulnerability in the GCI servle...

7.3CVSS6.7AI score0.02608EPSS
Exploits1References1
CNNVD
CNNVD
added 2025/06/10 12:0 a.m.3 views

GeoServer 安全漏洞

GeoServer is GeoServer open source an open source software server written in Java. It allows users to share and edit geospatial data. A security vulnerability exists in GeoServer that stems from a REST API security bypass that could lead to information disclosure...

5.3CVSS6.1AI score0.01022EPSS
Exploits0References6
BDU FSTEC
BDU FSTEC
added 2025/05/26 12:0 a.m.5 views

The vulnerability of the HttpServletRequest.getParameter() function in the centralized multimedia content management system MagicINFO 9 allows a hacker to execute arbitrary code.

The vulnerability of the HttpServletRequest.getParameter function in the MagicINFO 9 centralized multimedia content management system is related to the improper creation of a file system path by combining a permanent directory, a temporary marker, and the fileName parameter. Exploiting this...

9CVSS8.5AI score0.91941EPSS
Exploits3References9Affected Software1
RedhatCVE
RedhatCVE
added 2025/05/23 4:36 a.m.8 views

CVE-2023-41877

GeoServer is an open source software server written in Java that allows users to share and edit geospatial data. A path traversal vulnerability in versions 2.23.4 and prior requires GeoServer Administrator with access to the admin console to misconfigure the Global Settings for log file location ...

7.2CVSS6.8AI score0.00841EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 2:50 a.m.6 views

CVE-2023-0015

In SAP BusinessObjects Business Intelligence Platform Web Intelligence user interface - version 420, some calls return json with wrong content type in the header of the response. As a result, a custom application that calls directly the jsp of Web Intelligence DHTML may be vulnerable to XSS...

5.4CVSS5.2AI score0.00345EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 8:19 a.m.9 views

CVE-2019-0389

An administrator of SAP NetWeaver Application Server Java J2EE-Framework, corrected in versions 7.1, 7.2, 7.3, 7.31, 7.4, 7.5, may change privileges for all or some functions in Java Server, and enable users to execute functions, they are not allowed to execute otherwise...

8.8CVSS7.2AI score0.01347EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 2:45 a.m.12 views

CVE-2019-0305

Java Server Pages JSPs provided by the SAP NetWeaver Process Integration SAPXIESR and SAPXITOOL: 7.10 to 7.11, 7.20, 7.30, 7.31, 7.40, 7.50 do not restrict or incorrectly restrict frame objects or UI layers that belong to another application or domain, resulting in Clickjacking vulnerability...

4.3CVSS7AI score0.00886EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/21 10:40 p.m.11 views

CVE-2002-2347

Cross-site scripting XSS vulnerability in Oracle Java Server Page OJSP demo files 1 hellouser.jsp, 2 welcomeuser.jsp and 3 usebean.jsp in Oracle 9i Application Server 9.0.2, 1.0.2.2, 1.0.2.1s and 1.0.2 allows remote attackers to inject arbitrary web script or HTML via the text entry field...

4.3CVSS5.6AI score0.01704EPSS
Exploits0References1
Rows per page
Query Builder