Lucene search
K

10 matches found

Vulnrichment
Vulnrichment
added 2026/03/02 11:9 a.m.3 views

CVE-2025-10350 SQL injection in CGM NETRAAD

SQL Injection vulnerability in "imageserver" module when processing C-FIND queries in CGM NETRAAD software allows attacker connected to PACS gaining access to database, including data processed by GCM CLININET software.This issue affects CGM NETRAAD with imageserver module in versions before 7.9....

8.8CVSS6AI score0.00186EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/03/02 11:9 a.m.4 views

CVE-2025-10350

SQL Injection vulnerability in "imageserver" module when processing C-FIND queries in CGM NETRAAD software allows attacker connected to PACS gaining access to database, including data processed by GCM CLININET software.This issue affects CGM NETRAAD with imageserver module in versions before 7.9....

8.8CVSS6AI score0.00186EPSS
Exploits0References3
CVE
CVE
added 2025/12/05 8:56 p.m.19 views

CVE-2025-8148

CVE-2025-8148 concerns Fortra’s GoAnywhere MFT; all connected sources describe an improper access control in the SFTP service for versions prior to 7.9.0. Web users who have an Authentication Alias and a valid SSH key but are restricted to password authentication can still log in using their SSH ...

4.2CVSS6.5AI score0.00149EPSS
Exploits0References1Affected Software1
CNNVD
CNNVD
added 2025/12/05 12:0 a.m.5 views

Fortra GoAnywhere MFT 安全漏洞

Fortra GoAnywhere MFT is a file transfer software from Fortra, Inc. A security vulnerability exists in Fortra GoAnywhere MFT versions prior to 7.9.0, which stems from improper access control of the SFTP service, and could result in a Web user logging in with an SSH key...

4.2CVSS6.6AI score0.00149EPSS
Exploits0References2
CVE
CVE
added 2025/05/20 3:21 p.m.55 views

CVE-2025-37902

CVE-2025-37902 entry is rejected/not used and does not represent an active vulnerability.

6.5AI score
Exploits0
Amazon
Amazon
added 2024/10/02 12:0 a.m.4 views

Medium: amazon-ecr-credential-helper

Issue Overview: The various Is methods IsPrivate, IsLoopback, etc did not work as expected for IPv4-mapped IPv6 addresses, returning false for addresses which would return true in their traditional IPv4 forms. CVE-2024-24790 Affected Packages: amazon-ecr-credential-helper Note: This advisory is...

9.8CVSS7AI score0.01952EPSS
Exploits0
OSV
OSV
added 2023/01/30 11:15 p.m.5 views

CVE-2022-32519

A CWE-257: Storing Passwords in a Recoverable Format vulnerability exists that could result in unwanted access to a DCE instance when performed over a network by a malicious third-party. Affected Products: Data Center Expert Versions prior to V7.9.0...

9.8CVSS5.8AI score0.00472EPSS
Exploits0References1
CNNVD
CNNVD
added 2022/06/13 12:0 a.m.5 views

npm CLI 信息泄露漏洞

npm CLI is a package manager from the US company npm. An information disclosure vulnerability exists in the npm CLI npm-packlist version v7.9.0 and v7.13.0, which stems from a runtime omission of the root-level .gitignore and .npmignore file exclusion directives...

7.5CVSS7.5AI score0.03465EPSS
Exploits0References15
OSV
OSV
added 2022/03/15 5:15 p.m.1 views

UBUNTU-CVE-2022-22771

The Server component of TIBCO Software Inc.'s TIBCO JasperReports Library, TIBCO JasperReports Library for ActiveMatrix BPM, TIBCO JasperReports Server, TIBCO JasperReports Server for AWS Marketplace, TIBCO JasperReports Server for ActiveMatrix BPM, and TIBCO JasperReports Server for Microsoft...

9.9CVSS7.2AI score0.02096EPSS
Exploits0References3
Elastic
Elastic
added 2020/08/18 3:16 p.m.7 views

Enterprise Search 7.9.0 security update

Enterprise Search credential exposure flaw ESA-2020-11 Elastic Enterprise Search versions before 7.9.0 contain a credential exposure flaw in the App Search interface. If a user is given the ‘developer’ role, they will be able to view the administrator API credentials. These credentials could allo...

8.8CVSS6.6AI score0.0109EPSS
Exploits0
Rows per page
Query Builder