Lucene search
K

14 matches found

EUVD
EUVD
added 2025/10/07 12:30 a.m.3 views

EUVD-2007-2439

Malware in sbrugna...

7.2CVSS9AI score0.00783EPSS
Exploits0References37
Patchstack
Patchstack
added 2024/05/15 6:57 a.m.4 views

WordPress month name translation benaceur plugin < 2.3.8 - Admin+ Stored XSS vulnerability

Admin+ Stored XSS vulnerability discovered by Bob Matyas in WordPress Plugin month name translation benaceur versions 2.3.8...

4.8CVSS6.1AI score0.00352EPSS
Exploits2References1Affected Software1
OSV
OSV
added 2024/05/15 6:15 a.m.4 views

CVE-2024-3634

The month name translation benaceur WordPress plugin before 2.3.8 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite...

4.8CVSS5.8AI score0.00352EPSS
Exploits2References1
Cvelist
Cvelist
added 2024/05/15 6:0 a.m.19 views

CVE-2024-3634 month name translation benaceur < 2.3.8 - Admin+ Stored XSS

The month name translation benaceur WordPress plugin before 2.3.8 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite...

5.5AI score0.00352EPSS
Exploits2References1
CNNVD
CNNVD
added 2024/05/15 12:0 a.m.3 views

WordPress plugin month name translation benaceur 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation. WordPress is a blogging platform developed in the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A security vulnerability exists in the...

4.8CVSS6.3AI score0.00352EPSS
Exploits2References2
SUSE CVE
SUSE CVE
added 2024/02/17 3:27 a.m.4 views

SUSE CVE-2023-5679

A bad interaction between DNS64 and serve-stale may cause named to crash with an assertion failure during recursive resolution, when both of these features are enabled. This issue affects BIND 9 versions 9.16.12 through 9.16.45, 9.18.0 through 9.18.21, 9.19.0 through 9.19.19, 9.16.12-S1 through...

7.5CVSS8AI score0.01231EPSS
Exploits0References5
SUSE CVE
SUSE CVE
added 2023/02/15 6:12 a.m.3 views

SUSE CVE-2007-2444

Logic error in the SID/Name translation functionality in smbd in Samba 3.0.23d through 3.0.25pre2 allows local users to gain temporary privileges and execute SMB/CIFS protocol operations via unspecified vectors that cause the daemon to transition to the root user...

7.2CVSS7.1AI score0.00783EPSS
Exploits0References6
SUSE CVE
SUSE CVE
added 2023/02/15 4:52 a.m.3 views

SUSE CVE-2017-3135

Under some conditions when using both DNS64 and RPZ to rewrite query responses, query processing can resume in an inconsistent state leading to either an INSIST assertion failure or an attempt to read through a NULL pointer. Affects BIND 9.8.8, 9.9.3-S1 - 9.9.9-S7, 9.9.3 - 9.9.9-P5, 9.9.10b1,...

7.5CVSS6.8AI score0.17108EPSS
Exploits0References10
Tenable Nessus
Tenable Nessus
added 2021/03/05 12:0 a.m.115 views

openSUSE Security Update : java-1_8_0-openjdk (openSUSE-2021-374)

This update for java-180-openjdk fixes the following issues : - Update to version jdk8u282 icedtea 3.18.0 - January 2021 CPU bsc1181239 - Security fixes + JDK-8247619: Improve Direct Buffering of Characters CVE-2020-14803 - Import of OpenJDK 8 u282 build 01 + JDK-6962725: Regtest...

5.3CVSS6.5AI score0.03122EPSS
Exploits0References2
OSV
OSV
added 2019/01/16 8:29 p.m.1 views

DEBIAN-CVE-2017-3135

Under some conditions when using both DNS64 and RPZ to rewrite query responses, query processing can resume in an inconsistent state leading to either an INSIST assertion failure or an attempt to read through a NULL pointer. Affects BIND 9.8.8, 9.9.3-S1 - 9.9.9-S7, 9.9.3 - 9.9.9-P5, 9.9.10b1,...

5.9CVSS6.8AI score0.17108EPSS
Exploits0References1
UbuntuCve
UbuntuCve
added 2007/05/14 9:19 p.m.34 views

CVE-2007-2444

Logic error in the SID/Name translation functionality in smbd in Samba 3.0.23d through 3.0.25pre2 allows local users to gain temporary privileges and execute SMB/CIFS protocol operations via unspecified vectors that cause the daemon to transition to the root user...

7.2CVSS7.3AI score0.00783EPSS
Exploits0References2
NVD
NVD
added 2007/05/14 9:19 p.m.25 views

CVE-2007-2444

Logic error in the SID/Name translation functionality in smbd in Samba 3.0.23d through 3.0.25pre2 allows local users to gain temporary privileges and execute SMB/CIFS protocol operations via unspecified vectors that cause the daemon to transition to the root user...

7.2CVSS6.5AI score0.00783EPSS
Exploits0References34
Prion
Prion
added 2007/05/14 9:19 p.m.28 views

Code injection

Logic error in the SID/Name translation functionality in smbd in Samba 3.0.23d through 3.0.25pre2 allows local users to gain temporary privileges and execute SMB/CIFS protocol operations via unspecified vectors that cause the daemon to transition to the root user...

7.2CVSS6.7AI score0.00783EPSS
Exploits0References34Affected Software3
Samba
Samba
added 2007/05/14 12:0 a.m.75 views

Local SID/Name translation bug can result

Description When translating SIDs to/from names using Samba local list of user and group accounts, a logic error in the smbd daemon's internal security stack may result in a transition to the root user id rather than the non-root user. The user is then able to temporarily issue SMB/CIFS protocol...

7.2CVSS8.3AI score0.00783EPSS
Exploits0
Rows per page
Query Builder