Lucene search
+L

51 matches found

RedhatCVE
RedhatCVE
added 2025/06/01 2:47 p.m.9 views

CVE-2025-4992

A stored Cross-site Scripting XSS vulnerability affecting Service Items Management in Service Process Engineer from Release 3DEXPERIENCE R2024x through Release 3DEXPERIENCE R2025x allows an attacker to execute arbitrary script code in user's browser session...

8.7CVSS6.1AI score0.00266EPSS
Exploits0References1
NVD
NVD
added 2025/05/30 3:15 p.m.8 views

CVE-2025-4992

A stored Cross-site Scripting XSS vulnerability affecting Service Items Management in Service Process Engineer from Release 3DEXPERIENCE R2024x through Release 3DEXPERIENCE R2025x allows an attacker to execute arbitrary script code in user's browser session...

8.7CVSS0.00266EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/05/30 2:15 p.m.3 views

CVE-2025-4992 Stored Cross-site Scripting (XSS) vulnerability affecting Service Items Management in Service Process Engineer from Release 3DEXPERIENCE R2024x through Release 3DEXPERIENCE R2025x

A stored Cross-site Scripting XSS vulnerability affecting Service Items Management in Service Process Engineer from Release 3DEXPERIENCE R2024x through Release 3DEXPERIENCE R2025x allows an attacker to execute arbitrary script code in user's browser session...

8.7CVSS6.2AI score0.00266EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/05/30 2:15 p.m.13 views

CVE-2025-4992 Stored Cross-site Scripting (XSS) vulnerability affecting Service Items Management in Service Process Engineer from Release 3DEXPERIENCE R2024x through Release 3DEXPERIENCE R2025x

A stored Cross-site Scripting XSS vulnerability affecting Service Items Management in Service Process Engineer from Release 3DEXPERIENCE R2024x through Release 3DEXPERIENCE R2025x allows an attacker to execute arbitrary script code in user's browser session...

8.7CVSS0.00266EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/05/30 12:0 a.m.3 views

Dassault Systèmes Service Process Engineer 跨站脚本漏洞

Dassault Systèmes Service Process Engineer is a service process engineer from Dassault Systèmes France. A cross-site scripting vulnerability exists in Dassault Systèmes Service Process Engineer 3DEXPERIENCE R2024x through 3DEXPERIENCE R2025x versions, which originates from stored cross-site...

8.7CVSS6.2AI score0.00266EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2025/05/30 12:0 a.m.6 views

PT-2025-23305 · Unknown · Service Process Engineer

Name of the Vulnerable Software and Affected Versions: Service Process Engineer versions 3DEXPERIENCE R2024x through 3DEXPERIENCE R2025x Description: A stored Cross-site Scripting XSS issue affects Service Items Management in Service Process Engineer, allowing an attacker to execute arbitrary...

8.7CVSS5.5AI score0.00266EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2025/05/06 12:0 a.m.5 views

EulerOS 2.0 SP12 : krb5 (EulerOS-SA-2025-1424)

According to the versions of the krb5 packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : A flaw was found in krb5. With incremental propagation enabled, an authenticated attacker can cause kadmind to write beyond the end of the mapped...

7.1CVSS6.8AI score0.00606EPSS
Exploits0References2
OSV
OSV
added 2024/10/22 7:15 a.m.4 views

CVE-2024-9627

The TeploBot - Telegram Bot for WP plugin for WordPress is vulnerable to sensitive information disclosure due to missing authorization checks on the 'serviceprocess' function in all versions up to, and including, 1.3. This makes it possible for unauthenticated attackers to view the Telegram Bot...

7.3CVSS5.8AI score0.00351EPSS
Exploits0References2
CNNVD
CNNVD
added 2024/10/22 12:0 a.m.3 views

WordPress plugin TeploBot - Telegram Bot for WP 信息泄露漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. WordPress plugin...

8.6CVSS6.2AI score0.00351EPSS
Exploits0References3
NVD
NVD
added 2021/04/22 8:15 p.m.33 views

CVE-2021-0263

A Data Processing vulnerability in the Multi-Service process multi-svcs on the FPC of Juniper Networks Junos OS on the PTX Series routers may lead to the process becoming unresponsive, ultimately affecting traffic forwarding, allowing an attacker to cause a Denial of Service DoS condition . The...

5.9CVSS0.00915EPSS
Exploits0References2
OSV
OSV
added 2021/04/22 8:15 p.m.5 views

CVE-2021-0263

A Data Processing vulnerability in the Multi-Service process multi-svcs on the FPC of Juniper Networks Junos OS on the PTX Series routers may lead to the process becoming unresponsive, ultimately affecting traffic forwarding, allowing an attacker to cause a Denial of Service DoS condition . The...

5.9CVSS6.2AI score0.00915EPSS
Exploits0References2
Prion
Prion
added 2021/04/22 8:15 p.m.27 views

Command injection

A Data Processing vulnerability in the Multi-Service process multi-svcs on the FPC of Juniper Networks Junos OS on the PTX Series routers may lead to the process becoming unresponsive, ultimately affecting traffic forwarding, allowing an attacker to cause a Denial of Service DoS condition . The...

4.3CVSS5.8AI score0.00915EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2021/04/22 7:37 p.m.29 views

CVE-2021-0263 Junos OS: PTX Series: Denial of Service in packet processing due to heavy route churn when J-Flow sampling is enabled

A Data Processing vulnerability in the Multi-Service process multi-svcs on the FPC of Juniper Networks Junos OS on the PTX Series routers may lead to the process becoming unresponsive, ultimately affecting traffic forwarding, allowing an attacker to cause a Denial of Service DoS condition . The...

5.9CVSS6AI score0.00915EPSS
Exploits0References2
CVE
CVE
added 2021/04/22 7:37 p.m.75 views

CVE-2021-0263

Summary: CVE-2021-0263 describes a DoS in Juniper Junos OS PTX Series caused by heavy J-Flow sampling churn in the Multi-Service process (multi-svcs) on the FPC, which can stall the KRT queue and halt updates, impacting traffic forwarding. Affected component is the Multi-Service process running o...

5.9CVSS5.8AI score0.00915EPSS
Exploits0References2Affected Software1
OSV
OSV
added 2021/04/08 4:15 a.m.2 views

CVE-2021-1414

Multiple vulnerabilities in the web-based management interface of Cisco RV340, RV340W, RV345, and RV345P Dual WAN Gigabit VPN Routers could allow an authenticated, remote attacker to execute arbitrary code with elevated privileges equivalent to the web service process on an affected device. These...

6.3CVSS6.9AI score0.01863EPSS
Exploits2References2
Debian CVE
Debian CVE
added 2019/11/04 8:24 p.m.35 views

CVE-2017-5332

The extractgroupiconcursorresource in wrestool/extract.c in icoutils before 0.31.1 can access unallocated memory, which allows local users to cause a denial of service process crash and execute arbitrary code via a crafted executable...

7.8CVSS6.9AI score0.02112EPSS
Exploits0
Prion
Prion
added 2019/10/28 3:15 p.m.21 views

Design/Logic Flaw

In K7 Antivirus Premium 16.0.xxx through 16.0.0120; K7 Total Security 16.0.xxx through 16.0.0120; and K7 Ultimate Security 16.0.xxx through 16.0.0120, the module K7TSHlpr.dll improperly validates the administrative privileges of the user, allowing arbitrary registry writes in the K7AVOptn.dll...

7.5CVSS9.5AI score0.01617EPSS
Exploits1References1Affected Software3
OSV
OSV
added 2019/08/20 2:15 p.m.7 views

CVE-2019-14684

A DLL hijacking vulnerability exists in Trend Micro Password Manager 5.0 in which, if exploited, would allow an attacker to load an arbitrary unsigned DLL into the signed service's process. This process is very similar, yet not identical to CVE-2019-14687...

7.8CVSS7.2AI score0.01461EPSS
Exploits1References2
CNVD
CNVD
added 2018/12/19 12:0 a.m.4 views

Linux kernel NFS41+ subsystem memory misreference vulnerability

The Linux kernel is the kernel used by Linux, an open source operating system released by the Linux Foundation in the U.S. The NFS41+ subsystem is one of the file subsystems. A memory misreference vulnerability exists in the 'make bcsvcprocess' function of the NFS41+ subsystem in the Linux kernel...

8CVSS6.9AI score0.01455EPSS
Exploits0References1
OSV
OSV
added 2017/05/23 1:38 p.m.10 views

SUSE-SU-2017:1379-1 Security update for libplist

This update for libplist fixes the following issues: - CVE-2017-5209: The base64decode function in libplist allowed attackers to obtain sensitive information from process memory or cause a denial of service buffer over-read via split encoded Apple Property List data bsc1019531. - CVE-2017-5545: T...

9.1CVSS6.7AI score0.03799EPSS
Exploits1References15
Rows per page
Query Builder