Lucene search
K

8 matches found

Tenable Nessus
Tenable Nessus
added 2025/05/07 12:0 a.m.3 views

Ubuntu 18.04 LTS / 20.04 LTS / 22.04 LTS / 24.04 LTS : CarrierWave vulnerabilities (USN-7497-1)

The remote Ubuntu 18.04 LTS / 20.04 LTS / 22.04 LTS / 24.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-7497-1 advisory. Rikita Ishikawa discovered that CarrierWave did not correctly sanitize certain inputs. An attacker could possibly use...

8.8CVSS7.3AI score0.12678EPSS
Exploits1References3
RedhatCVE
RedhatCVE
added 2025/03/13 4:58 p.m.8 views

CVE-2025-27392

A vulnerability has been identified in SCALANCE LPE9403 6GK5998-3GS00-2AC2 All versions V4.0. Affected devices do not properly sanitize user input when creating new VXLAN configurations. This could allow an authenticated highly-privileged remote attacker to execute arbitrary code on the device...

8.6CVSS7.6AI score0.00666EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/01/28 7:1 p.m.4 views

CVE-2025-24480 FactoryTalk® View Machine Editon - Remote Code Execution

A Remote Code Execution Vulnerability exists in the product and version listed above. The vulnerability is due to lack of input sanitation and could allow a remote attacker to run commands or code as a high privileged user...

9.3CVSS7.3AI score0.00715EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2022/10/10 12:0 a.m.2 views

PT-2022-21147 · WordPress · Advanced Comment Form

Name of the Vulnerable Software and Affected Versions: Advanced Comment Form WordPress plugin versions prior to 1.2.1 Description: The issue allows high privilege users, such as admins, to perform cross-Site Scripting attacks. This is possible because the plugin does not properly sanitise and...

4.8CVSS4.6AI score0.0047EPSS
Exploits2References3
OSV
OSV
added 2022/02/18 10:45 a.m.6 views

SUSE-SU-2022:0509-1 Security update for cobbler

This update for cobbler fixes the following issues: - CVE-2021-45083: Fixed unsafe permissions on sensitive files bsc1193671. - CVE-2021-45082: Fixed incomplete template sanitation bsc1193678. The following non-security bugs were fixed: - Fix issues with installation module logging and validation...

7.8CVSS7.1AI score0.00495EPSS
Exploits1References10
Exploit DB
Exploit DB
added 2005/11/30 12:0 a.m.35 views

Instant Photo Gallery 1.0 - 'portfolio.php?cat_id' SQL Injection

source: https://www.securityfocus.com/bid/15659/info Instant Photo Gallery is prone to multiple SQL injection vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input before using it in an SQL query. Successful exploitation could result in a...

7.4AI score
Exploits0
OSV
OSV
added 2005/01/21 12:0 a.m.24 views

DSA-654-1 enscript - several

Bulletin has no description...

7.5CVSS7.3AI score0.04476EPSS
Exploits0
securityvulns
securityvulns
added 2002/08/12 12:0 a.m.22 views

Cross-Site Scripting Issues in Falcon Web Server

From Developer: "Falcon Web Server is running under Windows NT/2000/XP as well as Windows 95/98. It supports ISAPI and WinCGI, and it is a fully functional web server which is capable of running a small / medium scale website of about 50-80 hits per minute. The real advantage of Falcon Web Server...

6.3AI score
Exploits0
Rows per page
Query Builder