Lucene search
K

6 matches found

Cvelist
Cvelist
added 2025/08/23 1:3 a.m.7 views

CVE-2025-43770

A reflected cross-site scripting XSS vulnerability in the Liferay Portal 7.4.0 through 7.4.3.131, and Liferay DXP 2024.Q4.0 through 2024.Q4.3, 2024.Q3.1 through 2024.Q3.13, 2024.Q2.0 through 2024.Q2.13, 2024.Q1.1 through 2024.Q1.12 and 7.4 GA through update 92 allows an remote non-authenticated...

6.9CVSS0.00181EPSS
Exploits0References1
GithubExploit
GithubExploit
added 2024/12/18 4:3 p.m.143 views

Exploit for CVE-2024-57521

Authenticated SQL Injection in RuoYi v4.7.9 Bypass of CVE-202...

10CVSS8.4AI score0.00587EPSS
Exploits4
SUSE CVE
SUSE CVE
added 2023/02/15 5:18 a.m.3 views

SUSE CVE-2015-3412

PHP before 5.4.40, 5.5.x before 5.5.24, and 5.6.x before 5.6.8 does not ensure that pathnames lack %00 sequences, which might allow remote attackers to read arbitrary files via crafted input to an application that calls the streamresolveincludepath function in ext/standard/streamsfuncs.c, as...

5.3CVSS8.7AI score0.04094EPSS
Exploits1References11
OSV
OSV
added 2023/01/27 10:11 a.m.6 views

CLSA-2023-1674814283 Fix CVE(s): CVE-2023-0049

SECURITY UPDATE: Out-of-bounds read in function buildstlstrhl - debian/patches/CVE-2023-0049: Stop reading from buffer at "%0" - CVE-2023-0049...

7.8CVSS7.2AI score0.00471EPSS
Exploits1References1
Positive Technologies
Positive Technologies
added 2021/09/22 12:0 a.m.3 views

PT-2025-39959

Name of the Vulnerable Software and Affected Versions node-static affected versions not specified @nubosoftware/node-static affected versions not specified Description The software does not properly handle user input containing null bytes. This can allow attackers to access http://host/%00 and...

7.5CVSS6.4AI score0.00489EPSS
Exploits0References17
curl security advisories
curl security advisories
added 2018/03/14 8:0 a.m.6 views

FTP path trickery leads to NIL byte out of bounds write

curl can be fooled into writing a zero byte out of bounds. This bug can trigger when curl is told to work on an FTP URL, with the setting to only issue a single CWD command --ftp-method singlecwd or the libcurl alternative CURLOPTFTPFILEMETHOD. curl then URL-decodes the given path, calls strlen o...

9.8CVSS7.7AI score0.12058EPSS
Exploits0Affected Software2
Rows per page
Query Builder