Lucene search
K

16 matches found

CNNVD
CNNVD
added 2026/03/19 12:0 a.m.8 views

IBM QRadar SIEM 安全漏洞

IBM QRadar SIEM is a solution developed by the American multinational company IBM, designed to protect assets and information from advanced threats using security intelligence. This solution provides features such as monitoring across the entire IT infrastructure and generating detailed reports o...

5CVSS5.8AI score0.0018EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/02/26 1:24 a.m.20 views

CVE-2026-2506 EM Cost Calculator <= 2.3.1 - Unauthenticated Stored Cross-Site Scripting via 'customer_name'

The EM Cost Calculator plugin for WordPress is vulnerable to Stored Cross-Site Scripting in versions up to, and including, 2.3.1. This is due to the plugin storing attacker-controlled 'customername' data and rendering it in the admin customer list without output escaping. This makes it possible f...

6.1CVSS0.00215EPSS
Exploits0References5
ATTACKERKB
ATTACKERKB
added 2026/02/26 1:24 a.m.5 views

CVE-2026-2506

The EM Cost Calculator plugin for WordPress is vulnerable to Stored Cross-Site Scripting in versions up to, and including, 2.3.1. This is due to the plugin storing attacker-controlled 'customername' data and rendering it in the admin customer list without output escaping. This makes it possible f...

6.1CVSS5.6AI score0.00215EPSS
Exploits0References6
EUVD
EUVD
added 2025/12/02 12:37 a.m.3 views

EUVD-2025-200098

Grav Admin Plugin is vulnerable to Cross-Site Scripting XSS Stored endpoint /admin/accounts/groups/group parameter datareadableName...

6.2CVSS5.4AI score0.00182EPSS
Exploits1References3
Redos
Redos
added 2025/09/23 12:0 a.m.2 views

ROS-20250923-19

A vulnerability in the Zabbix universal monitoring system is related to insufficient cleaning of user data transmitted via the "Visible Name" field during automatic host deletion. data transmitted via the "Visible Name" field during automatic host deletion. Exploitation vulnerability could allow ...

7.5CVSS7.7AI score0.01188EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2025/09/06 11:25 a.m.5 views

CVE-2025-41038

A vulnerability has been discovered in appRain CMF version 4.0.5, consisting of a stored authenticated XSS due to a lack of proper validation of user input, through the 'dataGroupname' parameter in /apprain/admin/managegroup/add/...

5.4CVSS6.1AI score0.00197EPSS
Exploits0References1
Microsoft CVE
Microsoft CVE
added 2024/01/30 8:0 a.m.5 views

An issue was discovered in ksmbd in the Linux kernel before 6.6.10. smb2_get_data_area_len in fs/smb/server/smb2misc.c can cause an smb_strndup_from_utf16 out-of-bounds access because the relationship between Name data and CreateContexts data is mishandled.

...

7.8CVSS7.3AI score0.00252EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2024/01/24 2:55 p.m.191 views

CVE-2024-22705

A vulnerability was found in ksmbd in the Linux kernel's smb2getdataarealen in fs/smb/server/smb2misc. This flaw allows an attacker to cause an smbstrndupfromutf16 out-of-bounds access due to mishandling the relationship between Name data and CreateContexts data...

7.8CVSS7.1AI score0.00252EPSS
Exploits0References4
NVD
NVD
added 2024/01/23 11:15 a.m.22 views

CVE-2024-22705

An issue was discovered in ksmbd in the Linux kernel before 6.6.10. smb2getdataarealen in fs/smb/server/smb2misc.c can cause an smbstrndupfromutf16 out-of-bounds access because the relationship between Name data and CreateContexts data is mishandled...

7.8CVSS7.4AI score0.00252EPSS
Exploits0References2
OSV
OSV
added 2024/01/23 11:15 a.m.3 views

UBUNTU-CVE-2024-22705

An issue was discovered in ksmbd in the Linux kernel before 6.6.10. smb2getdataarealen in fs/smb/server/smb2misc.c can cause an smbstrndupfromutf16 out-of-bounds access because the relationship between Name data and CreateContexts data is mishandled...

7.8CVSS6.8AI score0.00252EPSS
Exploits0References9
Cvelist
Cvelist
added 2024/01/23 12:0 a.m.30 views

CVE-2024-22705

An issue was discovered in ksmbd in the Linux kernel before 6.6.10. smb2getdataarealen in fs/smb/server/smb2misc.c can cause an smbstrndupfromutf16 out-of-bounds access because the relationship between Name data and CreateContexts data is mishandled...

7.6AI score0.00252EPSS
Exploits0References2
UbuntuCve
UbuntuCve
added 2024/01/23 12:0 a.m.36 views

CVE-2024-22705

An issue was discovered in ksmbd in the Linux kernel before 6.6.10. smb2getdataarealen in fs/smb/server/smb2misc.c can cause an smbstrndupfromutf16 out-of-bounds access because the relationship between Name data and CreateContexts data is mishandled...

7.8CVSS6.8AI score0.00252EPSS
Exploits0References8
Debian CVE
Debian CVE
added 2024/01/23 12:0 a.m.36 views

CVE-2024-22705

An issue was discovered in ksmbd in the Linux kernel before 6.6.10. smb2getdataarealen in fs/smb/server/smb2misc.c can cause an smbstrndupfromutf16 out-of-bounds access because the relationship between Name data and CreateContexts data is mishandled...

7.8CVSS7.8AI score0.00252EPSS
Exploits0
OSV
OSV
added 2021/12/15 7:15 p.m.3 views

CVE-2021-0997

In handleUpdateNetworkState of GnssNetworkConnectivityHandler.java , there is a possible APN disclosure due to log information disclosure. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product:...

5.5CVSS5.9AI score0.00111EPSS
Exploits0References1
CNVD
CNVD
added 2017/03/21 12:0 a.m.2 views

My NJ Client APP has parallel override access vulnerability

My Nanjing Client APP is a city-level public service mobile application that integrates all kinds of living information in Nanjing. My Nanjing Client APP has a parallel override access vulnerability. Allowing an attacker to access all the real-name registered user and enterprise information and...

6.6AI score
Exploits0
erpscan
erpscan
added 2015/02/18 12:0 a.m.37 views

SAP Afaria - Stored XSS

Application: SAP Afaria 7 Vendor URL: http://www.sap.com Bugs: XSS Reported: 18.02.2015 Vendor response: 18.02.2015 Date of Public Advisory: 11.08.2015 Reference: SAP Security Note 2152669 Authors: Dmitry Chastukhin ERPScan Vulnerability information Class: XML External Entity CWE-79 Impact: Store...

4.3CVSS0.6AI score0.01273EPSS
Exploits1
Rows per page
Query Builder