Lucene search
K

8 matches found

CVE
CVE
added 2025/09/22 6:24 p.m.8 views

CVE-2025-57947

CVE-2025-57947 is a DOM-based XSS in the Photo Gallery by Ays – Responsive Image Gallery WordPress plugin. The initial description notes improper input neutralization during web page generation. Connected docs corroborate target: Photo Gallery by Ays; affected versions listed as

6.5CVSS5.9AI score0.00258EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 6:9 a.m.5 views

CVE-2023-25802

Roxy-WI is a Web interface for managing Haproxy, Nginx, Apache, and Keepalived servers. Versions prior to 6.3.6.0 don't correctly neutralize dir/../filename sequences, such as /etc/nginx/../passwd, allowing an actor to gain information about a server. Version 6.3.6.0 has a patch for this issue...

7.5CVSS6.8AI score0.01012EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/23 3:19 a.m.10 views

CVE-2023-23784

A relative path traversal in Fortinet FortiWeb version 7.0.0 through 7.0.2, FortiWeb version 6.3.6 through 6.3.20, FortiWeb 6.4 all versions allows attacker to information disclosure via specially crafted web requests...

6.5CVSS6.4AI score0.00558EPSS
Exploits0References1
SUSE CVE
SUSE CVE
added 2023/02/15 3:58 a.m.3 views

SUSE CVE-2020-12801

If LibreOffice has an encrypted document open and crashes, that document is auto-saved encrypted. On restart, LibreOffice offers to restore the document and prompts for the password to decrypt it. If the recovery is successful, and if the file format of the recovered document was not LibreOffice'...

4.7CVSS6.8AI score0.01255EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2023/01/03 12:0 a.m.6 views

PT-2023-14121 · Fortinet · Fortiweb

Name of the Vulnerable Software and Affected Versions: FortiWeb versions 6.3.6 through 6.3.20 FortiWeb versions 6.4.0 through 6.4.2 FortiWeb versions 7.0.0 through 7.0.2 Description: The issue is related to an improper neutralization of CRLF sequences in HTTP headers, also known as 'HTTP Response...

5.4CVSS5.3AI score0.00463EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2020/03/03 12:0 a.m.4 views

PT-2020-13124 · Grafana +4 · Grafana +4

Name of the Vulnerable Software and Affected Versions: Grafana versions 6.0.0 through 6.3.6 Grafana versions prior to 7.2.1 Description: The configuration files /etc/grafana/grafana.ini and /etc/grafana/ldap.toml are world readable, containing a secret key and a bind password. Recommendations: Fo...

7.1CVSS6.3AI score0.09619EPSS
Exploits3References54
Positive Technologies
Positive Technologies
added 2016/10/17 12:0 a.m.4 views

PT-2016-7899 · Oracle +7 · Mysql Server +6

Name of the Vulnerable Software and Affected Versions: MySQL Server versions 5.5.56 and earlier MySQL Server versions 5.6.36 and earlier MySQL Server versions 5.7.18 and earlier Description: The issue allows a low privileged attacker with network access via multiple protocols to compromise MySQL...

7.7CVSS6.8AI score0.04945EPSS
Exploits11References224
Microsoft Security Update
Microsoft Security Update
added 1976/01/01 12:0 a.m.3 views

2021-11 Cumulative Update for .NET Framework 3.5 and 4.8 for Microsoft server operating system version 21H2 for ARM64 (KB5006364)

2021-11 Cumulative Update for .NET Framework 3.5 and 4.8 for Microsoft server operating system version 21H2 for ARM64 KB5006364...

7AI score
Exploits0
Rows per page
Query Builder