Lucene search
K

13 matches found

RedhatCVE
RedhatCVE
added 2026/05/13 8:23 p.m.7 views

CVE-2026-43891

changedetection.io is a free open source web page change detection tool. Prior to 0.55.1, the vulnerability is caused by trusting attacker-controlled snapshot paths restored from backup files. The vulnerable flow starts in the backup restore logic. When a backup ZIP is restored, the application...

7.5CVSS5.8AI score0.00354EPSS
Exploits1References1
CNNVD
CNNVD
added 2026/03/30 12:0 a.m.11 views

Nginx UI 安全漏洞

Nginx UI is a web interface for Nginx developed by Jacky. Versions of Nginx UI prior to 2.3.4 contained security vulnerabilities. These vulnerabilities stemmed from the backup and restoration mechanism, which allowed attackers to tamper with encrypted backup archives and inject malicious...

9.4CVSS6AI score0.00328EPSS
Exploits1References3
RedHat Linux
RedHat Linux
added 2026/01/28 12:33 a.m.5 views

kernel: RDMA/rxe: Fix incomplete state save in rxe_requester

An incorrect state restoration flaw was found in the Linux kernel's RDMA rxe soft-RoCE driver in the requester packet transmission logic. A local user with access to RDMA devices can trigger this issue when network layer packet drops occur during RDMA send operations, causing the work queue eleme...

5.5CVSS7.2AI score0.00146EPSS
Exploits0References5
BDU FSTEC
BDU FSTEC
added 2023/12/11 12:0 a.m.8 views

The vulnerability of the SetSmartQoSSettings.php script in D-Link DIR-846 router software allows a hacker to execute arbitrary commands.

The vulnerability of the SetSmartQoSSettings.php script of the D-Link DIR-846 router operating system is related to the restoration of unreliable data in memory due to the failure to eliminate certain elements during the processing of parameters smartqoosexpressdevices and smartqoosnormaldevices...

9CVSS8.1AI score0.02347EPSS
Exploits1References3
BDU FSTEC
BDU FSTEC
added 2023/07/20 12:0 a.m.9 views

The vulnerability of the executable file FTSSBackupRestore.exe of the FactoryTalk Policy Manager and FactoryTalk System Services software allows a perpetrator to upload malicious configuration files.

The vulnerability of the executable file FTSSBackupRestore.exe from the manufacturing process management software FactoryTalk Policy Manager and the FactoryTalk System Services system service is related to deficiencies in the authentication process. Exploiting this vulnerability could allow...

5.9CVSS5.8AI score0.00197EPSS
Exploits0References5Affected Software2
BDU FSTEC
BDU FSTEC
added 2022/10/31 12:0 a.m.8 views

The vulnerability of the Drools business rule management system lies in the ability to restore unreliable data in memory, allowing an attacker to execute arbitrary code.

The vulnerability of the Drools business rules management system is related to the restoration of unreliable data in memory. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

6.8CVSS7.1AI score0.01044EPSS
Exploits0References3Affected Software3
BDU FSTEC
BDU FSTEC
added 2022/10/21 12:0 a.m.9 views

The vulnerability of the virtual learning environment Moodle, related to the restoration of unreliable data in memory, allows a perpetrator to execute arbitrary code.

The vulnerability in the virtual training environment Moodle is related to the insecure input verification during the restoration of backup files. Exploiting this vulnerability allows a malicious actor to execute arbitrary code by loading the restored file...

10CVSS6.7AI score0.0159EPSS
Exploits0References6Affected Software2
BDU FSTEC
BDU FSTEC
added 2022/09/02 12:0 a.m.9 views

The vulnerability of the JMX data management platform of Apache Geode allows an attacker to execute arbitrary code.

The vulnerability of the JMX data management platform of Apache Geode involves the restoration of unreliable data in memory. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

10CVSS8AI score0.01274EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2021/06/04 12:0 a.m.7 views

The vulnerability of the org.apache.tomcat.dbcp.dbcp.cpdsadapter.DriverAdapterCPDS component in the Jackson-databind library of the FasterXML project allows attackers to compromise the confidentiality, integrity, and accessibility of protected information.

The vulnerability of the org.apache.tomcat.dbcp.dbcp.cpdsadapter.DriverAdapterCPDS component in the Jackson-databind library of the FasterXML project is related to the restoration of unreliable data in memory. Exploiting this vulnerability may allow an attacker to compromise the confidentiality,...

9.3CVSS7.1AI score0.05018EPSS
Exploits2References9Affected Software6
BDU FSTEC
BDU FSTEC
added 2021/06/04 12:0 a.m.7 views

The vulnerability of the oadd.org.apache.commons.dbcp.cpdsadapter.DriverAdapterCPDS component in the Jackson-databind library of the FasterXML project allows attackers to compromise the confidentiality, integrity, and accessibility of protected information.

The vulnerability of the oadd.org.apache.commons.dbcp.cpdsadapter.DriverAdapterCPDS component in the Jackson-databind library of the FasterXML project is related to the restoration of unreliable data in memory. Exploiting this vulnerability could allow an attacker to compromise the confidentialit...

9.3CVSS7.1AI score0.20929EPSS
Exploits2References10Affected Software6
BDU FSTEC
BDU FSTEC
added 2021/05/12 12:0 a.m.10 views

The vulnerability of the Apache OFBiz resource planning software lies in its ability to restore unreliable data in memory, allowing an attacker to execute arbitrary code.

The vulnerability of Apache OFBiz’s resource planning software lies in its ability to restore unreliable data in memory. Exploiting this vulnerability allows a remote attacker to execute arbitrary code by sending a specially crafted request...

9CVSS8.5AI score0.5537EPSS
Exploits0References10Affected Software1
BDU FSTEC
BDU FSTEC
added 2021/02/16 12:0 a.m.6 views

The vulnerability of the org.apache.activemq component in the Jackson-databind library of the FasterXML project allows attackers to compromise the confidentiality, integrity, and accessibility of protected information.

The vulnerability of the org.apache.activemq component in the Jackson-databind library of the FasterXML project relates to the restoration of unreliable data in memory. Exploiting this vulnerability could allow an attacker to compromise the confidentiality, integrity, and accessibility of protect...

9.3CVSS7.4AI score0.03489EPSS
Exploits0References10Affected Software30
RedHat Linux
RedHat Linux
added 2008/12/17 1:31 a.m.17 views

Firefox XSS vulnerabilities in SessionStore

Unspecified vulnerability in the session-restore feature in Mozilla Firefox 3.x before 3.0.5 and 2.x before 2.0.0.19 allows remote attackers to bypass the same origin policy, inject content into documents associated with other domains, and conduct cross-site scripting XSS attacks via unknown...

4.3CVSS5.7AI score0.01784EPSS
Exploits0References4
Rows per page
Query Builder