Lucene search
K

36 matches found

Kaspersky
Kaspersky
added 2025/10/14 12:0 a.m.9 views

KLA89270 Multiple vulnerabilities in Microsoft Azure

Multiple vulnerabilities were found in Microsoft Azure. Malicious users can exploit these vulnerabilities to gain privileges. Below is a complete list of vulnerabilities: 1. An elevation of privilege vulnerability in Azure Monitor Agent can be exploited remotely to gain privileges. 2. An elevatio...

8.2CVSS7.3AI score0.00711EPSS
Exploits0References7
Tenable Nessus
Tenable Nessus
added 2025/09/10 12:0 a.m.5 views

Linux Distros Unpatched Vulnerability : CVE-2016-3744

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Buffer overflow in the createpbuf function in btif/src/btifhh.c in Bluetooth in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before...

7.5CVSS7.7AI score0.00357EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/08/15 12:0 a.m.4 views

Linux Distros Unpatched Vulnerability : CVE-2016-6211

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The User module in Drupal 7.x before 7.44 allows remote authenticated users to gain privileges via vectors involving contributed or custom code that triggers a...

8.8CVSS7.9AI score0.02531EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2024/10/02 12:0 a.m.7 views

PT-2024-20280 · Ruijie · Ruijie Rg-Nbs2009G-P Rgos

Name of the Vulnerable Software and Affected Versions: Ruijie RG-NBS2009G-P RGOS version 10.41P2 Release 9736 Description: The issue allows a remote attacker to gain privileges via the login check state component. This is due to an Insecure Permissions vulnerability. A remote attacker can exploit...

9.8CVSS7.5AI score0.00639EPSS
Exploits1References7
BDU FSTEC
BDU FSTEC
added 2024/09/18 12:0 a.m.5 views

The vulnerability of the Kerberos protocol for Windows operating systems allows attackers to increase their privileges.

The vulnerability of the Graphics component in Windows operating systems is related to deficiencies in authentication procedures. Exploiting this vulnerability can allow a malicious actor to gain increased privileges remotely...

9CVSS5.4AI score0.01749EPSS
Exploits0References3
OSV
OSV
added 2023/11/14 4:15 a.m.6 views

CVE-2023-42327

Cross Site Scripting XSS vulnerability in Netgate pfSense v.2.7.0 allows a remote attacker to gain privileges via a crafted URL to the getserviceproviders.php page...

5.4CVSS5.8AI score0.55356EPSS
Exploits1References2
OSV
OSV
added 2023/11/14 4:15 a.m.6 views

CVE-2023-42325

Cross Site Scripting XSS vulnerability in Netgate pfSense v.2.7.0 allows a remote attacker to gain privileges via a crafted url to the statuslogsfilterdynamic.php page...

5.4CVSS5.8AI score0.57918EPSS
Exploits1References2
OSV
OSV
added 2023/10/31 4:15 a.m.3 views

CVE-2023-27846

SQL injection vulnerability found in PrestaShop themevolty v.4.0.8 and before allow a remote attacker to gain privileges via the tvcmsblog, tvcmsvideotab, tvcmswishlist, tvcmsbrandlist, tvcmscategorychainslider, tvcmscategoryproduct, tvcmscategoryslider, tvcmspaymenticon, tvcmstestimonial...

9.8CVSS7.3AI score0.00601EPSS
Exploits0References1
OSV
OSV
added 2023/08/03 5:15 p.m.2 views

CVE-2023-36213

SQL injection vulnerability in MotoCMS v.3.4.3 allows a remote attacker to gain privileges via the keyword parameter of the search function...

9.8CVSS5.9AI score0.01091EPSS
Exploits1References2
ATTACKERKB
ATTACKERKB
added 2023/08/03 1:15 a.m.2 views

CVE-2023-36082

An isssue in GatesAIr Flexiva FM Transmitter/Exiter Fax 150W allows a remote attacker to gain privileges via the LDAP and SMTP credentials...

9.8CVSS5.5AI score0.0097EPSS
Exploits1References4
OSV
OSV
added 2023/03/24 10:15 p.m.4 views

CVE-2023-26864

SQL injection vulnerability found in PrestaShop smplredirectionsmanager v.1.1.19 and before allow a remote attacker to gain privileges via the SmplTools::getMatchingRedirectionsFromPartscomponent...

9.8CVSS7.3AI score0.01194EPSS
Exploits1References1
Positive Technologies
Positive Technologies
added 2022/11/01 12:0 a.m.5 views

PT-2022-18506 · Sick · Sick Sim2000St

Name of the Vulnerable Software and Affected Versions: SICK SIM2000ST versions =1.7.0 Description: A password recovery issue allows an unprivileged remote attacker to invoke the password recovery mechanism method, gaining access to the user level defined as RecoverableUserLevel. This results in...

9.8CVSS9.3AI score0.01235EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2022/06/28 12:0 a.m.6 views

The vulnerability of Emerson DeltaV industrial workstations, related to the use of cryptographic algorithms containing defects, allows attackers to exploit their privileges.

The vulnerability of Emerson DeltaV industrial workstations lies in the use of cryptographic algorithms that contain vulnerabilities. Exploiting this vulnerability can allow a remote attacker to gain increased privileges...

9CVSS5.5AI score0.00228EPSS
Exploits0References2
OSV
OSV
added 2021/12/28 12:15 p.m.4 views

CVE-2021-40579

https://www.sourcecodester.com/ Online Enrollment Management System in PHP and PayPal Free Source Code 1.0 is affected by: Incorrect Access Control. The impact is: gain privileges remote...

6.5CVSS6.7AI score0.00843EPSS
Exploits0References2
CVE
CVE
added 2021/12/28 11:59 a.m.51 views

CVE-2021-40579

The CVE-2021-40579 entry concerns the PayPal Free Source Code Online Enrollment Management System in PHP (version 1.0) and related components, affected by Incorrect Access Control. The underlying impact is remote privilege gain through improper privilege validation when obtaining PHP and PayPal F...

6.5CVSS6.8AI score0.00843EPSS
Exploits0References2Affected Software1
OSV
OSV
added 2021/05/11 7:15 p.m.4 views

CVE-2020-18964

Cross Site Request Forgery CSRF Vulnerability in ForestBlog latest version via the website Management background, which could let a remote malicious gain privileges...

8.8CVSS7.3AI score0.00554EPSS
Exploits1References1
NVD
NVD
added 2021/04/13 6:15 a.m.15 views

CVE-2021-29054

Certain Papoo products are affected by: Cross Site Request Forgery CSRF in the admin interface. This affects Papoo CMS Light through 21.02 and Papoo CMS Pro through 6.0.1. The impact is: gain privileges remote...

8.8CVSS0.00783EPSS
Exploits0References3
OSV
OSV
added 2021/02/05 2:15 p.m.4 views

CVE-2020-18714

SQL Injection in Rockoa v1.8.7 allows remote attackers to gain privileges due to loose filtering of parameters in wordModel.php's getdata function...

9.8CVSS7.4AI score0.01317EPSS
Exploits1References1
CVE
CVE
added 2021/01/26 5:15 p.m.40 views

CVE-2020-23448

This CVE concerns the NewBee-Mall application where all versions are affected by an incorrect access control flaw in AdminLoginInterceptor.java that allows bypassing authentication for the /admin area, enabling privilege escalation. The root cause is the bypass of the system’s authentication logi...

9.8CVSS9.6AI score0.01577EPSS
Exploits1References1Affected Software1
Cvelist
Cvelist
added 2021/01/26 5:15 p.m.25 views

CVE-2020-23448

newbee-mall all versions are affected by incorrect access control to remotely gain privileges through AdminLoginInterceptor.java. The authentication logic of the system's background /admin is in code AdminLoginInterceptor, which can be bypassed...

9.8AI score0.01577EPSS
Exploits1References1
Rows per page
Query Builder