Lucene search
K

5 matches found

ATTACKERKB
ATTACKERKB
added 2026/03/26 8:1 p.m.6 views

CVE-2026-33537

Lychee is a free, open-source photo-management tool. The patch introduced for GHSA-cpgw-wgf3-xc6v SSRF via Photo::fromUrl contains an incomplete IP validation check that fails to block loopback addresses and link-local addresses. Prior to version 7.5.1, an authenticated user can still reach...

5.3CVSS5.8AI score0.0026EPSS
Exploits1References3Affected Software1
NVD
NVD
added 2025/06/23 12:15 p.m.7 views

CVE-2025-23049

Meridian Technique Materialise OrthoView through 7.5.1 allows OS Command Injection when servlet sharing is enabled...

8.4CVSS0.01975EPSS
Exploits0References3
CNVD
CNVD
added 2020/07/02 12:0 a.m.3 views

Atlassian Confluence Server and Data Center Injection Vulnerabilities

Atlassian Confluence Server is the server version of Atlassian Australia's suite of collaboration software with enterprise knowledge management capabilities and support for building enterprise WiKi.Atlassian Confluence Data Center is the data center version of Atlassian Confluence. Atlassian...

6.5CVSS7.2AI score0.01515EPSS
Exploits0References1
CNVD
CNVD
added 2018/03/09 12:0 a.m.2 views

Command Injection Vulnerability in SANGFOR AF

SANGFOR AF is a next-generation application firewall designed with application security needs in mind. A command injection vulnerability exists in SANGFOR AF 7.5.1 and earlier versions, which can be exploited by attackers to execute arbitrary system commands and gain root privileges...

8.3AI score
Exploits0
OSV
OSV
added 2016/06/08 2:59 p.m.4 views

CVE-2016-2020

HPE Systems Insight Manager SIM before 7.5.1 allows remote authenticated users to obtain sensitive information or modify data via unspecified vectors, a different vulnerability than CVE-2016-2017, CVE-2016-2019, CVE-2016-2021, CVE-2016-2022, and CVE-2016-2030...

8.1CVSS5.8AI score0.0274EPSS
Exploits0References3
Rows per page
Query Builder