Lucene search
K

14 matches found

EUVD
EUVD
added 2026/06/17 6:35 p.m.10 views

EUVD-2025-210233

Unauthenticated Local File Inclusion in Snowy = 1.13 versions...

8.1CVSS5.1AI score0.00348EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/05/12 12:0 a.m.9 views

Intel QAT software drivers for Windows 输入验证错误漏洞

Intel QAT software drivers for Windows are a set of encryption and compression hardware acceleration drivers for the Windows platform developed by Intel Corporation. Versions of Intel QAT software drivers for Windows prior to version 1.13 contain a vulnerability related to input validation. This...

6.9CVSS5.8AI score0.00099EPSS
Exploits0References1
OSV
OSV
added 2026/02/19 7:31 p.m.6 views

CVE-2026-26205 opa-envoy-plugin has an Authorization Bypass via Double-Slash Path Misinterpretation in `input.parsed_path`

opa-envoy-plugun is a plugin to enforce OPA policies with Envoy. Versions prior to 1.13.2-envoy-2 have a vulnerability in how the input.parsedpath field is constructed. HTTP request paths are treated as full URIs when parsed; interpreting leading path segments prefixed with double slashes // as...

7.1CVSS5.7AI score0.0038EPSS
Exploits0References5
Vulnrichment
Vulnrichment
added 2025/12/18 7:21 a.m.2 views

CVE-2025-53439 WordPress Harper theme <= 1.13 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in axiomthemes Harper harper allows PHP Local File Inclusion.This issue affects Harper: from n/a through = 1.13...

8.1CVSS6.7AI score0.00415EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 11:58 p.m.8 views

CVE-2022-24124

The query API in Casdoor before 1.13.1 has a SQL injection vulnerability related to the field and value parameters, as demonstrated by api/get-organizations...

7.5CVSS7.7AI score0.58927EPSS
Exploits9References1
Vulnrichment
Vulnrichment
added 2025/03/27 3:33 p.m.5 views

CVE-2025-22278 WordPress Whitish Lite theme <= 2.1.13 - Stored Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in yudleethemes Whitish Lite allows Stored XSS.This issue affects Whitish Lite: from n/a through 2.1.13...

6.5CVSS6.5AI score0.00193EPSS
Exploits0References1
OSV
OSV
added 2023/11/30 1:15 p.m.3 views

CVE-2023-48334

Cross-Site Request Forgery CSRF vulnerability in DAEXT League Table allows Cross Site Request Forgery.This issue affects League Table: from n/a through 1.13...

8.8CVSS7.3AI score0.00269EPSS
Exploits0References1
OSV
OSV
added 2023/04/15 10:15 p.m.1 views

UBUNTU-CVE-2021-43612

In lldpd before 1.0.13, when decoding SONMP packets in the sonmpdecode function, it's possible to trigger an out-of-bounds heap read via short SONMP packets...

7.5CVSS7.2AI score0.01142EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2022/05/31 12:0 a.m.3 views

PT-2022-20449 · Sofia-Sip +4 · Sofia-Sip +4

Name of the Vulnerable Software and Affected Versions: Sofia-SIP versions prior to 1.13.8 Description: Sofia-SIP is an open-source Session Initiation Protocol SIP User-Agent library. An attacker can send a message with evil sdp to FreeSWITCH, which may cause a crash. This type of crash may be...

9.8CVSS7.4AI score0.0366EPSS
Exploits5References49
OSV
OSV
added 2021/04/27 12:15 p.m.5 views

CVE-2021-27480

Delta Industrial Automation COMMGR Versions 1.12 and prior are vulnerable to a stack-based buffer overflow, which may allow an attacker to execute remote code...

9.8CVSS6.2AI score0.01269EPSS
Exploits0References1
OSV
OSV
added 2020/10/15 3:15 p.m.3 views

ALPINE-CVE-2020-6107

An exploitable information disclosure vulnerability exists in the devread functionality of F2fs-Tools F2fs.Fsck 1.13. A specially crafted f2fs filesystem can cause an uninitialized read resulting in an information disclosure. An attacker can provide a malicious file to trigger this vulnerability...

5.5CVSS6.4AI score0.01496EPSS
Exploits1References1
CNVD
CNVD
added 2020/02/25 12:0 a.m.4 views

Moxa AWK-3131A Operating System Command Injection Vulnerability (CNVD-2020-13473)

Moxa AWK-3131A is a wireless access device from Moxa. An operating system command injection vulnerability exists in the Moxa AWK-3131A using firmware version 1.13. The vulnerability can be exploited to execute arbitrary busybox commands and take control of the device with the help of specially...

9.9CVSS8.3AI score0.05364EPSS
Exploits1References1
OSV
OSV
added 2018/05/30 1:29 p.m.8 views

AZL-7380 CVE-2018-11439 affecting package taglib for versions less than 1.13.1-1

The TagLib::Ogg::FLAC::File::scan function in oggflacfile.cpp in TagLib 1.11.1 allows remote attackers to cause information disclosure heap-based buffer over-read via a crafted audio file...

6.5CVSS6.4AI score0.02847EPSS
Exploits1References1
OSV
OSV
added 2018/03/26 10:15 a.m.21 views

OPENSUSE-SU-2018:0813-1 Security update for nginx

This update for nginx to version 1.13.9 fixes the following issues: - CVE-2017-7529: nginx: Integer overflow in nginx range filter module allowed memory disclosure bsc1048265 This update also contains all updates and improvements in 1.13.9 upstream release...

7.5CVSS7.5AI score0.62597EPSS
Exploits6References4
Rows per page
Query Builder