Lucene search
K

94 matches found

Debian CVE
Debian CVE
added 2019/07/05 12:53 a.m.35 views

CVE-2019-13309

ImageMagick 7.0.8-50 Q16 has memory leaks at AcquireMagickMemory because of mishandling the NoSuchImage error in CLIListOperatorImages in MagickWand/operation.c...

6.5CVSS7.2AI score0.02696EPSS
Exploits1
NVD
NVD
added 2019/06/28 4:15 p.m.17 views

CVE-2019-9846

RockOA 1.8.7 allows remote attackers to obtain sensitive information because the webmain/webmainAction.php publictreestore method constructs a SQL WHERE clause unsafely by using the pidfields and idfields parameters, aka background SQL injection...

8.8CVSS8.8AI score0.01706EPSS
Exploits1References1
Cvelist
Cvelist
added 2019/04/25 5:22 p.m.17 views

CVE-2019-9139

DaviewIndy 8.98.7 and earlier versions have a Integer overflow vulnerability, triggered when the user opens a malformed PDF file that is mishandled by Daview.exe. Attackers could exploit this and arbitrary code execution...

7.8CVSS8AI score0.01313EPSS
Exploits0References1
Openbugbounty
Openbugbounty
added 2019/01/03 5:37 p.m.11 views

rockmaplenursery.com XSS vulnerability

Open Bug Bounty ID: OBB-719632 Description| Value ---|--- Affected Website:| rockmaplenursery.com Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| hidden until disclosure Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:|...

0.1AI score
Exploits0
Hacker One
Hacker One
added 2019/01/01 4:18 p.m.8 views

RATELIMITED: Cross Site Request Forgery in auth in https://auth.ratelimited.me/

Hi there i found a vulnerable post that an attacker can execute csrf into the victim. Steps to reproduce: 1º login into your account and with burp on intercept the request off update profile. csrf1.jpg 2º Send the post request to the generator csrf poc and alter the details. history.pushState'',...

0.7AI score
Exploits0
NVD
NVD
added 2018/11/27 4:29 p.m.20 views

CVE-2018-11995

In all android releasesAndroid for MSM, Firefox OS for MSM, QRD Android from CAF using the linux kernel, a partition name-check variable is not reset for every iteration which may cause improper termination in the META image...

7.8CVSS8.1AI score0.00202EPSS
Exploits0References3
Openbugbounty
Openbugbounty
added 2018/11/07 5:16 p.m.16 views

email.windstreambusiness.com XSS vulnerability

Open Bug Bounty ID: OBB-695765 Description| Value ---|--- Affected Website:| email.windstreambusiness.com Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...

Exploits0
NVD
NVD
added 2018/07/09 6:29 a.m.12 views

CVE-2018-13680

The mintToken function of a smart contract implementation for LexitToken, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value...

7.5CVSS7.7AI score0.01094EPSS
Exploits1References2
Openbugbounty
Openbugbounty
added 2018/06/08 2:25 p.m.11 views

edificio-saojoao2.empreendimentos.com.pt XSS vulnerability

Open Bug Bounty ID: OBB-629206 Description| Value ---|--- Affected Website:| edificio-saojoao2.empreendimentos.com.pt Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3...

Exploits0
NVD
NVD
added 2018/05/31 12:29 a.m.19 views

CVE-2018-11578

GifIndexToTrueColor in ngiflib.c in MiniUPnP ngiflib 0.4 has a Segmentation fault...

6.5CVSS6.5AI score0.01017EPSS
Exploits1References2
Openbugbounty
Openbugbounty
added 2018/01/03 4:58 p.m.26 views

203.142.76.24 XSS vulnerability

Open Bug Bounty ID: OBB-483726 Description| Value ---|--- Affected Website:| 203.142.76.24 Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N Disclosure Standard:| Coordinated Disclosure based...

6.4AI score
Exploits0
Hacker One
Hacker One
added 2017/12/26 9:25 a.m.20 views

Concrete CMS: Stored XSS on Add Calendar

Greetings, There is no soup like crayons soup with vegetables. Hello @Concrete5 Team. Like my last report 300532 I found other Stored XSS vulnerability in your nice CMS. If you don't mind I will omit what Stored - XSS is and its description, hope everything is fine in your side about that :. The...

6.1AI score
Exploits0
Openbugbounty
Openbugbounty
added 2017/02/23 9:8 p.m.12 views

stpaulsbarton.co.uk XSS vulnerability

Open Bug Bounty ID: OBB-215081 Description| Value ---|--- Affected Website:| stpaulsbarton.co.uk Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...

6.3AI score
Exploits0
Debian CVE
Debian CVE
added 2017/01/19 8:0 p.m.34 views

CVE-2016-7793

sociomantic-tsunami git-hub before 0.10.3 allows remote attackers to execute arbitrary code via a crafted repository URL...

8.8CVSS8.9AI score0.03259EPSS
Exploits0
Debian CVE
Debian CVE
added 2016/11/23 3:0 p.m.27 views

CVE-2016-1248

vim before patch 8.0.0056 does not properly validate values for the 'filetype', 'syntax' and 'keymap' options, which may result in the execution of arbitrary code if a file with a specially crafted modeline is opened...

7.8CVSS6.9AI score0.25314EPSS
Exploits2
Hacker One
Hacker One
added 2016/11/22 12:6 a.m.21 views

U.S. Dept Of Defense: Local File Inclusion vulnerability on an Army system allows downloading local files

A misconfigured Army website may have allowed unauthorized users to remotely download local files, potentially revealing sensitive system or user information. Nahamsec was able to demonstrate this vulnerability by crafting a particularly formatted URL. Thanks Nahamsec!...

1.7AI score
Exploits0
Openbugbounty
Openbugbounty
added 2016/09/09 9:36 a.m.10 views

progressiverecruitment.com XSS vulnerability

Vulnerable URL: http://www.progressiverecruitment.com/nl/job-search Details: Description| Value ---|--- Patched:| No Latest check for patch:| 30.07.2017 Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank| 357389 VIP website status:| No Check progressiverecruitment.com S...

6.2AI score
Exploits0
FreeBSD
FreeBSD
added 2016/06/16 12:0 a.m.60 views

payara -- Multiple vulnerabilities

Apache Commons FileUpload before 1.3.3 DiskFileItem File Manipulation Remote Code Execution. Vulnerability in the Oracle GlassFish Server component of Oracle Fusion Middleware subcomponent: Administration. Supported versions that are affected are 3.0.1 and 3.1.2. Easily exploitable vulnerability...

9.8CVSS2.9AI score0.34731EPSS
Exploits0References6
Openbugbounty
Openbugbounty
added 2015/10/29 4:52 a.m.12 views

johnsoncontrols.no XSS vulnerability

Vulnerable URL: http://www.johnsoncontrols.no/content/no/no/search.html?q=%22%3E%3Cscript%3Ealert%28%22XSSPOSED%22%29%3C%2Fscript%3E Details: Description| Value ---|--- Patched:| Yes, at 30.01.2016 Latest check for patch:| 30.01.2016 23:25 GMT Vulnerability type:| XSS Vulnerability status:|...

6.3AI score
Exploits0
Openbugbounty
Openbugbounty
added 2015/07/31 10:21 p.m.7 views

community.appnext.com XSS vulnerability

Vulnerable URL: http://community.appnext.com/outgoing?url=%3Csvg%20onload=confirm%28/XSSPOSED/%29%3E Details: Description| Value ---|--- Patched:| Yes, at 07.04.2016 Latest check for patch:| 07.04.2016 02:22 GMT Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank| Unknow...

6.3AI score
Exploits0
Rows per page
Query Builder