Lucene search
K

12 matches found

EUVD
EUVD
added 2026/05/14 8:44 p.m.11 views

EUVD-2026-30481

PrestaShop is an open source e-commerce web application. Prior to 8.2.6 and 9.1.1, there is a stored Cross-Site Scripting XSS vulnerability in the PrestaShop back-office Customer Service view. An unauthenticated attacker can submit the public Contact Us form with a malicious email address. The...

9.3CVSS5.8AI score0.00331EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/05/14 8:44 p.m.7 views

CVE-2026-44212

PrestaShop is an open source e-commerce web application. Prior to 8.2.6 and 9.1.1, there is a stored Cross-Site Scripting XSS vulnerability in the PrestaShop back-office Customer Service view. An unauthenticated attacker can submit the public Contact Us form with a malicious email address. The...

9.3CVSS5.8AI score0.00331EPSS
Exploits0References2Affected Software1
OSV
OSV
added 2026/04/16 10:34 p.m.17 views

GHSA-PR96-94W5-MX2H @fastify/static vulnerable to path traversal in directory listing

Impact @fastify/static v9.1.0 and earlier serves directory listings outside the configured static root when the list option is enabled. A request such as /public/../outside/ causes dirList.path to resolve a directory outside the root via path.join without a containment check. A remote...

5.3CVSS6AI score0.00506EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2026/04/16 12:0 a.m.7 views

PT-2026-33321

Name of the Vulnerable Software and Affected Versions @fastify/static versions 8.0.0 through 9.1.0 Description Path traversal occurs when directory listing is enabled via the list option. The dirList.path function resolves directories outside the configured static root using path.join without a...

5.3CVSS5.9AI score0.00506EPSS
Exploits0References9
IBM Security Bulletins
IBM Security Bulletins
added 2025/10/09 2:27 p.m.7 views

Security Bulletin: IBM Maximo Application Suite - Visual Inspection component uses xmldom-0.8.10.tgz which is vulnerable to this CVE-2021-32796

Summary Security Bulletin: IBM Maximo Application Suite - Visual Inspection component uses xmldom-0.8.10.tgz which is vulnerable to this CVE-2021-32796 Vulnerability Details CVEID:CVE-2021-32796 DESCRIPTION: xmldom is an open source pure JavaScript W3C standard-based XML DOM Level 2 Core DOMParse...

6.5CVSS6.6AI score0.01347EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2025/09/23 7:23 a.m.5 views

Security Bulletin: IBM Maximo Application Suite Ai-Service Component uses Requests is a HTTP library. Due to a URL parsing issue, Requests releases prior to 2.32.4 may leak.

Summary Security Bulletin: IBM Maximo Application Suite Ai-Service Component uses Requests is a HTTP library. Due to a URL parsing issue, Requests releases prior to 2.32.4 may leak.This bulletin contains information regarding the vulnerability and its fixture. Vulnerability Details...

5.3CVSS6.2AI score0.00845EPSS
Exploits1Affected Software1
CNNVD
CNNVD
added 2024/02/15 12:0 a.m.5 views

Adobe Substance 3D Painter 缓冲区错误漏洞

Adobe Substance 3D Painter is a 3D texturing application from the American company Audobee Adobe. A buffer error vulnerability exists in Adobe Substance 3D Painter 9.1.1 and prior versions, which stems from an out-of-bounds read while parsing a carefully crafted file, which could result in a read...

7.8CVSS7.4AI score0.00269EPSS
Exploits0References2
OSV
OSV
added 2023/08/02 1:15 a.m.3 views

CVE-2023-31926

System files could be overwritten using the less command in Brocade Fabric OS before Brocade Fabric OS v9.1.1c and v9.2.0...

7.1CVSS7.2AI score0.00148EPSS
Exploits0References2
CNNVD
CNNVD
added 2023/08/01 12:0 a.m.4 views

Brocade Fabric OS Code Issue Vulnerability

Brocade Fabric OS FOS is a set of embedded operating systems used in devices such as switches and routers from Brocade USA. A code issue vulnerability exists in Brocade Fabric OS that stems from a security issue on the command line that allows a local user to dump files in the user's home directo...

5.5CVSS6.7AI score0.00167EPSS
Exploits0References4
Broadcom
Broadcom
added 2023/08/01 12:0 a.m.8 views

CVE-2023-31425 - Privilege escalation via the fosexec command

A vulnerability in the fosexec command of Brocade Fabric OS after Brocade Fabric OS v9.1.0 and, before Brocade Fabric OS v9.1.1 could allow a local authenticated user to perform privilege escalation to root by breaking the rbash shell. Starting with Fabric OS v9.1.0, “root” account access is...

7.8CVSS7AI score0.00259EPSS
Exploits0
Positive Technologies
Positive Technologies
added 2021/01/20 12:0 a.m.3 views

PT-2021-24261 · Raw-Cpuid · Raw-Cpuid

Name of the Vulnerable Software and Affected Versions: raw-cpuid crate versions prior to 9.1.1 Description: The issue arises when the non-default serialize feature is activated, allowing most structs to implement serde::Deserialize without sufficient validation. This can lead to breaking invarian...

9.8CVSS9.2AI score0.01123EPSS
Exploits0References10
Positive Technologies
Positive Technologies
added 2017/07/05 12:0 a.m.6 views

PT-2017-4164 · Dnn · Dnn

Name of the Vulnerable Software and Affected Versions: DNN aka DotNetNuke versions prior to 9.1.1 Description: The issue is related to insufficient protection of cookies, which can be exploited to gain unauthorized access to protected information and execute arbitrary code. This can be achieved...

8.8CVSS9.6AI score0.94789EPSS
Exploits6References16
Rows per page
Query Builder