Lucene search
+L

1440 matches found

vulncheck_kev
vulncheck_kev
added 2024/11/20 12:0 a.m.2 views

VulnCheck KEV: CVE-2000-0325

The Microsoft Jet database engine allows an attacker to execute commands via a database query, aka the "VBA Shell" vulnerability...

7.2CVSS5.9AI score0.03731EPSS
Exploits1References1
osv
osv
added 2024/04/05 4:15 p.m.6 views

CVE-2024-3347

A vulnerability was found in SourceCodester Airline Ticket Reservation System 1.0. It has been rated as critical. This issue affects some unknown processing of the file activatejetdetailsformhandler.php. The manipulation of the argument jetid leads to sql injection. The attack may be initiated...

9.8CVSS5.7AI score0.00862EPSS
Exploits1References4
ptsecurity
ptsecurity
added 2024/04/05 12:0 a.m.5 views

PT-2024-25274 · Sourcecodester · Sourcecodester Airline Ticket Reservation System

Name of the Vulnerable Software and Affected Versions: SourceCodester Airline Ticket Reservation System version 1.0 Description: A critical issue affects the processing of the file activate jet details form handler.php, where the manipulation of the jet id argument leads to sql injection. The...

9.8CVSS7.5AI score0.00862EPSS
Exploits1References8
cnnvd
cnnvd
added 2024/04/05 12:0 a.m.7 views

SourceCodester Airline Ticket Reservation System SQL注入漏洞

Airline Ticket Reservation System is a ticket reservation system. A SQL injection vulnerability exists in SourceCodester Airline Ticket Reservation System version 1.0, which is caused by a SQL injection vulnerability in the jetid parameter of the activatejetdetailsformhandler.php file...

9.8CVSS7.9AI score0.00862EPSS
Exploits1References5
hackerone
hackerone
added 2024/02/21 1:35 a.m.13 views

GitHub: Source Code and data exfiltration via Github Copilot

The vulnerability was caused by insecure output handling in the Copilot client interfaces. A prompt injection attack was able to result in data exfiltration. The vulnerability was addressed by only rendering images from trusted domains and adding interstitial modals to inform users about link...

7.2AI score
Exploits0
github
github
added 2024/02/16 11:14 p.m.17 views

Hazelcast Platform permission checking in CSV File Source connector

Impact In Hazelcast Platform through 5.3.4, a security issue exists within the SQL mapping for the CSV File Source connector. This issue arises from inadequate permission checking, which could enable unauthorized clients to access data from files stored on a member's filesystem. Patches Fix...

6.5CVSS7.5AI score0.00528EPSS
Exploits0References5Affected Software2
wired
wired
added 2023/12/01 5:1 a.m.8 views

Anduril’s New Drone Killer Is Locked on to AI-Powered Warfare

Autonomous drones are rapidly changing combat. Anduril’s new one aims to gain an edge with jet power and AI...

7.5AI score
Exploits0
cnnvd
cnnvd
added 2023/09/12 12:0 a.m.6 views

Siemens JT2GO 安全漏洞

Siemens Teamcenter Visualization is a software that provides teamwork capabilities for designing 2D and 3D scenarios.Siemens JT2GO is a JT file viewer. A type confusion vulnerability exists in Siemens Teamcenter Visualization and JT2Go, which can be exploited by an attacker to execute code in the...

7.8CVSS7.2AI score0.00271EPSS
Exploits0References3
openbugbounty
openbugbounty
added 2023/09/09 2:30 a.m.11 views

jet-nassau.com Cross Site Scripting vulnerability OBB-3657346

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

6.1AI score
Exploits0
openbugbounty
openbugbounty
added 2023/07/11 1:57 p.m.15 views

jet-sea.ca Cross Site Scripting vulnerability OBB-3503779

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

6.1AI score
Exploits0
redhat
redhat
added 2023/06/29 8:7 p.m.11 views

hazelcast: Hazelcast connection caching

A flaw was found in Hazelcast and Hazelcast Jet. This flaw may allow an attacker unauthenticated access to manipulate data in the cluster...

9.1CVSS5.7AI score0.01021EPSS
Exploits0References5
openbugbounty
openbugbounty
added 2023/05/01 7:3 p.m.8 views

jet-line.co.jp Cross Site Scripting vulnerability OBB-3286611

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

6AI score
Exploits0
redhat
redhat
added 2023/02/08 9:53 a.m.6 views

hazelcast: Hazelcast connection caching

A flaw was found in Hazelcast and Hazelcast Jet. This flaw may allow an attacker unauthenticated access to manipulate data in the cluster...

9.1CVSS5.7AI score0.01021EPSS
Exploits0References5
redhat
redhat
added 2023/01/26 9:55 p.m.4 views

hazelcast: Hazelcast connection caching

A flaw was found in Hazelcast and Hazelcast Jet. This flaw may allow an attacker unauthenticated access to manipulate data in the cluster...

9.1CVSS5.7AI score0.01021EPSS
Exploits0References5
redhatcve
redhatcve
added 2023/01/18 5:5 p.m.110 views

CVE-2022-36437

A flaw was found in Hazelcast and Hazelcast Jet. This flaw may allow an attacker unauthenticated access to manipulate data in the cluster...

9.1CVSS3AI score0.01021EPSS
Exploits0References4
nvd
nvd
added 2022/12/29 11:15 p.m.42 views

CVE-2022-36437

The Connection handler in Hazelcast and Hazelcast Jet allows a remote unauthenticated attacker to access and manipulate data in the cluster with the identity of another already authenticated connection. The affected Hazelcast versions are through 4.0.6, 4.1.9, 4.2.5, 5.0.3, and 5.1.2. The affecte...

9.1CVSS0.01021EPSS
Exploits0References1
prion
prion
added 2022/12/29 11:15 p.m.27 views

Design/Logic Flaw

The Connection handler in Hazelcast and Hazelcast Jet allows a remote unauthenticated attacker to access and manipulate data in the cluster with the identity of another already authenticated connection. The affected Hazelcast versions are through 4.0.6, 4.1.9, 4.2.5, 5.0.3, and 5.1.2. The affecte...

6.4CVSS8.9AI score0.01021EPSS
Exploits0References1Affected Software2
osv
osv
added 2022/12/29 12:0 a.m.38 views

CVE-2022-36437

The Connection handler in Hazelcast and Hazelcast Jet allows a remote unauthenticated attacker to access and manipulate data in the cluster with the identity of another already authenticated connection. The affected Hazelcast versions are through 4.0.6, 4.1.9, 4.2.5, 5.0.3, and 5.1.2. The affecte...

9.1CVSS9.1AI score0.01021EPSS
Exploits0References3
cve
cve
added 2022/12/29 12:0 a.m.242 views

CVE-2022-36437

CVE-2022-36437 pertains to Hazelcast and Hazelcast Jet where the Connection handler can be exploited by a remote unauthenticated attacker to access and manipulate data in the cluster using another authenticated connection’s identity. Affected Hazelcast versions: up to 4.0.6, 4.1.9, 4.2.5, 5.0.3, ...

9.1CVSS8.9AI score0.01021EPSS
Exploits0References1Affected Software2
cnnvd
cnnvd
added 2022/12/29 12:0 a.m.8 views

Hazelcast 授权问题漏洞

Hazelcast Hazelcast IMDG is a set of scalable open source data distribution platform of the U.S. Hazelcast company . The platform supports a variety of distributed data structures, distributed caching and other features. A security vulnerability exists in Hazelcast and Hazelcast Jet that stems fr...

9.1CVSS8.2AI score0.01021EPSS
Exploits0References5
Rows per page
Query Builder