Lucene search
K

212 matches found

VulnCheck KEV
VulnCheck KEV
added 2023/12/04 12:0 a.m.5 views

VulnCheck KEV: CVE-2023-39026

Directory Traversal vulnerability in FileMage Gateway Windows Deployments v.1.10.8 and before allows a remote attacker to obtain sensitive information via a crafted request to the /mgmt/ component...

7.5CVSS7.1AI score0.10562EPSS
Exploits4References1
0day.today
0day.today
added 2023/11/20 12:0 a.m.537 views

Jorani Leave Management System 1.0.2 Host Header Injection Vulnerability

Exploit Title: Jorani Leave Management System v1.0.2 Host Header Attack Exploit Author: BugsBD Security Researcher Rahad Chowdhury Vendor Homepage: https://jorani.org/ Software Link: https://github.com/bbalet/jorani/releases/download/v1.0.2/jorani-1.0.2.zip Version: v1.0.2 Tested on: Windows 10,...

5.3CVSS7.5AI score0.00757EPSS
Exploits3
NVD
NVD
added 2023/09/27 3:19 p.m.9 views

CVE-2023-4262

Rejected reason: User data field is not attacker controlled...

6.5AI score
Exploits0
Prion
Prion
added 2023/09/27 3:19 p.m.13 views

Buffer overflow

Possible buffer overflow in Zephyr mgmt subsystem when asserts are disabled...

7.5CVSS9.5AI score
Exploits0References4Affected Software1
CVE
CVE
added 2023/09/26 6:19 p.m.40 views

CVE-2023-4262

CVE-2023-4262 is associated with a potential buffer overflow in Zephyr’s management subsystem when asserts are disabled (reported by PT-2023-28454). The connected Veracode record cites a buffer overflow in libzephyr.so caused by the CLFS driver, suggesting the attacker could trigger via a special...

9.5AI score
Exploits0
Cvelist
Cvelist
added 2023/09/26 6:19 p.m.18 views

CVE-2023-4262

...

9.8AI score
Exploits0
Microsoft CVE
Microsoft CVE
added 2023/09/23 7:0 a.m.2 views

Linux Kernel BlueZ mgmt-tester.c read_50_controller_cap_complete null pointer dereference

...

5.7CVSS6.6AI score0.00409EPSS
Exploits0
Cvelist
Cvelist
added 2023/09/08 12:0 a.m.26 views

CVE-2023-41575

Multiple stored cross-site scripting XSS vulnerabilities in /bbdms/sign-up.php of Blood Bank & Donor Management v2.2 allow attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Full Name, Message, or Address parameters...

5.6AI score0.00429EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2023/07/25 12:0 a.m.14 views

Cisco Unified Computing System Fabric Interconnect root Privilege Escalation (CVE-2019-1966)

A vulnerability in a specific CLI command within the local management local-mgmt context for Cisco UCS Fabric Interconnect Software could allow an authenticated, local attacker to gain elevated privileges as the root user on an affected device. The vulnerability is due to extraneous subcommand...

7.8CVSS7.5AI score0.00352EPSS
Exploits0References2
NVD
NVD
added 2023/05/14 9:15 a.m.16 views

CVE-2023-2692

A vulnerability has been found in SourceCodester ICT Laboratory Management System 1.0 and classified as problematic. Affected by this vulnerability is an unknown functionality of the file views/roominfo.php of the component GET Parameter Handler. The manipulation of the argument name leads to cro...

6.1CVSS4.5AI score0.00613EPSS
Exploits1References3
RedHat Linux
RedHat Linux
added 2023/05/09 10:4 a.m.2 views

kernel: RDMA/core: Fix null-ptr-deref in ib_core_cleanup()

In the Linux kernel, the following vulnerability has been resolved: RDMA/core: Fix null-ptr-deref in ibcorecleanup KASAN reported a null-ptr-deref error: KASAN: null-ptr-deref in range 0x0000000000000118-0x000000000000011f CPU: 1 PID: 379 Hardware name: QEMU Standard PC i440FX + PIIX, 1996 RIP:...

5.5CVSS6.3AI score0.00172EPSS
Exploits0References5
Prion
Prion
added 2023/04/14 2:15 a.m.16 views

Sql injection

Purchase Order Management v1.0 was discovered to contain a SQL injection vulnerability via the password parameter at /purchaseorder/admin/login.php...

7.5CVSS9.9AI score0.01657EPSS
Exploits1References2Affected Software1
F5 Networks
F5 Networks
added 2023/02/21 7:45 p.m.28 views

K15229: BIG-IQ / BIG-IP privilege escalation vulnerability CVE-2014-3220

Security Advisory Description F5 BIG-IQ Cloud and Security 4.0.0 through 4.1.0 allows remote authenticated users to change the password of arbitrary users via the name parameter in a request to the user's page in mgmt/shared/authz/users/. CVE-2014-3220 Impact An authenticated user with limited...

9CVSS6.8AI score0.11003EPSS
Exploits1Affected Software15
SUSE CVE
SUSE CVE
added 2023/02/15 4:6 a.m.3 views

SUSE CVE-2019-19071

A memory leak in the rsisendbeacon function in drivers/net/wireless/rsi/rsi91xmgmt.c in the Linux kernel through 5.3.11 allows attackers to cause a denial of service memory consumption by triggering rsipreparebeacon failures, aka CID-d563131ef23c...

5.9CVSS6.7AI score0.03836EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2023/02/15 3:31 a.m.3 views

SUSE CVE-2022-3563

A vulnerability classified as problematic has been found in Linux Kernel. Affected is the function read50controllercapcomplete of the file tools/mgmt-tester.c of the component BlueZ. The manipulation of the argument caplen leads to null pointer dereference. It is recommended to apply a patch to f...

5.3CVSS8.1AI score0.00409EPSS
Exploits0References4
Cvelist
Cvelist
added 2023/02/02 8:16 a.m.26 views

CVE-2023-0641 PHPGurukul Employee Leaves Management System changepassword.php weak password

A vulnerability was found in PHPGurukul Employee Leaves Management System 1.0. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file changepassword.php. The manipulation of the argument newpassword/confirmpassword leads to weak password...

3.7CVSS9.4AI score0.01005EPSS
Exploits1References3
OSV
OSV
added 2023/01/26 5:28 p.m.6 views

SUSE-SU-2023:0167-1 Security update for bluez

This update for bluez fixes the following issues: - CVE-2022-3563: Fixed a potential crash in the mgmt-tester tool bsc1204426...

5.7CVSS5.6AI score0.00409EPSS
Exploits0References3
NVD
NVD
added 2023/01/13 7:15 p.m.31 views

CVE-2022-48090

Tramyardg hotel-mgmt-system version 2022.4 is vulnerable to SQL Injection via /app/dao/CustomerDAO.php...

6.5CVSS6.9AI score0.0071EPSS
Exploits1References1
NVD
NVD
added 2023/01/13 7:15 p.m.29 views

CVE-2022-48091

Tramyardg hotel-mgmt-system version 2022.4 is vulnerable to Cross Site Scripting XSS via processupdateprofile.php...

5.4CVSS5.3AI score0.00447EPSS
Exploits1References1
Prion
Prion
added 2023/01/13 7:15 p.m.14 views

Cross site scripting

Tramyardg hotel-mgmt-system version 2022.4 is vulnerable to Cross Site Scripting XSS via processupdateprofile.php...

4.9CVSS5.3AI score0.00447EPSS
Exploits1References1Affected Software1
Rows per page
Query Builder