Lucene search
K

13 matches found

Positive Technologies
Positive Technologies
added 2025/11/06 12:0 a.m.4 views

PT-2025-45180

Name of the Vulnerable Software and Affected Versions Better Find and Replace – AI-Powered Suggestions plugin for WordPress versions through 1.7.7 Description The software is susceptible to unauthorized API usage because of a missing capability check within the rtafar ajax function. This allows...

4.3CVSS6.3AI score0.00195EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2025/08/11 12:0 a.m.4 views

PT-2025-32565 · Abb · Abb Aspect

Name of the Vulnerable Software and Affected Versions: ABB Aspect versions prior to 3.08.04-s01 Description: An authorization bypass exists due to a user-controlled key. Recommendations: Update ABB Aspect to version 3.08.04-s01 or later...

7CVSS7.2AI score
Exploits0References4
Positive Technologies
Positive Technologies
added 2025/02/21 12:0 a.m.4 views

PT-2025-10140 · Crates.Io · Resolve

Name of the Vulnerable Software and Affected Versions: The product name cannot be determined. Description: The software's GitHub repository has been archived with no commits for seven years, and the latest release on crates.io is also seven years old. Recommendations: At the moment, there is no...

7AI score
Exploits0References4
RedhatCVE
RedhatCVE
added 2025/02/05 12:50 a.m.7 views

CVE-2024-37063

A cross-site scripting XSS vulnerability in versions 3.7.0 or newer of Ydata's ydata-profiling open-source library allows for payloads to be run when a maliocusly crafted report is viewed in the browser...

7.8CVSS5.7AI score0.00321EPSS
Exploits0
Github Security Blog
Github Security Blog
added 2024/06/04 12:31 p.m.16 views

ydata unsafe deserialization

Deserialization of untrusted data can occur in versions 3.7.0 or newer of Ydata's ydata-profiling open-source library, enabling a malicously crafted report to run arbitrary code on an end user's system when loaded...

7.8CVSS7.7AI score0.00239EPSS
Exploits0References3Affected Software1
Positive Technologies
Positive Technologies
added 2021/05/07 12:0 a.m.6 views

PT-2021-11666 · Atlassian · Confluence

Name of the Vulnerable Software and Affected Versions: Confluence Server versions prior to 7.4.8 Confluence Server versions 7.5.0 through 7.10.9 Description: The issue allows attackers to identify internal hosts and ports via a blind server-side request forgery vulnerability in Team Calendars...

4.3CVSS7.2AI score0.01201EPSS
Exploits0References7
phpMyAdmin
phpMyAdmin
added 2018/12/07 12:0 a.m.63 views

XSRF/CSRF vulnerability in phpMyAdmin

PMASA-2018-7 Announcement-ID: PMASA-2018-7 Date: 2018-12-07 Summary XSRF/CSRF vulnerability in phpMyAdmin Description By deceiving a user to click on a crafted URL, it is possible to perform harmful SQL operations such as renaming databases, creating new tables/routines, deleting designer pages,...

8.8CVSS7.6AI score0.01065EPSS
Exploits0Affected Software1
OpenVAS
OpenVAS
added 2017/08/25 12:0 a.m.480 views

HP Integrated Lights-Out (iLO) 4 Multiple Remote Vulnerabilities

HP Integrated Lights-Out iLO 4 is prone to multiple remote vulnerabilities. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

10CVSS9.5AI score0.99335EPSS
Exploits9References1
seebug.org
seebug.org
added 2007/09/22 12:0 a.m.33 views

OpenSSH X11 Cookie 本地略过验证弱点

OpenSSH 4.6.x 及之前的版本允许本地攻击者略过验证而获得存取权, 因为无法对信任及不信任的 X11 cookies 做正确的处理, 本地攻击者可以攻击此弱点而略过验证, 获得存取权. UNIX 升级至升级至 OpenSSH 4.7 或最新版本的 OpenSSH. . OpenSSH Homepage http://www.openssh.com/ . OpenSSH release 4.7 http://www.openssh.com/txt/release-4.7...

7.1AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2007/06/14 12:0 a.m.13 views

Fedora Core 5 : iscsi-initiator-utils-5.2.0.865-0.0.fc5 (2007-589)

This update to iscsi-initiator-utils is a rebase to the upstream open-iscsi-2.0-865 release. This release includes two security fixes which are described here https://bugzilla.redhat.com/bugzilla/showbug.cgi?id=243719 bug fixes and new features. The tools in this release use a different db format...

5.5AI score
Exploits0References2
OpenVAS
OpenVAS
added 2005/11/03 12:0 a.m.34 views

mod_ssl hook functions format string vulnerability

The remote host is using a version vulnerable of modssl which is older than 2.8.19. There is a format string condition in the log functions of the remote module which may allow an attacker to execute arbitrary code on the remote host. Some vendors patched older versions of modssl, so this might b...

7.5CVSS0.5AI score0.05802EPSS
Exploits0
OpenVAS
OpenVAS
added 2005/11/03 12:0 a.m.10 views

Opera skin zip file buffer overflow vulnerability

The remote host is using Opera - an alternative web browser. This version is vulnerable to a security weakness. A problem has been identified in the handling of zipped skin files by Opera. Because of this, it may be possible for an attacker to gain unauthorized access to a system using the...

0.3AI score
Exploits0
OpenVAS
OpenVAS
added 2005/11/03 12:0 a.m.33 views

Bugzilla remote arbitrary command execution

The remote Bugzilla bug tracking system, according to its version number, is vulnerable to arbitrary commands execution flaws due to a lack of sanitization of user-supplied data in processbug.cgi OpenVAS Vulnerability Test $Id: bugzillaremoteexec.nasl 8023 2017-12-07 08:36:26Z teissa $ Descriptio...

7.5CVSS0.6AI score0.03132EPSS
Exploits0
Rows per page
Query Builder