Lucene search
K

7 matches found

CVE
CVE
added 2025/01/31 1:41 a.m.128 views

CVE-2023-0092

Affects Juju controller exposure: An authenticated user with read access to the Juju controller model can construct a remote request to download an arbitrary file from the controller filesystem. The issue is due to improper access control allowing file retrieval. Remediation: upgrade Juju to 2.9....

4.9CVSS5AI score0.00617EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2024/04/09 6:59 p.m.65 views

CVE-2024-2311

CVE-2024-2311 affects Avada (WordPress theme) up to version 7.11.6. The vulnerability is a Stored XSS via plugin shortcodes due to insufficient input sanitization and output escaping of user-supplied shortcode attributes. Exploitation requires contributor-level or higher authentication, and affec...

6.4CVSS7.7AI score0.00688EPSS
Exploits1References5Affected Software1
CVE
CVE
added 2024/04/04 2:57 p.m.56 views

CVE-2024-30250

Astro-Shield (KindSpells) vulnerability CVE-2024-30250 affects versions 1.2.0–1.3.1, where injecting a correct SRI attribute into code causes the injected resource to be considered legitimate by CSP, enabling bypass of cross-origin allow-lists. Root cause: the SRI hash is added to the CSP header,...

7.5CVSS7.6AI score0.0031EPSS
Exploits0References4Affected Software1
CVE
CVE
added 2024/02/23 6:15 p.m.16 views

CAN-2004-1318

Summary of CVE-2004-1318 (Namazu): Namazu2’s namazu.cgi accepts input that is not properly sanitised, allowing a remote attacker to cause cross-site scripting (XSS). The Debian advisories (DSA-627-1) describe the flaw as unsanitised input in Namazu2, with exploitation via a crafted query, notably...

7.5AI score0.01884EPSS
Exploits0
CVE
CVE
added 2024/02/23 5:55 p.m.20 views

CAN-2005-2655

CVE-2005-2655 affects maildrop (lockmail) where the lockmail utility does not drop group privileges before executing command-line arguments, enabling local privilege escalation for users with access to the maildrop package. Debian/DSA-791-1 notes the fix in version 1.5.3-1.1sarge1 (and later), so...

7.5AI score0.01481EPSS
Exploits0
CVE
CVE
added 2023/02/23 9:42 p.m.22 views

CVE-2019-4491

CVE-2019-4491 is an IBM MQ vulnerability where an error in the tracing functionality can be exploited to cause a denial-of-service. Connected IBM MQ advisories specify affected products and versions: IBM WebSphere MQ 7.1 (7.1.0.0–7.1.0.9), MQ 7.5 (7.5.0.0–7.5.0.9), MQ v8 (8.0.0.0–8.0.0.12), MQ v9...

7.2AI score
Exploits0
CVE
CVE
added 2022/08/04 12:45 p.m.27 views

CVE-2011-2036

Technical details for CVE-2011-2036 are not publicly available in the provided documents. Monitor for updates.

6.8AI score
Exploits0
Rows per page
Query Builder