Lucene search
K

17 matches found

EUVD
EUVD
added 2026/06/26 2:53 p.m.6 views

EUVD-2026-39747

Administrator SQL Injection in Popup box = 6.0.1 versions...

7.6CVSS5.8AI score0.00279EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/11 2:59 a.m.11 views

CVE-2026-45328

ESF-IDF is the Espressif Internet of Things IOT Development Framework. In versions 5.5.4 and 6.0, the esptee component exposes secure-service wrappers in espsecureservices.c and espsecureservicesiram.c that bridge calls from the user application i.e. the REE to TEE-protected hardware peripherals...

9.3CVSS5.3AI score0.00126EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/04/21 12:0 a.m.12 views

PT-2026-46970

Name of the Vulnerable Software and Affected Versions 7-Zip versions 9.21 through 26.00 Description An uninitialized memory disclosure exists in the UEFI capsule .scap parser. The OpenCapsule function allocates a heap buffer based on an attacker-declared CapsuleImageSize up to 1 GiB without...

7.8CVSS5.6AI score0.00277EPSS
Exploits1References33
Tenable Nessus
Tenable Nessus
added 2026/01/16 12:0 a.m.4 views

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-000853)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-000853 advisory. The pagemapopen function in fs/proc/taskmmu.c in the Linux kernel before 3.19.3, as used in Android 6.0.1 before 2016-03-01, allows local users to obtain sensitive...

4CVSS6.8AI score0.00305EPSS
Exploits0References9
EUVD
EUVD
added 2025/11/20 9:30 p.m.6 views

EUVD-2025-198343

Improper input neutralization in the stats-conversions.php script in Revive Adserver 5.5.2 and 6.0.1 and earlier versions causes potential information disclosure and session hijacking via a stored XSS attack...

8.7CVSS8AI score0.00445EPSS
Exploits1References2
OSV
OSV
added 2025/10/23 9:31 p.m.4 views

GHSA-WVV5-5G6X-HP7J MCMS reflected cross-site scripting (XSS) vulnerability

A reflected cross-site scripting XSS vulnerability in MCMS v6.0.1 allows attackers to execute arbitrary Javascript in the context of a user's browser via a crafted payload...

6.1CVSS6AI score0.00184EPSS
Exploits0References5
NVD
NVD
added 2025/10/23 7:15 p.m.6 views

CVE-2025-60837

A reflected cross-site scripting XSS vulnerability in MCMS v6.0.1 allows attackers to execute arbitrary Javascript in the context of a user's browser via a crafted payload...

6.1CVSS0.00184EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2025/05/23 8:35 a.m.7 views

CVE-2024-25532

RuvarOA v6.01 and v12.01 were discovered to contain a SQL injection vulnerability via the btid parameter at /include/getdict.aspx...

9.8CVSS8.4AI score0.0051EPSS
Exploits1References1
NCSC
NCSC
added 2025/03/25 8:41 a.m.6 views

Vulnerability fixed in NetApp SnapCenter

NetApp has fixed a vulnerability in SnapCenter Specifically for versions earlier than 6.0.1P1 and 6.1P1. The vulnerability is in the way SnapCenter handles authenticated users. This allows authenticated users to gain administrative access on remote systems equipped with the SnapCenter plug-in. Th...

9.9CVSS7AI score0.00645EPSS
Exploits0References1
OSV
OSV
added 2024/02/02 2:15 a.m.4 views

CVE-2023-46344

A vulnerability in Solar-Log Base 15 Firmware 6.0.1 Build 161, and possibly other Solar-Log Base products, allows an attacker to escalate their privileges by exploiting a stored cross-site scripting XSS vulnerability in the switch group function under /ilang=DE&b=csmartenergyswgroups in the web...

5.4CVSS5.6AI score0.00557EPSS
Exploits4References3
OSV
OSV
added 2023/05/30 8:15 a.m.4 views

CVE-2022-4676

The OSM WordPress plugin through 6.01 does not validate and escape some of its shortcode attributes, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attack...

5.4CVSS5.8AI score0.00444EPSS
Exploits2References1
CNNVD
CNNVD
added 2023/04/25 12:0 a.m.4 views

WordPress Plugin 微信机器人高级版 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting...

7.1CVSS6.8AI score0.00408EPSS
Exploits0References3
CNVD
CNVD
added 2020/04/07 12:0 a.m.3 views

apiconnect-cli-plugins Command Injection Vulnerability

apiconnect-cli-plugins is a development kit plugin for IBM API Connect. An injection vulnerability exists in apiconnect-cli-plugins version 6.0.1 and earlier. An attacker can exploit this vulnerability to execute arbitrary commands with the help of the 'pluginUri' parameter...

9.8CVSS7.8AI score0.04358EPSS
Exploits1References1
OSV
OSV
added 2017/07/06 8:29 p.m.6 views

CVE-2017-0685

A denial of service vulnerability in the Android media framework. Product: Android. Versions: 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-34203195...

5.5CVSS5.8AI score0.0032EPSS
Exploits0References2
OSV
OSV
added 2016/11/25 8:59 p.m.4 views

CVE-2016-0317

Lifecycle Query Engine LQE in IBM Jazz Reporting Service 6.0 and 6.0.1 before 6.0.1 iFix006 allows remote attackers to conduct clickjacking attacks via unspecified vectors...

6.5CVSS5.8AI score0.00935EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 2014/04/03 9:19 p.m.6 views

Drools: Remote Java Code Execution in MVEL

JBoss Drools, Red Hat JBoss BRMS before 6.0.1, and Red Hat JBoss BPM Suite before 6.0.1 allows remote authenticated users to execute arbitrary Java code via a 1 MVFLEX Expression Language MVEL or 2 Drools expression...

6.5CVSS6.2AI score0.01968EPSS
Exploits1References4
Positive Technologies
Positive Technologies
added 2013/01/05 12:0 a.m.12 views

PT-2013-1686

Name of the Vulnerable Software and Affected Versions JBoss Enterprise Application Platform versions prior to 6.0.1 Description The issue prevents the application of JACC permissions for Enterprise Java Beans EJB access when using role-based authorization, allowing remote attackers to obtain...

6.4CVSS5.8AI score0.02102EPSS
Exploits1References10
Rows per page
Query Builder