Lucene search
+L

24 matches found

OSV
OSV
added 4 days ago4 views

CVE-2026-55234 Wekan: Broken access control: any authenticated user can move their Cards/Lists/Swimlanes into a private board they are not a member of (cross-board write via collection allow rule)

Wekan is open source kanban built with Meteor. Prior to 9.37, Wekan DDP update allow rules in server/permissions/cards.js, server/permissions/lists.js, and server/permissions/swimlanes.js authorize against the stored source boardId and do not validate a new boardId in the update modifier. Any...

8.5CVSS6.1AI score0.00243EPSS
Exploits0References5
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2019-5370

Malware in sbrugna...

7.8CVSS7.6AI score0.00203EPSS
Exploits0References2
Gitee
Gitee
added 2025/09/28 9:59 p.m.79 views

ReconPi

This is a reconnaissance tool called ReconPi, designed for use on a Raspberry Pi or a VPS. The tool is written in Bash and uses various scripts to perform extensive reconnaissance on a target domain. The tool's primary function is to gather information about a target domain, including subdomains,...

6.8AI score
Exploits0
SUSE Linux
SUSE Linux
added 2025/08/12 12:58 p.m.3 views

Security update for govulncheck-vulndb

This update for govulncheck-vulndb fixes the following issues: Update to version 0.0.20250806T202249 2025-08-06T20:22:49Z jscPED-11136 GO-2022-0392 GHSA-m6gx-rhvj-fh52 GO-2022-0396 GHSA-g54h-m393-cpwq GO-2022-0452 GHSA-f3fp-gc8g-vw66 GO-2022-0456 GHSA-wjxw-gh3m-7pm5 GO-2022-0617 GHSA-qh36-44jv-c8...

7.4AI score
Exploits0References2
RedhatCVE
RedhatCVE
added 2025/05/22 4:28 a.m.10 views

CVE-2019-14117

u'Whenever the page list is updated via privileged user, the previous list elements are freed but are not deleted from the list which results in a use after free causing an unhandled page fault exception in rmnet driver' in Snapdragon Auto, Snapdragon Compute, Snapdragon Industrial IOT, Snapdrago...

7.8CVSS9.4AI score0.00203EPSS
Exploits0References1
OSV
OSV
added 2025/04/16 3:16 p.m.1 views

DEBIAN-CVE-2025-23133

In the Linux kernel, the following vulnerability has been resolved: wifi: ath11k: update channel list in reg notifier instead reg worker Currently when ath11k gets a new channel list, it will be processed according to the following steps: 1. update new channel list to cfg80211 and queue regwork. ...

7.8CVSS6.1AI score0.00209EPSS
Exploits0References1
NVD
NVD
added 2025/04/16 3:16 p.m.13 views

CVE-2025-23133

In the Linux kernel, the following vulnerability has been resolved: wifi: ath11k: update channel list in reg notifier instead reg worker Currently when ath11k gets a new channel list, it will be processed according to the following steps: 1. update new channel list to cfg80211 and queue regwork. ...

7.8CVSS0.00209EPSS
Exploits0References3
Debian CVE
Debian CVE
added 2025/04/16 2:13 p.m.29 views

CVE-2025-23133

In the Linux kernel, the following vulnerability has been resolved: wifi: ath11k: update channel list in reg notifier instead reg worker Currently when ath11k gets a new channel list, it will be processed according to the following steps: 1. update new channel list to cfg80211 and queue regwork. ...

7.8CVSS6.1AI score0.00209EPSS
Exploits0
Positive Technologies
Positive Technologies
added 2023/10/23 12:0 a.m.5 views

PT-2023-20974 · Enhancesoft · Osticket

Name of the Vulnerable Software and Affected Versions: Enhancesoft osTicket version 1.17.2 Description: A stored cross-site scripting XSS vulnerability allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Label input parameter when updating a custom...

4.8CVSS5AI score0.00354EPSS
Exploits1References7
WPVulnDB
WPVulnDB
added 2023/10/11 12:0 a.m.13 views

Kv TinyMCE Editor Add Fonts <= 1.1 - Font List Update via CSRF

Description The plugin does not have CSRF check when updating its font list, which could allow attackers to make logged in admins perform such action via a CSRF attack...

8.8CVSS6.4AI score0.00221EPSS
Exploits0
OSV
OSV
added 2023/04/14 8:15 p.m.3 views

CVE-2022-46886

There exists an open redirect within the response list update functionality of ServiceNow. This allows attackers to redirect users to arbitrary domains when clicking on a URL within a service-now domain...

6.1CVSS5.9AI score0.00299EPSS
Exploits0References1
NVD
NVD
added 2023/04/14 8:15 p.m.21 views

CVE-2022-46886

There exists an open redirect within the response list update functionality of ServiceNow. This allows attackers to redirect users to arbitrary domains when clicking on a URL within a service-now domain...

6.1CVSS5.7AI score0.00299EPSS
Exploits0References1
Cvelist
Cvelist
added 2023/04/14 12:0 a.m.23 views

CVE-2022-46886

There exists an open redirect within the response list update functionality of ServiceNow. This allows attackers to redirect users to arbitrary domains when clicking on a URL within a service-now domain...

5.5CVSS6.5AI score0.00299EPSS
Exploits0References1
NVD
NVD
added 2023/04/13 7:15 a.m.26 views

CVE-2022-33296

Memory corruption due to integer overflow to buffer overflow in Modem while parsing Traffic Channel Neighbor List Update message...

7.8CVSS6.7AI score0.00115EPSS
Exploits0References1
CVE
CVE
added 2023/04/04 4:46 a.m.81 views

CVE-2022-33296

CVE-2022-33296 describes memory corruption due to an integer overflow that becomes a buffer overflow in the Modem when parsing a Traffic Channel Neighbor List Update message. This affects Qualcomm modem components and is documented across multiple sources (NVD, Red Hat, CVE lists). The root cause...

7.8CVSS6.7AI score0.00115EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2023/04/04 4:46 a.m.29 views

CVE-2022-33296 Integer overflow to buffer overflow in Modem

Memory corruption due to integer overflow to buffer overflow in Modem while parsing Traffic Channel Neighbor List Update message...

5.9CVSS8.3AI score0.00115EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2023/04/04 12:0 a.m.8 views

PT-2023-13300 · Modem · Modem

Name of the Vulnerable Software and Affected Versions: Modem affected versions not specified Description: The issue is related to memory corruption caused by an integer overflow leading to a buffer overflow in the Modem. This occurs when the Modem is parsing a Traffic Channel Neighbor List Update...

7.8CVSS8AI score0.00115EPSS
Exploits0References2
SUSE CVE
SUSE CVE
added 2023/02/15 4:43 a.m.3 views

SUSE CVE-2017-10966

An issue was discovered in Irssi before 1.0.4. While updating the internal nick list, Irssi could incorrectly use the GHashTable interface and free the nick while updating it. This would then result in use-after-free conditions on each access of the hash table...

9.8CVSS7AI score0.02935EPSS
Exploits0References3
Kitploit
Kitploit
added 2020/05/20 12:30 p.m.60 views

Spray - A Password Spraying Tool For Active Directory Credentials By Jacob Wilkin(Greenwolf)

A Password Spraying tool for Active Directory Credentials by Jacob WilkinGreenwolf Getting Started These instructions will show you the requirements for and how to use Spray. Prerequisites All requirements come preinstalled on Kali Linux, to run on other flavors or Mac just make sure curlowa & ly...

7.4AI score
Exploits0References6
Citrix
Citrix
added 2017/09/26 12:0 a.m.11 views

Error "Could not update master user list" while saving the LDAP Configuration on XenMobile server

Unable to save LDAP configuration and getting Error "Could not update master user list" For sample logs: 2017-08-21T09:21:30.411-0700 | 3811F15F6AE686BC | INFO | http-nio-14443-exec-11 | com.citrix.cg.identity.ldap.LdapManager | Given baseDN 'dc=domain,dc=example,dc=com'is valid:true...

7.1AI score
Exploits0
Rows per page
Query Builder