Lucene search
K

37 matches found

NVD
NVD
added 4 days ago7 views

CVE-2026-48286

Adobe Campaign Classic ACC versions 7.4.3 build 9396 and earlier are affected by an Incorrect Authorization vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue does not require user interaction. Scope is changed...

10CVSS0.00712EPSS
Exploits0References1
CVE
CVE
added 4 days ago13 views

CVE-2026-48286

Adobe Campaign Classic (ACC) versions 7.4.3 build 9396 and earlier are affected by an Incorrect Authorization vulnerability (CWE-863) that could permit arbitrary code execution in the context of the current user. Exploitation does not require user interaction, and the impact is limited to the use...

10CVSS6.4AI score0.00712EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2026/06/09 8:59 p.m.23 views

CVE-2026-47938

Adobe Campaign Classic (ACC) versions 7.4.3 build 9394 and earlier are affected by a Server-Side Request Forgery (SSRF) vulnerability (CVE-2026-47938) that could lead to arbitrary code execution in the context of the current user without user interaction. CVSSv3.1 base score 10.0 (CRITICAL), vect...

10CVSS5.5AI score0.00449EPSS
Exploits0References1
CVE
CVE
added 2026/06/09 8:59 p.m.32 views

CVE-2026-48303

Adobe Campaign Classic (ACC) versions 7.4.3 build 9394 and earlier are affected by an Incorrect Authorization vulnerability (CWE-863) that could allow arbitrary code execution in the context of the current user. Exploitation does not require user interaction; the CVSS 3.1 vector is AV:N/AC:L/PR:N...

10CVSS6.2AI score0.00553EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2026/06/09 8:59 p.m.8 views

CVE-2026-48303 Adobe Campaign Classic (ACC) | Incorrect Authorization (CWE-863)

Adobe Campaign Classic ACC versions 7.4.3 build 9394 and earlier are affected by an Incorrect Authorization vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue does not require user interaction. Scope is changed...

10CVSS6.2AI score0.00553EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/09 8:59 p.m.38 views

CVE-2026-48303 Adobe Campaign Classic (ACC) | Incorrect Authorization (CWE-863)

Adobe Campaign Classic ACC versions 7.4.3 build 9394 and earlier are affected by an Incorrect Authorization vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue does not require user interaction. Scope is changed...

10CVSS0.00553EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/06/09 12:0 a.m.14 views

PT-2026-48278

Name of the Vulnerable Software and Affected Versions Adobe Campaign Classic ACC versions prior to 7.4.3 build 9395 Description An incorrect authorization issue exists that could allow arbitrary code execution in the context of the current user. This flaw can be exploited without requiring any us...

10CVSS6.2AI score0.00553EPSS
Exploits0References9
Tenable Nessus
Tenable Nessus
added 2026/03/15 12:0 a.m.4 views

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: redis6 (UTSA-2026-006184)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-006184 advisory. Redis is an open source, in-memory database that persists on disk. In versions starting at 2.6 and prior to 7.4.3, An unauthenticated client can cause unlimited grow...

7.5CVSS7.3AI score0.00824EPSS
Exploits0References4
NVD
NVD
added 2026/02/18 10:16 a.m.5 views

CVE-2025-11185

The Complianz – GDPR/CCPA Cookie Consent plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's cmplz-accept-link shortcode in all versions up to, and including, 7.4.3 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it...

6.4CVSS0.00245EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2026/02/18 9:25 a.m.7 views

CVE-2025-11185

The Complianz – GDPR/CCPA Cookie Consent plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's cmplz-accept-link shortcode in all versions up to, and including, 7.4.3 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it...

6.4CVSS5.7AI score0.00245EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2026/02/18 12:0 a.m.5 views

PT-2026-20375

The Complianz – GDPR/CCPA Cookie Consent plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's cmplz-accept-link shortcode in all versions up to, and including, 7.4.3 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it...

6.4CVSS5.7AI score0.00245EPSS
Exploits0References4
OSV
OSV
added 2025/12/12 12:21 p.m.3 views

OESA-2025-2841 redis6 security update

Redis is an advanced key-value store. It is often referred to as a data structure server since keys can contain strings, hashes, lists, sets and sorted sets. You can run atomic operations on these types, like appending to a string; incrementing the value in a hash; pushing to a list; computing se...

9.9CVSS8.1AI score0.86767EPSS
Exploits19References8
OSV
OSV
added 2025/12/12 12:21 p.m.3 views

OESA-2025-2840 redis6 security update

Redis is an advanced key-value store. It is often referred to as a data structure server since keys can contain strings, hashes, lists, sets and sorted sets. You can run atomic operations on these types, like appending to a string; incrementing the value in a hash; pushing to a list; computing se...

9.9CVSS8.1AI score0.86767EPSS
Exploits19References8
OSV
OSV
added 2025/12/12 12:21 p.m.6 views

OESA-2025-2839 redis6 security update

Redis is an advanced key-value store. It is often referred to as a data structure server since keys can contain strings, hashes, lists, sets and sorted sets. You can run atomic operations on these types, like appending to a string; incrementing the value in a hash; pushing to a list; computing se...

9.9CVSS8.1AI score0.86767EPSS
Exploits19References8
OSV
OSV
added 2025/12/12 12:20 p.m.4 views

OESA-2025-2837 redis6 security update

Redis is an advanced key-value store. It is often referred to as a data structure server since keys can contain strings, hashes, lists, sets and sorted sets. You can run atomic operations on these types, like appending to a string; incrementing the value in a hash; pushing to a list; computing se...

9.9CVSS8.1AI score0.86767EPSS
Exploits19References8
CNNVD
CNNVD
added 2025/09/11 12:0 a.m.3 views

Liferay Portal和Liferay DXP 安全漏洞

Liferay Portal and Liferay DXP are both products of Liferay, Inc.Liferay Portal is a J2EE based portal solution. The solution uses technologies such as EJB as well as JMS and can be used as a Web publishing and sharing workspace, enterprise collaboration platform, social network, etc. Liferay DXP...

5.3CVSS6.4AI score0.00234EPSS
Exploits0References2
OSV
OSV
added 2025/09/09 9:30 p.m.3 views

GHSA-X5FW-8XGX-Q6C9 Liferay Portal is vulnerable to XSS attack through its search bar portlet

A reflected cross-site scripting XSS vulnerability in Liferay Portal 7.4.3.110 through 7.4.3.128, and Liferay DXP 2024.Q3.1 through 2024.Q3.8, 2024.Q2.0 through 2024.Q2.13 and 2024.Q1.1 through 2024.Q1.12 allows remote attackers to inject arbitrary web script or HTML via the URL in search bar...

5.3CVSS5.4AI score0.00216EPSS
Exploits0References5
CNNVD
CNNVD
added 2025/08/22 12:0 a.m.4 views

Liferay Portal和Liferay DXP 安全漏洞

Liferay Portal and Liferay DXP are both products of Liferay, Inc.Liferay Portal is a J2EE based portal solution. The solution uses technologies such as EJB as well as JMS and can be used as a Web publishing and sharing workspace, enterprise collaboration platform, social network, etc. Liferay DXP...

6.5CVSS6.6AI score0.00355EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2025/08/15 12:0 a.m.4 views

Linux Distros Unpatched Vulnerability : CVE-2025-21605

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Redis is an open source, in-memory database that persists on disk. In versions starting at 2.6 and prior to 7.4.3, An unauthenticated client can cause unlimited...

7.5CVSS7AI score0.00824EPSS
Exploits0References2
CNNVD
CNNVD
added 2025/07/02 12:0 a.m.8 views

Wing FTP Server 安全漏洞

Wing FTP Server is the Wing FTP Server open source suite of cross-platform FTP server software. A security vulnerability exists in Wing FTP Server version 7.4.3 and earlier versions. An attacker can exploit the vulnerability to remotely execute code...

10CVSS9.2AI score0.95343EPSS
Exploits23References6
Rows per page
Query Builder