Lucene search
+L

44 matches found

NVD
NVD
added 2025/07/15 8:15 p.m.3 views

CVE-2025-50086

Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Components Services. Supported versions that are affected are 8.0.0-8.0.42, 8.4.0-8.4.5 and 9.0.0-9.3.0. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to...

4.9CVSS0.00517EPSS
Exploits0References1
CVE
CVE
added 2025/06/29 6:0 a.m.24 views

CVE-2025-6848

The CVE-2025-6848 entry concerns code-projects Simple Forum 1.0. Multiple connected sources specify a vulnerability in the processing of the File argument in /forum1.php that allows unrestricted file uploads. The root cause is an inadequate validation/handling of uploaded files, enabling a remote...

8.8CVSS7.2AI score0.00308EPSS
Exploits1References5Affected Software1
RedhatCVE
RedhatCVE
added 2025/05/23 7:48 a.m.7 views

CVE-2024-20361

A vulnerability in the Object Groups for Access Control Lists ACLs feature of Cisco Firepower Management Center FMC Software could allow an unauthenticated, remote attacker to bypass configured access controls on managed devices that are running Cisco Firepower Threat Defense FTD Software. This...

5.8CVSS7.2AI score0.00395EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 7:51 p.m.6 views

CVE-2021-34543

The web administration server in Solar-Log 500 before 2.8.2 Build 52 does not require authentication, which allows remote attackers to gain administrative privileges by connecting to the server. As a result, the attacker can modify configuration files and change the system status. Fixed with...

7.5CVSS7.3AI score0.02934EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/21 8:39 p.m.15 views

CVE-2002-2369

Perception LiteServe 2.0 allows remote attackers to read password protected files via a leading "/./" in a URL...

5CVSS7.1AI score0.01218EPSS
Exploits0References1
CVE
CVE
added 2025/04/10 2:4 a.m.112 views

CVE-2025-27690

Dell PowerScale OneFS contains a default-password vulnerability affecting versions 9.5.0.0–9.10.1.0. An unauthenticated remote attacker could potentially take over a high-privilege account due to use of default credentials. The issue is documented with a CVSSv3.1 base score of 9.8 (CRITICAL) and ...

9.8CVSS7.2AI score0.00472EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2025/03/17 4:45 p.m.63 views

CVE-2024-48013

CVE-2024-48013 affects Dell SmartFabric OS10 Software (versions 10.5.4.x–10.6.0.x). The issue is an Execution with Unnecessary Privileges vulnerability that allows a low-privileged, remote attacker to achieve Elevation of Privileges. According to the available documents, the exploitation status i...

8.8CVSS7.1AI score0.00647EPSS
Exploits0References4Affected Software1
Tenable Nessus
Tenable Nessus
added 2025/03/04 12:0 a.m.9 views

Linux Distros Unpatched Vulnerability : CVE-2016-8884

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The bmpgetdata function in libjasper/bmp/bmpdec.c in JasPer 1.900.5 allows remote attackers to cause a denial of service NULL pointer dereference by calling the...

5.5CVSS6.9AI score0.02281EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2024/07/22 12:0 a.m.7 views

The vulnerability of the Security component of the Oracle Retail Xstore Office software allows a perpetrator to gain unauthorized access to protected information.

The vulnerability of the Security component of the Oracle Retail Xstore Office software relates to the disclosure of information. Exploiting this vulnerability could allow an attacker, operating remotely, to gain unauthorized access to protected information...

8.6CVSS7.7AI score0.01783EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2024/06/19 12:0 a.m.9 views

The vulnerability of TP-Link Tether and TP-Link Tapo network device management and configuration software is related to errors in the certificate validation process, allowing attackers to perform a “Man-in-the-Middle” attack.

The vulnerability of TP-Link Tether and TP-Link Tapo network device management and configuration software is related to errors in the certificate validation process. Exploiting this vulnerability can allow a remote attacker to perform a Man-in-the-Middle MITM attack...

4.8CVSS5.6AI score0.00217EPSS
Exploits0References5Affected Software2
Positive Technologies
Positive Technologies
added 2023/10/10 12:0 a.m.5 views

PT-2023-6169

Name of the Vulnerable Software and Affected Versions Sangfor Next-Gen Application Firewall version NGAF8.0.17 Description The issue is related to an operating system command injection vulnerability. A remote and unauthenticated attacker can execute arbitrary commands by sending a crafted HTTP PO...

10CVSS7.5AI score0.65799EPSS
Exploits2References8
BDU FSTEC
BDU FSTEC
added 2023/01/31 12:0 a.m.6 views

The vulnerability of the configuration of the microprogramming software for the PowerStore T OS allows a perpetrator to compromise the confidentiality and integrity of the protected information.

The vulnerability of the configuration of the microprogramming software for PowerStore T OS is related to deficiencies in the authentication process. Exploiting this vulnerability could allow a malicious actor, operating remotely, to compromise the confidentiality and integrity of the protected...

7CVSS7.7AI score0.00623EPSS
Exploits0References3Affected Software1
RedHat Linux
RedHat Linux
added 2022/03/22 12:30 p.m.3 views

mysql: InnoDB unspecified vulnerability (CPU Jul 2021)

Vulnerability in the MySQL Server product of Oracle MySQL component: InnoDB. Supported versions that are affected are 5.7.34 and prior and 8.0.25 and prior. Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server...

4.4CVSS7.3AI score0.02956EPSS
Exploits0References4
Redos
Redos
added 2021/09/08 12:0 a.m.11 views

ROS-2-630

2.630 Multiple Vulnerabilities in Moodle 1. Vulnerability description: The vulnerability discovered allows a remote attacker to perform cross-site scripting XSS attacks. The vulnerability allows a remote user to gain unauthorized access to other restricted features. Vulnerability allows a remote...

7.7AI score
Exploits0
OSV
OSV
added 2020/08/05 2:15 p.m.6 views

CVE-2020-5608

CAMS for HIS CENTUM CS 3000 includes CENTUM CS 3000 Small R3.08.10 to R3.09.50, CENTUM VP includes CENTUM VP Small, Basic R4.01.00 to R6.07.00, B/M9000CS R5.04.01 to R5.05.01, and B/M9000 VP R6.01.01 to R8.03.01 allows a remote unauthenticated attacker to bypass authentication and send altered...

9.8CVSS7.4AI score0.01587EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2019/02/05 12:0 a.m.2 views

The vulnerability of the InnoDB component of the MySQL Database Server management system, which allows a hacker to cause a service failure.

The vulnerability of the InnoDB component in the MySQL Database Management System is related to deficiencies in access control. Exploiting this vulnerability can allow an attacker, operating remotely, to cause the application to become unresponsive or to crash. This occurs through the use of...

6.8CVSS6.8AI score0.03716EPSS
Exploits0References4Affected Software6
CNVD
CNVD
added 2018/10/17 12:0 a.m.3 views

Unspecified Vulnerability in Oracle Outside In Technology Component (CNVD-2019-28224)

Oracle Fusion Middleware Oracle Fusion Middleware is a set of business innovation platforms for enterprise and cloud environments from Oracle Corporation. The platform provides middleware, software collections, etc. Outside In Technology is one of the software development kit components. A securi...

7.1CVSS8AI score0.01466EPSS
Exploits0References1
OSV
OSV
added 2018/03/26 10:37 p.m.7 views

SUSE-SU-2018:0822-1 Security update for librelp

This update for librelp fixes the following issues: CVE-2018-1000140 bsc1086730: librelp contained a stack-based buffer overflow in the checking of x509 certificates. A remote attacker with an access to the rsyslog logging facility could have exploited it by sending a specially crafted x509...

9.8CVSS9.5AI score0.09662EPSS
Exploits1References3
CNVD
CNVD
added 2017/09/15 12:0 a.m.5 views

Wordpress plugin image-gallery-with-slideshow 'imgid' parameter SQL injection vulnerability

WordPress is a set of WordPress Software Foundation's blogging platform developed using the PHP language, which supports personal blog sites on servers with PHP and MySQL. A SQL injection vulnerability exists in the Wordpress plugin image-gallery-with-slideshow. A remote attacker can exploit the...

9.8CVSS8.5AI score0.02907EPSS
Exploits1References1
ATTACKERKB
ATTACKERKB
added 2015/05/18 3:59 p.m.3 views

CVE-2014-8384

The InFocus IN3128HD projector with firmware 0.26 does not restrict access to cgi-bin/webctrl.cgi.elf, which allows remote attackers to modify the DHCP server and device IP configuration, reboot the device, change the device name, and have other unspecified impact via a crafted request...

9.4CVSS5.7AI score0.03235EPSS
Exploits3References4
Rows per page
Query Builder