Lucene search
+L

711 matches found

CNNVD
CNNVD
added 2023/09/20 12:0 a.m.7 views

Croc Security Breach

croc is a tool from the individual developers at Zack that allows any two computers to simply and securely transfer files and folders. A security vulnerability exists in Croc version 9.6.5 and earlier versions, which originates from a sender being able to place an ANSI or CSI escape sequence in a...

7.8CVSS6.7AI score0.00339EPSS
Exploits1References4
CNNVD
CNNVD
added 2023/09/20 12:0 a.m.5 views

croc path traversal vulnerability

croc is a tool from the individual developers at Zack that allows any two computers to simply and securely transfer files and folders. A path traversal vulnerability exists in Croc version 9.6.5 and prior versions, which originates from a sender that can cause the receiver to overwrite files duri...

5.5CVSS6.7AI score0.00368EPSS
Exploits1References4
Positive Technologies
Positive Technologies
added 2023/08/27 12:0 a.m.14 views

PT-2023-6289 · Linux +2 · Linux Kernel +2

Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 6.5.4 Description: The issue is related to a use-after-free error in the ext4 file system driver of the Linux kernel, specifically in the fs/ext4/extents status.c file, related to the ext4 es insert extent...

8.8CVSS7AI score0.09141EPSS
Exploits3References63
OSV
OSV
added 2023/06/29 2:15 a.m.5 views

CVE-2023-2982

The WordPress Social Login and Register Discord, Google, Twitter, LinkedIn plugin for WordPress is vulnerable to authentication bypass in versions up to, and including, 7.6.4. This is due to insufficient encryption on the user being supplied during a login validated through the plugin. This makes...

9.8CVSS5.8AI score0.46242EPSS
Exploits4References5
OSV
OSV
added 2023/06/22 8:15 a.m.5 views

CVE-2023-27629

Auth. contributor+ Stored Cross-Site Scripting XSS vulnerability in Paul Ryley Site Reviews plugin = 6.5.1 versions...

5.4CVSS5.8AI score0.00411EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2023/06/13 11:15 a.m.4 views

CVE-2023-3218

Race Condition within a Thread in GitHub repository it-novum/openitcockpit prior to 4.6.5...

6.5CVSS5.8AI score0.00475EPSS
Exploits1References3
Positive Technologies
Positive Technologies
added 2023/05/28 12:0 a.m.11 views

PT-2023-24577 · Unknown · Ciprian Popescu Youtube Playlist Player

Name of the Vulnerable Software and Affected Versions: Ciprian Popescu YouTube Playlist Player plugin versions prior to 4.6.5 Description: The issue is related to a Cross-Site Request Forgery CSRF vulnerability. This means an attacker could potentially trick a user into performing unintended...

8.8CVSS8.9AI score0.00256EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2023/05/10 12:0 a.m.4 views

PT-2023-4689

Name of the Vulnerable Software and Affected Versions Qt versions prior to 5.15.14 Qt versions 6.0.x through 6.2.x before 6.2.9 Qt versions 6.3.x through 6.5.x before 6.5.1 Description The issue is related to the QtSvg QSvgFont function in the Qt framework, which can be exploited to bypass...

7.8CVSS6.6AI score0.00877EPSS
Exploits0References100
Positive Technologies
Positive Technologies
added 2023/04/17 12:0 a.m.9 views

PT-2023-17411

Name of the Vulnerable Software and Affected Versions Shopware 6 versions 6.4.20.0 through 6.4.20.0 Shopware 6 versions 6.5.0.0-rc1 through 6.5.0.0-rc4 Description The issue allows remote attackers with access to a Twig environment without the Sandbox extension to bypass validation checks and...

8.8CVSS7.3AI score0.02083EPSS
Exploits1References15
CNNVD
CNNVD
added 2023/04/04 12:0 a.m.9 views

PowerDNS Recursor 安全漏洞

PowerDNS Recursor pdnsrecursor is a domain name resolution server from the Dutch company PowerDNS. A security vulnerability exists in PowerDNS Recursor. An attacker has exploited the vulnerability to cause a denial of service on the system. The following versions are affected: 4.6.5 and earlier,...

5.3CVSS5.6AI score0.00593EPSS
Exploits0References4
SUSE CVE
SUSE CVE
added 2023/03/30 1:44 a.m.5 views

SUSE CVE-2023-26437

Denial of service vulnerability in PowerDNS Recursor allows authoritative servers to be marked unavailable.This issue affects Recursor: through 4.6.5, through 4.7.4 , through 4.8.3...

5.3CVSS7AI score0.00593EPSS
Exploits0References5
OSV
OSV
added 2023/03/22 5:15 p.m.4 views

CVE-2023-22253

Experience Manager versions 6.5.15.0 and earlier are affected by a reflected Cross-Site Scripting XSS vulnerability. If a low-privileged attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of the...

5.4CVSS6AI score0.0048EPSS
Exploits0References1
SUSE CVE
SUSE CVE
added 2023/02/15 6:11 a.m.5 views

SUSE CVE-2007-3207

Buffer overflow in the NFS mount daemon XNFS.NLM in Novell NetWare 6.5 SP6, and probably earlier, allows remote attackers to cause a denial of service abend via a long path in a mount request...

7.1CVSS7.1AI score0.02184EPSS
Exploits0References4
SUSE CVE
SUSE CVE
added 2023/02/15 5:45 a.m.6 views

SUSE CVE-2012-4166

DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2012-4165. Reason: This candidate is a duplicate of CVE-2012-4165. Notes: All CVE users should reference CVE-2012-4165 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage...

6.8AI score
Exploits0References3
SUSE CVE
SUSE CVE
added 2023/02/15 4:19 a.m.4 views

SUSE CVE-2018-1000845

DO NOT USE THIS CANDIDATE NUMBER. ConsultID: CVE-2017-6519. Reason: This candidate is a duplicate of CVE-2017-6519. Notes: All CVE users should reference CVE-2017-6519 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage...

5.3CVSS7AI score
Exploits0References8
OSV
OSV
added 2022/12/19 8:15 p.m.3 views

CVE-2022-44470

Adobe Experience Manager version 6.5.14 and earlier is affected by a reflected Cross-Site Scripting XSS vulnerability. If a low-privileged attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of the...

5.4CVSS5.7AI score0.0048EPSS
Exploits0References1
OSV
OSV
added 2022/12/19 8:15 p.m.5 views

CVE-2022-44471

Adobe Experience Manager version 6.5.14 and earlier is affected by a reflected Cross-Site Scripting XSS vulnerability. If a low-privileged attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of the...

5.4CVSS5.7AI score0.0048EPSS
Exploits0References1
OSV
OSV
added 2022/12/16 4:15 p.m.5 views

CVE-2022-42367

Adobe Experience Manager version 6.5.14 and earlier is affected by a reflected Cross-Site Scripting XSS vulnerability. If a low-privileged attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of the...

5.4CVSS5.7AI score0.00708EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2022/12/13 12:0 a.m.4 views

PT-2022-6000 · Adobe · Experience Manager

Name of the Vulnerable Software and Affected Versions: Adobe Experience Manager versions 6.5.14 and earlier Description: The issue exists due to inadequate protection of the web page structure in Adobe Experience Manager, allowing a remote attacker to perform cross-site scripting attacks using a...

5.5CVSS5.3AI score0.00708EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2022/12/09 12:0 a.m.7 views

PT-2022-27313 · Interspire · Interspire Email Marketer

Name of the Vulnerable Software and Affected Versions: Interspire Email Marketer versions 6.5.1 and earlier Description: The issue allows SQL Injection via the surveys module. An unauthenticated attacker could successfully perform an attack to extract potentially sensitive information from the...

7.5CVSS7.7AI score0.006EPSS
Exploits0References3
Rows per page
Query Builder