Lucene search
K

27 matches found

CNNVD
CNNVD
added 2026/06/09 12:0 a.m.18 views

Adobe Experience Manager 跨站脚本漏洞

Adobe Experience Manager is a content management solution developed by Adobe Inc. in the United States. It can be used to build websites, mobile applications, and forms. This solution supports mobile content management, marketing and sales activity management, and multi-site management, among oth...

5.4CVSS6.1AI score0.00283EPSS
Exploits0References1
Debian CVE
Debian CVE
added 2026/05/27 2:29 a.m.18 views

CVE-2026-48959

IO::Uncompress::Unzip versions before 2.220 for Perl allow CPU exhaustion via per-byte read loop in fastForward. fastForward compares length $offset the digit count of the offset, 1 to 19 against the chunk size $c instead of $offset itself, so $c shrinks from 16 KiB to 1-19 bytes per iteration...

7.5CVSS5.7AI score0.00373EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2026/05/11 12:0 a.m.8 views

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: grub2 (UTSA-2026-017479)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017479 advisory. A flaw was found in grub2 in versions prior to 2.06. The rmmod implementation allows the unloading of a module used as a dependency without checking if any other...

8.2CVSS7AI score0.01152EPSS
Exploits0References4
CBLMariner
CBLMariner
added 2026/03/09 2:32 p.m.5 views

CVE-2026-25210 affecting package expat for versions less than 2.6.4-4

CVE-2026-25210 affecting package expat for versions less than 2.6.4-4. A patched version of the package is available...

7.8CVSS5.8AI score0.00193EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2026/01/07 9:49 a.m.8 views

CVE-2022-27949

A vulnerability in UI of Apache Airflow allows an attacker to view unmasked secrets in rendered template values for tasks which were not executed for example when they were depending on past and previous instances of the task failed. This issue affects Apache Airflow prior to 2.3.1...

7.5CVSS6.7AI score0.0168EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/12/30 12:0 a.m.7 views

PT-2025-53872

Name of the Vulnerable Software and Affected Versions DesignThemes LMS Addon versions prior to and including 2.6 Description An authorization issue exists in the DesignThemes LMS Addon due to incorrectly configured access control security levels. This allows for potential exploitation of the...

8.1CVSS6.5AI score0.00219EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2025/11/18 12:0 a.m.5 views

PT-2025-47291

Name of the Vulnerable Software and Affected Versions METZ CONNECT EWIO2-M versions prior to 2.2.0 METZ CONNECT Ethernet-IO EWIO2-BM versions prior to 2.2.0 Description An unauthenticated remote attacker can execute arbitrary PHP files and gain full access of the affected devices. This allows...

9.8CVSS7.5AI score0.00469EPSS
Exploits0References8
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2025-31721

Malicious code in bioql PyPI...

7.1CVSS6.6AI score0.00234EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2025/05/23 7:39 a.m.8 views

CVE-2024-31583

Pytorch before version v2.2.0 was discovered to contain a use-after-free vulnerability in torch/csrc/jit/mobile/interpreter.cpp...

7.8CVSS7.2AI score0.00266EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 2:55 a.m.4 views

CVE-2023-0440

Observable Discrepancy in GitHub repository healthchecks/healthchecks prior to v2.6...

5.3CVSS5.4AI score0.0056EPSS
Exploits1References1
CNNVD
CNNVD
added 2025/03/31 12:0 a.m.6 views

Drupal Email TFA 安全漏洞

Drupal Email TFA is a Drupal community module that provides email-based two-factor authentication functionality for Drupal. A security vulnerability exists in Drupal Email TFA versions prior to 2.0.3, which stems from weak authentication and could lead to brute force exploits...

8.8CVSS6.8AI score0.00529EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2024/05/04 12:0 a.m.5 views

PT-2024-25927 · Open5Gs · Open5Gs

Name of the Vulnerable Software and Affected Versions: Open5GS versions prior to 2.7.1 Description: The issue is related to a reachable assertion that can cause an AMF crash via NAS messages from a UE. This occurs due to improper handling of the pkbuf-len variable in the ogs nas encrypt function...

5.3CVSS6.5AI score0.00513EPSS
Exploits0References9
OSV
OSV
added 2023/11/30 8:15 a.m.6 views

CVE-2022-45135

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Apache Cocoon.This issue affects Apache Cocoon: from 2.2.0 before 2.3.0. Users are recommended to upgrade to version 2.3.0, which fixes the issue...

9.8CVSS5.8AI score0.01102EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2023/08/13 12:0 a.m.5 views

PT-2023-27371 · Gnu +2 · Gnu Inetutils +2

Name of the Vulnerable Software and Affected Versions: GNU inetutils versions prior to 2.5 Description: The issue allows privilege escalation due to unchecked return values of setid family functions in ftpd, rcp, rlogin, rsh, rshd, and uucpd. This is relevant if the setuid system call fails when ...

7.8CVSS7.5AI score0.01657EPSS
Exploits4References35
OSV
OSV
added 2023/08/01 1:15 a.m.7 views

PYSEC-2023-280

OS Command Injection in GitHub repository mlflow/mlflow prior to 2.6.0...

7.8CVSS7.8AI score0.01195EPSS
Exploits0References3
OSV
OSV
added 2023/07/11 10:15 a.m.5 views

CVE-2022-29562

A vulnerability has been identified in RUGGEDCOM ROX MX5000 All versions V2.16.0, RUGGEDCOM ROX MX5000RE All versions V2.16.0, RUGGEDCOM ROX RX1400 All versions V2.16.0, RUGGEDCOM ROX RX1500 All versions V2.16.0, RUGGEDCOM ROX RX1501 All versions V2.16.0, RUGGEDCOM ROX RX1510 All versions V2.16.0...

5.3CVSS5.7AI score0.00748EPSS
Exploits0References1
CNNVD
CNNVD
added 2022/11/10 12:0 a.m.3 views

PrestaShop SQL注入漏洞

PrestaShop is an open source e-commerce solution from PrestaShop, Inc. in the United States. The solution provides multiple payment methods, SMS alerts and product image zoom. A security vulnerability exists in PrestaShop versions prior to 2.1.3, which stems from the EU Cookie Law GDPR Banner +...

9.1CVSS8.4AI score0.02397EPSS
Exploits1References5
Positive Technologies
Positive Technologies
added 2022/06/25 12:0 a.m.6 views

PT-2022-20528

Name of the Vulnerable Software and Affected Versions prestashop/blockwishlist versions prior to 2.1.1 Description The issue allows an authenticated customer to perform SQL injection. This can be exploited by an attacker to extract or modify sensitive data. The problem is related to the...

8.8CVSS8.8AI score0.24146EPSS
Exploits6References15
ATTACKERKB
ATTACKERKB
added 2021/09/21 3:15 p.m.3 views

CVE-2021-41525

An issue related to modification of otherwise restricted files through a locally authenticated attacker exists in FlexNet inventory agent and inventory beacon versions 2020 R2.5 and prior...

5.5CVSS6AI score0.00219EPSS
Exploits0References2
CNVD
CNVD
added 2021/06/11 12:0 a.m.13 views

ZOLL Defibrillator Dashboard Permission Mismanagement Vulnerability

ZOLL Defibrillator Dashboard is a defibrillator management tool. A mismanagement of privileges vulnerability exists in ZOLL Defibrillator Dashboard versions prior to 2.2. The vulnerability stems from the product containing insecure file system permissions. An attacker could exploit the...

7.8CVSS6.6AI score0.00231EPSS
Exploits0References1
Rows per page
Query Builder