Lucene search
K

6 matches found

CNNVD
CNNVD
added 2022/07/07 12:0 a.m.4 views

Eclipse Jetty 安全漏洞

Eclipse Jetty is an open source, Java-based Web server and Java Servlet container from the Eclipse Foundation. A security vulnerability exists in Eclipse Jetty that originates from an invalid HTTP/2 request that could result in a denial of service and affects the following products and versions:...

7.5CVSS7.2AI score0.0227EPSS
Exploits0References15
CNVD
CNVD
added 2020/05/06 12:0 a.m.4 views

Teclib GLPI Cross-Site Scripting Vulnerability (CNVD-2020-32422)

Teclib GLPI is an open source IT asset management suite from the French company Teclib. The suite includes features such as device status management, asset inventory storage, management processes and work log management. A cross-site scripting vulnerability exists in Knowledge base in Teclib GLPI...

7.6CVSS6.3AI score0.00804EPSS
Exploits1References1
CNVD
CNVD
added 2020/05/06 12:0 a.m.6 views

Teclib GLPI SQL Injection Vulnerability

Teclib GLPI is an open source IT asset management suite from the French company Teclib. The suite includes features such as device status management, asset inventory storage, management processes and work log management. A SQL injection vulnerability exists in Teclib GLPI versions prior to 9.4.6...

7.6CVSS8.5AI score0.01015EPSS
Exploits0References1
OSV
OSV
added 2020/05/05 10:15 p.m.2 views

UBUNTU-CVE-2020-11034

In GLPI before version 9.4.6, there is a vulnerability that allows bypassing the open redirect protection based which is based on a regexp. This is fixed in version 9.4.6...

6.1CVSS5.8AI score0.07608EPSS
Exploits0References3
OSV
OSV
added 2020/05/05 10:15 p.m.3 views

UBUNTU-CVE-2020-11036

In GLPI before version 9.4.6 there are multiple related stored XSS vulnerabilities. The package is vulnerable to Stored XSS in the comments of items in the Knowledge base. Adding a comment with content "alert1" reproduces the attack. This can be exploited by a user with administrator privileges i...

7.6CVSS5.8AI score0.00804EPSS
Exploits1References3
OSV
OSV
added 2020/05/05 9:15 p.m.4 views

UBUNTU-CVE-2020-11032

In GLPI before version 9.4.6, there is a SQL injection vulnerability for all helpdesk instances. Exploiting this vulnerability requires a technician account. This is fixed in version 9.4.6...

7.6CVSS7.1AI score0.01015EPSS
Exploits0References3
Rows per page
Query Builder