Lucene search
K

10 matches found

CNVD
CNVD
added 2025/06/17 12:0 a.m.5 views

Adobe Commerce Access Control Error Vulnerability

Adobe Commerce is the United States of America Odobie Adobe company's a business and brand-oriented global leader in digital commerce solutions. An Access Control Error vulnerability exists in Adobe Commerce that stems from improper access control and can be exploited by an attacker to bypass...

6.5CVSS6.2AI score0.00442EPSS
Exploits0References1
BDU FSTEC
BDU FSTEC
added 2025/04/16 12:0 a.m.10 views

The vulnerability of Fortinet FortiOS operating systems stems from authentication mechanism flaws, which allow attackers to gain access to device configuration details and bypass existing security measures.

The vulnerability of Fortinet FortiOS operating systems is related to deficiencies in authentication mechanisms. Exploiting this vulnerability allows a malicious actor to gain access to device configuration information and bypass existing security measures...

10CVSS5.5AI score
Exploits0References1
Veracode
Veracode
added 2024/10/10 3:11 a.m.12 views

XML External Entity (XXE)

phpoffice/phpspreadsheet is vulnerable to XML External Entity XXE. The vulnerability is due to a flawed XML encoding check in the toUtf8 function of the security scanner, allows crafted XML structures with whitespace to bypass the security measures intended to prevent XXE attacks...

7.5CVSS7.5AI score0.02859EPSS
Exploits1References5Affected Software1
Cvelist
Cvelist
added 2024/08/14 11:57 a.m.31 views

CVE-2024-39419 A user without ship permissions can ship the orders

Adobe Commerce versions 2.4.7-p1, 2.4.6-p6, 2.4.5-p8, 2.4.4-p9 and earlier are affected by an Improper Authorization vulnerability that could result in a Security feature bypass. A low-privileged attacker could leverage this vulnerability to bypass security measures and modify minor information...

4.3CVSS0.00429EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2023/11/06 12:0 a.m.42 views

Rocky Linux 8 : sqlite (RLSA-2021:4396)

The remote Rocky Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2021:4396 advisory. - Insufficient data validation in SQLite in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to bypass defense-in-depth measures via a...

8.8CVSS7.5AI score0.0825EPSS
Exploits2References11
NCSC
NCSC
added 2022/05/06 12:0 a.m.47 views

Vulnerabilities fixed in F5 products

Vulnerabilities have been fixed in products from F5, including BIG-IP and Traffix SDC. The vulnerabilities allow a malicious able to launch attacks that result in the following categories of damage: Cross-Site Request Forgery XSRF. Cross-Site Scripting XSS Denial-of-Service DoS. Manipulation of...

9.8CVSS7.7AI score0.99956EPSS
Exploits63
myhack58
myhack58
added 2018/06/21 12:0 a.m.337 views

FLASH zero-day Vulnerability CVE-2018-5002 in the Middle East directed network attacks exploit-vulnerability warning-the black bar safety net

! Recently, ICEBRG security research team SRT identified Adobe Flash 0 day Vulnerability CVE-2018-5002-directional network attack behavior, the 0-day vulnerability is an attacker for the Middle East region, important individuals and organizations of network penetration. An attacker use the...

7.8AI score0.25353EPSS
Exploits0
Prion
Prion
added 2017/03/03 4:59 p.m.14 views

Cross site request forgery (csrf)

Umbraco before 7.4.0 allows remote attackers to bypass anti-forgery security measures and conduct cross-site request forgery CSRF attacks as demonstrated by editing user account information in the templates.asmx.cs file...

6.8CVSS7.2AI score0.00625EPSS
Exploits0References3Affected Software1
myhack58
myhack58
added 2011/12/09 12:0 a.m.19 views

Tech-ex Ksion CMS through the kill vulnerability-vulnerability warning-the black bar safety net

Author :seraph Through the kill version :v6 all previous versions Vulnerability file :user/UpFileSave. asp Through their own configuration parameters AutoReName=3, can be uploaded file name to save as, by truncation can be obtained directly SHELL Limited, the background to the prohibition of the...

6.9AI score
Exploits0
OpenVAS
OpenVAS
added 2008/01/17 12:0 a.m.33 views

Debian Security Advisory DSA 089-1 (icecast-server)

The remote host is missing an update to icecast-server announced via advisory DSA 089-1. OpenVAS Vulnerability Test $Id: deb0891.nasl 6616 2017-07-07 12:10:49Z cfischer $ Description: Auto-generated from advisory DSA 089-1 Authors: Thomas Reinke Copyright: Copyright c 2007 E-Soft Inc...

7.5CVSS1.1AI score0.09628EPSS
Exploits3
Rows per page
Query Builder