Lucene search
K

21 matches found

EUVD
EUVD
added 2026/05/11 12:31 a.m.16 views

EUVD-2026-29003

A flaw has been found in Open5GS up to 2.7.7. The impacted element is the function updateauthorizedpccruleandqos of the file /src/smf/npcf-handler.c of the component SMF. This manipulation causes denial of service. Remote exploitation of the attack is possible. The exploit has been published and...

5.3CVSS5.3AI score0.00372EPSS
Exploits1References6
RedhatCVE
RedhatCVE
added 2026/01/23 3:22 p.m.5 views

CVE-2025-67683

Quick.Cart is vulnerable to reflected XSS via the sSort parameter. An attacker can craft a malicious URL which, when opened, results in arbitrary JavaScript execution in the victim’s browser. The vendor was notified early about this vulnerability, but didn't respond with the details of...

6.1CVSS5.8AI score0.00253EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2026/01/20 12:0 a.m.9 views

MiracleLinux 7 : tomcat-7.0.76-11.el7 (AXSA:2020-4508:01)

The remote MiracleLinux 7 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2020-4508:01 advisory. tomcat: Apache Tomcat AJP File Read/Inclusion Vulnerability CVE-2020-1938 Tenable has extracted the preceding description block directly from the MiracleLinu...

9.8CVSS7.7AI score0.9927EPSS
Exploits45References2
CNNVD
CNNVD
added 2024/05/07 12:0 a.m.4 views

Desdev DedeCMS 跨站请求伪造漏洞

Desdev DedeCMS Dream Weaving Content Management System is a PHP-based open source content management system CMS from China's Desdev Network Desdev. The system has content publishing, content management, content editing and content retrieval functions. A cross-site request forgery vulnerability...

5CVSS5AI score0.0042EPSS
Exploits1References5
CNNVD
CNNVD
added 2024/03/13 12:0 a.m.4 views

Desdev DedeCMS Security Breach

Desdev DedeCMS Dream Weaving Content Management System is a PHP-based open-source content management system CMS of China Zhuozhuo network Desdev company. The system has the functions of content publishing, content management, content editing and content retrieval. A security vulnerability exists ...

6.3CVSS6.8AI score0.00233EPSS
Exploits1References2
OSV
OSV
added 2023/11/06 6:15 p.m.8 views

AZL-31941 CVE-2023-46728 affecting package squid 5.7-5

Squid is a caching proxy for the Web supporting HTTP, HTTPS, FTP, and more. Due to a NULL pointer dereference bug Squid is vulnerable to a Denial of Service attack against Squid's Gopher gateway. The gopher protocol is always available and enabled in Squid prior to Squid 6.0.1. Responses triggeri...

7.5CVSS7AI score0.05955EPSS
Exploits0References1
CNNVD
CNNVD
added 2023/08/27 12:0 a.m.4 views

IBM InfoSphere Information Server 安全漏洞

IBM InfoSphere Information Server is a set of data integration platforms from International Business Machines IBM. The platform can be used to integrate data information obtained from various sources. A CSV injection vulnerability exists in IBM InfoSphere Information Server version 11.7, which...

8.8CVSS7.4AI score0.00564EPSS
Exploits0References4
ATTACKERKB
ATTACKERKB
added 2023/03/06 9:15 p.m.3 views

CVE-2023-24736

PMB v7.4.6 was discovered to contain a remote code execution RCE vulnerability via the component /sauvegarde/restaureact.php...

9.8CVSS6.4AI score0.0161EPSS
Exploits1References2
SUSE CVE
SUSE CVE
added 2023/02/15 5:25 a.m.6 views

SUSE CVE-2014-8150

CRLF injection vulnerability in libcurl 6.0 through 7.x before 7.40.0, when using an HTTP proxy, allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via CRLF sequences in a URL...

4.3CVSS7.5AI score0.0681EPSS
Exploits0References22
SUSE CVE
SUSE CVE
added 2023/02/15 5:20 a.m.2 views

SUSE CVE-2015-2750

Open redirect vulnerability in URL-related API functions in Drupal 6.x before 6.35 and 7.x before 7.35 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via vectors involving the "//" initial sequence...

6.1CVSS6.1AI score0.01376EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2022/07/17 9:15 p.m.1 views

CVE-2022-27929

Pexip Infinity 27.x before 27.3 allows remote attackers to trigger a software abort via HTTP...

7.5CVSS7.1AI score0.0101EPSS
Exploits0References2
OSV
OSV
added 2021/07/26 5:15 a.m.7 views

CVE-2021-36092

It's possible to create an email which contains specially crafted link and it can be used to perform XSS attack. This issue affects: OTRS AG OTRS Community Edition:6.0.x version 6.0.1 and later versions. OTRS AG OTRS: 7.0.x version 7.0.27 and prior versions; 8.0.x version 8.0.14 and prior version...

6.1CVSS5.8AI score0.00717EPSS
Exploits0References1
CNVD
CNVD
added 2020/09/25 12:0 a.m.3 views

SQL Injection Vulnerability in Guojiz International Website Navigation System

Guojiz International Website Navigation System is developed by ThinkPHP5.0+PHP7.0+Mysql+Apache/Nginx/iis, which is suitable for small and medium-sized webmasters to build a CMS program. Guojiz International Website Navigation System has a SQL injection vulnerability, which can be exploited by...

7.9AI score
Exploits0
CNVD
CNVD
added 2020/09/14 12:0 a.m.4 views

Unspecified Vulnerability in SAP Commerce (CNVD-2020-65569)

SAP Commerce is a set of cloud-based e-commerce platform from Germany's SAP. This product supports sales management, marketing management, order management and operations management. A security vulnerability exists in SAP Commerce versions 6.7, 1808, 1811, 1905, and 2005, which can be exploited b...

8.1CVSS6.9AI score0.00805EPSS
Exploits0References1
OSV
OSV
added 2019/10/16 6:15 p.m.4 views

CVE-2019-3025

Vulnerability in the Oracle Hospitality RES 3700 component of Oracle Food and Beverage Applications. The supported version that is affected is 5.7. Difficult to exploit vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Hospitality RES 3700. While the...

9CVSS5.8AI score0.14457EPSS
Exploits4References2
OSV
OSV
added 2018/08/29 1:29 p.m.4 views

DEBIAN-CVE-2018-1318

Adding method ACLs in remap.config can cause a segfault when the user makes a carefully crafted request. This affects versions Apache Traffic Server ATS 6.0.0 to 6.2.2 and 7.0.0 to 7.1.3. To resolve this issue users running 6.x should upgrade to 6.2.3 or later versions and 7.x users should upgrad...

7.5CVSS7.2AI score0.07724EPSS
Exploits0References1
CNVD
CNVD
added 2018/06/05 12:0 a.m.3 views

Google Chrome Omnibox Reference Policy Bypass Vulnerability

Google Chrome is a web browser developed by Google, Inc. and Omnibox is a real-time search engine. A security vulnerability exists in Omnibox in versions of Google Chrome prior to 67.0.3396.62. A remote attacker can exploit the vulnerability with the help of a specially crafted website to bypass...

6.5CVSS8.8AI score0.0086EPSS
Exploits0References1
OSV
OSV
added 2017/09/13 4:29 p.m.5 views

UBUNTU-CVE-2015-2750

Open redirect vulnerability in URL-related API functions in Drupal 6.x before 6.35 and 7.x before 7.35 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via vectors involving the "//" initial sequence...

6.1CVSS6.5AI score0.01376EPSS
Exploits0References4
CNVD
CNVD
added 2017/08/08 12:0 a.m.4 views

Drupal Access Bypass Vulnerability

Drupal is a free, open source content management system developed in PHP and maintained by the Drupal community.Ctools Chaos tool suite is one of the API modules used to improve the development experience. A security vulnerability exists in ctools in Drupal in versions 6.x-1.x prior to 6.x-1.14 a...

7.5CVSS8AI score0.0111EPSS
Exploits0References1
CNVD
CNVD
added 2014/12/26 12:0 a.m.1 views

IBM Security Access Manager Information Disclosure Vulnerability (CNVD-2014-09196)

IBM Security Access Manager software is a highly scalable user authentication, authorization and Web SSO solution for implementing security policies on a variety of Web and application resources, centralized management of online portals. An information disclosure vulnerability exists in IBM...

5CVSS6AI score0.01369EPSS
Exploits0References1
Rows per page
Query Builder