Lucene search
+L

4 matches found

cvelist
cvelist
added 2025/10/30 9:26 p.m.7 views

CVE-2020-36858 Nagios Log Server < 2.1.6 XSS via Create User, Edit User, & Manage Host Lists Pages

Nagios Log Server versions prior to 2.1.6 contain cross-site scripting XSS vulnerabilities via the web interface on the Create User, Edit User, and Manage Host Lists pages. Insufficient validation or escaping of user-supplied input may allow an attacker to inject and execute arbitrary script in t...

5.1CVSS0.00466EPSS
Exploits0References2
osv
osv
added 2023/11/24 9:30 p.m.1 views

GHSA-7PVX-4585-HQWW sequelize-typescript Prototype Pollution vulnerability

Prototype Pollution in GitHub repository robinbuschmann/sequelize-typescript prior to 2.1.6...

7.5CVSS5.9AI score0.00589EPSS
Exploits1References4
osv
osv
added 2020/01/24 10:15 p.m.5 views

DEBIAN-CVE-2014-9628

The MP4ReadBoxString function in modules/demux/mp4/libmp4.c in VideoLAN VLC media player before 2.1.6 allows remote attackers to trigger an unintended zero-size malloc and conduct buffer overflow attacks, and consequently execute arbitrary code, via a box size of 7...

7.8CVSS7.4AI score0.02162EPSS
Exploits0References1
ptsecurity
ptsecurity
added 2016/12/31 12:0 a.m.7 views

PT-2016-3318 · Libevent +5 · Libevent +5

Name of the Vulnerable Software and Affected Versions: libevent versions prior to 2.1.6-beta Description: The issue is related to a stack-based buffer overflow in the evutil parse sockaddr port function, which can be exploited by attackers to cause a denial of service, resulting in a segmentation...

10CVSS7.8AI score0.33199EPSS
Exploits153References927
Rows per page
Query Builder