Lucene search
K

139 matches found

cve
cve
added 2024/11/13 2:44 p.m.92 views

CVE-2024-49504

CVE-2024-49504 is referenced in multiple security advisories for grub2 (GRUB2) across EulerOS and Tencent/TencentOS Server ecosystems. The linked Nessus/OPENVAS entries identify that “grub2 allowed attackers with access to the grub shell to access files on the encrypted disks,” indicating a vulne...

7CVSS6.6AI score0.00325EPSS
Exploits0References1
nvd
nvd
added 2024/09/10 10:15 a.m.11 views

CVE-2024-43781

A vulnerability has been identified in SINUMERIK 828D V4 All versions V4.95 SP3, SINUMERIK 840D sl V4 All versions V4.95 SP3 in connection with using Create MyConfig CMC = V4.8 SP1 HF6, SINUMERIK ONE All versions V6.23 in connection with using Create MyConfig CMC = V6.6, SINUMERIK ONE All version...

6.8CVSS0.00155EPSS
Exploits0References1
nvd
nvd
added 2024/08/12 1:38 p.m.15 views

CVE-2023-50810

In certain Sonos products before Sonos S1 Release 11.12 and S2 release 15.9, a vulnerability exists in the U-Boot component of the firmware that allow persistent arbitrary code execution with Linux kernel privileges. A failure to correctly handle the return value of the setenv command can be used...

6CVSS0.00789EPSS
Exploits0References1
vulnrichment
vulnrichment
added 2024/08/09 12:0 a.m.18 views

CVE-2023-50810

In certain Sonos products before Sonos S1 Release 11.12 and S2 release 15.9, a vulnerability exists in the U-Boot component of the firmware that allow persistent arbitrary code execution with Linux kernel privileges. A failure to correctly handle the return value of the setenv command can be used...

7.7AI score0.00789EPSS
Exploits0References1
vulnrichment
vulnrichment
added 2024/07/22 9:23 a.m.13 views

CVE-2024-37219 WordPress Page Builder Sandwich plugin <= 5.1.0 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in PBN Hosting SL Page Builder Sandwich – Front-End Page Builder allows Stored XSS.This issue affects Page Builder Sandwich – Front-End Page Builder: from n/a through 5.1.0...

6.5CVSS6.8AI score0.00261EPSS
Exploits0References1
cve
cve
added 2024/07/22 9:23 a.m.50 views

CVE-2024-37219

CVE-2024-37219 refers to a stored XSS in Page Builder Sandwich – Front-End Page Builder for WordPress, affecting versions n/a through 5.1.0. Root cause: improper neutralization of input during web page generation. Impact stated as Stored XSS; exploitation details are not provided in the sources. ...

6.5CVSS6.5AI score0.00261EPSS
Exploits0References1Affected Software1
cvelist
cvelist
added 2024/07/22 9:23 a.m.18 views

CVE-2024-37219 WordPress Page Builder Sandwich plugin <= 5.1.0 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in PBN Hosting SL Page Builder Sandwich – Front-End Page Builder allows Stored XSS.This issue affects Page Builder Sandwich – Front-End Page Builder: from n/a through 5.1.0...

6.5CVSS0.00261EPSS
Exploits0References1
ptsecurity
ptsecurity
added 2024/04/30 12:0 a.m.2 views

PT-2024-40727 · Hdf5 · Hdf5

Name of the Vulnerable Software and Affected Versions: HDF5 affected versions not specified Description: A crash issue has been identified, characterized as an UNKNOWN READ. The crash state involves functions such as H5SL release common, H5SL close common, and H5SL destroy. Recommendations: At th...

7AI score
Exploits0References2
openbugbounty
openbugbounty
added 2024/04/26 2:50 p.m.8 views

sl-gakkou.com Cross Site Scripting vulnerability OBB-3922104

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

6.2AI score
Exploits0
cvelist
cvelist
added 2024/04/03 12:20 p.m.29 views

CVE-2024-24707 WordPress Cwicly plugin <= 1.4.0.2 - Auth. Remote Code Execution (RCE) vulnerability

Improper Control of Generation of Code 'Code Injection' vulnerability in Cwicly Builder, SL. Cwicly allows Code Injection.This issue affects Cwicly: from n/a through 1.4.0.2...

9.9CVSS9.8AI score0.00748EPSS
Exploits0References2
redhat
redhat
added 2024/03/19 5:43 p.m.2 views

kernel: null-ptr-deref vulnerabilities in sl_tx_timeout in drivers/net/slip

A flaw was found in the Linux kernel. A NULL pointer dereference may occur while a slip driver is in progress to detach in sltxtimeout in drivers/net/slip/slip.c. This issue could allow an attacker to crash the system or leak internal kernel information...

7.1CVSS6.6AI score0.00275EPSS
Exploits0References5
redhat
redhat
added 2024/02/20 12:31 p.m.2 views

kernel: null-ptr-deref vulnerabilities in sl_tx_timeout in drivers/net/slip

A flaw was found in the Linux kernel. A NULL pointer dereference may occur while a slip driver is in progress to detach in sltxtimeout in drivers/net/slip/slip.c. This issue could allow an attacker to crash the system or leak internal kernel information...

7.1CVSS6.7AI score0.00275EPSS
Exploits0References5
osv
osv
added 2024/01/19 2:15 p.m.6 views

CVE-2023-51946

Multiple reflected cross-site scripting XSS vulnerabilities in nasSvr.php in actidata actiNAS-SL-2U-8 3.2.03-SP1 allow remote attackers to inject arbitrary web script or HTML...

6.1CVSS5.8AI score0.00446EPSS
Exploits1References3
nvd
nvd
added 2024/01/19 2:15 p.m.30 views

CVE-2023-51946

Multiple reflected cross-site scripting XSS vulnerabilities in nasSvr.php in actidata actiNAS-SL-2U-8 3.2.03-SP1 allow remote attackers to inject arbitrary web script or HTML...

6.1CVSS6.2AI score0.00446EPSS
Exploits1References2
nvd
nvd
added 2024/01/19 2:15 p.m.21 views

CVE-2023-51947

Improper access control on nasSvr.php in actidata actiNAS SL 2U-8 RDX 3.2.03-SP1 allows remote attackers to read and modify different types of data without authentication...

9.1CVSS9.1AI score0.00745EPSS
Exploits2References2
prion
prion
added 2024/01/19 2:15 p.m.19 views

Improper access control

Improper access control on nasSvr.php in actidata actiNAS SL 2U-8 RDX 3.2.03-SP1 allows remote attackers to read and modify different types of data without authentication...

6.4CVSS7.2AI score0.00745EPSS
Exploits2References3Affected Software1
vulnrichment
vulnrichment
added 2024/01/19 12:0 a.m.4 views

CVE-2023-51948

A Site-wide directory listing vulnerability in /fm in actidata actiNAS SL 2U-8 RDX 3.2.03-SP1 allows remote attackers to list the files hosted by the web application...

7.5AI score0.00714EPSS
Exploits2References2
cve
cve
added 2024/01/19 12:0 a.m.42 views

CVE-2023-51946

CVE-2023-51946 concerns actidata actiNAS-SL-2U-8 (version 3.2.03-SP1). Multiple reflected XSS vulnerabilities exist in nasSvr.php, enabling remote attackers to inject arbitrary web script or HTML. Connected sources (Red Hat, NVD, CNNVD, CVE listing) confirm the vulnerability description but do no...

6.1CVSS6AI score0.00446EPSS
Exploits1References2Affected Software1
cve
cve
added 2024/01/19 12:0 a.m.44 views

CVE-2023-51947

The CVE-2023-51947 issue affects actidata actiNAS SL 2U-8 RDX (firmware 3.2.03-SP1). It stems from improper access control in nasSvr.php, enabling remote attackers to read and modify data without authentication. According to sources, the vulnerability is critical (CVSS 3.1: AV:N/AC:L/PR:N/UI:N/S:...

9.1CVSS9AI score0.00745EPSS
Exploits2References2Affected Software1
cvelist
cvelist
added 2024/01/19 12:0 a.m.31 views

CVE-2023-51947

Improper access control on nasSvr.php in actidata actiNAS SL 2U-8 RDX 3.2.03-SP1 allows remote attackers to read and modify different types of data without authentication...

9.3AI score0.00745EPSS
Exploits2References2
Rows per page
Query Builder