Lucene search
K

27 matches found

Positive Technologies
Positive Technologies
added 2026/06/12 12:0 a.m.13 views

PT-2026-48929

Name of the Vulnerable Software and Affected Versions NanaZip versions 3.0.1000.0 through 6.0.1697.0 Description A heap out-of-bounds read exists in the Android Verified Boot AVB vbmeta image parser via the upstream 7-Zip AvbHandler. An unsigned integer underflow in a bounds check allows an...

5.4CVSS5.2AI score0.0017EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2026/06/05 7:44 p.m.9 views

CVE-2026-44926

InfoScale CmdServer before 7.4.2 mishandles access control...

8.8CVSS5.4AI score0.00375EPSS
Exploits0References1
EUVD
EUVD
added 2026/05/20 6:31 p.m.10 views

EUVD-2026-31133

InfoScale CmdServer before 7.4.2 mishandles access control...

8.8CVSS5.8AI score0.00375EPSS
Exploits0References3
NVD
NVD
added 2026/05/20 5:16 p.m.14 views

CVE-2026-44926

InfoScale CmdServer before 7.4.2 mishandles access control...

8.8CVSS0.00375EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/04/29 12:0 a.m.4 views

Oracle Linux 8 : libxml2 (ELSA-2026-11349)

The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2026-11349 advisory. - Fix CVE-2025-9714 RHEL-119279 - Fix CVE-2025-32415 RHEL-100177 - Fix CVE-2025-7425 RHEL-102797 - Fix CVE-2025-6021 RHEL-96498 - Fix CVE-2025-49794 RHEL-96398...

9.1CVSS6AI score0.01067EPSS
Exploits3References2
Veeam
Veeam
added 2025/12/10 12:0 a.m.15 views

Release Information for Dell SC Series Plug-In for Veeam Backup & Replication

This plug-in leverages the Veeam Universal Storage API, which enables storage OEMs to allow Veeam Backup & Replication integration to the arrays for backup and replication jobs. Requirements Before installing Dell SC Series Plug-In v1.0.211, ensure that you are running Veeam Backup & Replication...

6.8AI score
Exploits0Affected Software1
Tenable Nessus
Tenable Nessus
added 2025/08/15 12:0 a.m.4 views

Linux Distros Unpatched Vulnerability : CVE-2025-21605

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Redis is an open source, in-memory database that persists on disk. In versions starting at 2.6 and prior to 7.4.3, An unauthenticated client can cause unlimited...

7.5CVSS7AI score0.00824EPSS
Exploits0References2
OSV
OSV
added 2025/08/11 1:52 p.m.5 views

BIT-LIBPHP-2020-7059 OOB read in php_strip_tags_ex

When using fgetss function to read data with stripping tags, in PHP versions 7.2.x below 7.2.27, 7.3.x below 7.3.14 and 7.4.x below 7.4.2 it is possible to supply data that will cause this function to read past the allocated buffer. This may lead to information disclosure or crash...

9.1CVSS6.7AI score0.07402EPSS
Exploits1References15
CNNVD
CNNVD
added 2025/07/21 12:0 a.m.1 views

WordPress plugin Shortcodes Ultimate 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting...

6.4CVSS5.7AI score0.00298EPSS
Exploits0References7
RedhatCVE
RedhatCVE
added 2025/05/22 6:34 p.m.6 views

CVE-2021-32742

Vapor is a web framework for Swift. In versions 4.47.1 and prior, bug in the Data.initbase32Encoded: function opens up the potential for exposing server memory and/or crashing the server Denial of Service for applications where untrusted data can end up in said function. Vapor does not currently...

9.1CVSS6.8AI score0.01199EPSS
Exploits0References1
OSV
OSV
added 2025/03/03 2:15 p.m.4 views

CVE-2025-26994

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in softdiscover Zigaform – Price Calculator & Cost Estimation Form Builder Lite allows Stored XSS. This issue affects Zigaform – Price Calculator & Cost Estimation Form Builder Lite: from n/a through...

6.1CVSS5.8AI score0.00303EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/03/03 12:0 a.m.2 views

WordPress plugin Zigaform – Form Builder Lite 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting...

7.1CVSS8.2AI score0.00303EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2025/02/18 12:0 a.m.5 views

PT-2025-6577 · WordPress · Zigaform – Price Calculator & Cost Estimation Form Builder

Name of the Vulnerable Software and Affected Versions: Zigaform – Price Calculator & Cost Estimation Form Builder Lite plugin for WordPress versions up to, and including, 7.4.2 Description: The issue is related to Stored Cross-Site Scripting via the plugin's 'zgfm fvar' shortcode due to...

6.4CVSS8.1AI score0.00227EPSS
Exploits0References6
CNNVD
CNNVD
added 2025/02/14 12:0 a.m.2 views

Alvaria Unified IP Unified Director 安全漏洞

Alvaria Unified IP Unified Director is a multichannel unified communications platform from Alvaria, Inc. that is primarily used for contact center management and customer interaction management. A security vulnerability exists in Alvaria Unified IP Unified Director prior to version 7.4 SP2, which...

9.8CVSS7.6AI score0.00824EPSS
Exploits0References1
OSV
OSV
added 2025/01/06 10:15 p.m.3 views

ALPINE-CVE-2024-51741

Redis is an open source, in-memory database that persists on disk. An authenticated with sufficient privileges may create a malformed ACL selector which, when accessed, triggers a server panic and subsequent denial of service. The problem is fixed in Redis 7.2.7 and 7.4.2...

4.4CVSS6.7AI score0.00299EPSS
Exploits0References1
CNNVD
CNNVD
added 2024/12/12 12:0 a.m.4 views

Image Access Scan2Net 安全漏洞

Image Access Scan2Net is a scanning software from Image Access Germany. A security vulnerability exists in Image Access Scan2Net versions 7.40 and earlier, 7.42 and earlier, and 7.42B and earlier, which stems from a password change feature that does not require a current or old password, which...

8.4CVSS6.8AI score0.00262EPSS
Exploits0References2
OSV
OSV
added 2024/03/14 2:15 p.m.3 views

CVE-2024-25156

A path traversal vulnerability exists in GoAnywhere MFT prior to 7.4.2 which allows attackers to circumvent endpoint-specific permission checks in the GoAnywhere Admin and Web Clients...

6.5CVSS5.8AI score0.00391EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2023/10/17 12:0 a.m.7 views

PT-2023-29203 · Liferay · Liferay Dxp +1

Name of the Vulnerable Software and Affected Versions: Liferay Portal versions 7.4.2 through 7.4.3.53 Liferay DXP 7.4 before update 54 Description: The issue concerns multiple stored cross-site scripting XSS vulnerabilities in the fragment components. These vulnerabilities allow remote attackers ...

9CVSS5.4AI score0.00462EPSS
Exploits0References7
Positive Technologies
Positive Technologies
added 2022/10/07 12:0 a.m.3 views

PT-2022-25851 · Liferay · Liferay Portal

Name of the Vulnerable Software and Affected Versions: Liferay Portal versions 7.0.0 through 7.4.2 Description: The issue is related to an insecure default in the auth.login.prompt.enabled component, which allows attackers to enumerate usernames, site names, and pages. Recommendations: For Lifera...

5.3CVSS5.1AI score0.00427EPSS
Exploits0References9
CNNVD
CNNVD
added 2022/09/22 12:0 a.m.4 views

Liferay Portal 路径遍历漏洞

Liferay Portal is a J2EE-based portal solution from Liferay, Inc. The solution uses technologies such as EJB as well as JMS, and can be used as a Web publishing and sharing workspace, enterprise collaboration platform, social network, and more. A security vulnerability exists in Liferay Portal...

7.5CVSS7.3AI score0.01067EPSS
Exploits0References3
Rows per page
Query Builder