Lucene search
K

69 matches found

Vulnrichment
Vulnrichment
added 2025/01/21 8:53 p.m.6 views

CVE-2025-21540

...

5.4CVSS6.9AI score0.00481EPSS
Exploits0References1
OSV
OSV
added 2024/11/27 12:15 p.m.8 views

CVE-2024-42331

In the src/libs/zbxembed/browser.c file, the esbrowserctor method retrieves a heap pointer from the Duktape JavaScript engine. This heap pointer is subsequently utilized by the browserpusherror method in the src/libs/zbxembed/browsererror.c file. A use-after-free bug can occur at this stage if th...

3.3CVSS6.6AI score
Exploits0References2
NVD
NVD
added 2024/07/19 5:15 p.m.28 views

CVE-2024-24970

Potential vulnerabilities have been identified in the HP Display Control software component within the HP Application Enabling Software Driver which might allow escalation of privilege...

6.5CVSS0.0012EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/07/19 4:51 p.m.18 views

CVE-2024-29080

Potential vulnerabilities have been identified in the HP Display Control software component within the HP Application Enabling Software Driver which might allow escalation of privilege...

7.3AI score0.0012EPSS
Exploits0References1
NVD
NVD
added 2024/05/03 2:15 p.m.14 views

CVE-2023-41826

A PendingIntent hijacking vulnerability in Motorola Device Help Genie application that could allow local attackers to access files or interact with non-exported software components without permission...

5.1CVSS5.1AI score0.00155EPSS
Exploits0References1
OSV
OSV
added 2024/05/01 3:15 a.m.5 views

CVE-2024-33767

lunasvg v2.3.9 was discovered to contain a segmentation violation via the component compositionsolidsource...

5CVSS7.3AI score0.00297EPSS
Exploits1References1
Github Security Blog
Github Security Blog
added 2024/04/06 12:30 p.m.23 views

Xuxueli xxl-job template injection vulnerability

A vulnerability classified as problematic was found in Xuxueli xxl-job version 2.4.0. This vulnerability affects the function deserialize of the file com/xxl/job/core/util/JdkSerializeTool.java of the component Template Handler. The manipulation leads to injection. The exploit has been disclosed ...

9.8CVSS7.5AI score0.00945EPSS
Exploits1References8Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2024/03/19 12:0 p.m.42 views

Security Bulletin: IBM Security Verify Governance - Identity Manager, Software component has multiple vulnerabilities

Summary Multiple security vulnerabilities have been addressed in IBM Security Verify Governance - Identity Manager, Software component. Vulnerability Details CVEID:CVE-2020-11023 DESCRIPTION: jQuery is vulnerable to cross-site scripting, caused by improper validation of user-supplied input by the...

7.5CVSS7.9AI score0.99019EPSS
Exploits16Affected Software1
OSV
OSV
added 2024/02/11 9:15 p.m.3 views

CVE-2024-25417

flusity-CMS v2.33 was discovered to contain a Cross-Site Request Forgery CSRF via the component /core/tools/addtranslation.php...

8.8CVSS7.4AI score
Exploits0References1
OSV
OSV
added 2023/12/07 8:15 p.m.6 views

CVE-2023-49462

libheif v1.17.5 was discovered to contain a segmentation violation via the component /libheif/exif.cc...

8.8CVSS8.7AI score
Exploits0References1
IBM Security Bulletins
IBM Security Bulletins
added 2023/05/30 11:2 p.m.24 views

Security Bulletin: IBM WebSphere Application Server Liberty is vulnerable to spoofing when using Web Server Plug-ins

Summary IBM Security Verify Governance uses IBM WebSphere Application Server .The fix includes upgrading IBM WebSphere Application Server with the security patch. Vulnerability Details Refer to the security bulletins listed in the Remediation/Fixes section Affected Products and Versions Affected...

6.1CVSS6.1AI score0.00399EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2023/05/30 6:46 p.m.15 views

Security Bulletin: IBM Security Verify Governance, Identity Manager software component ships IBM WebSphere Application Server, which is vulnerable to cross site scripting

Summary IBM WebSphere Application Server WAS is shipped with IBM Security Verify Governance, Identity Manager software component SVGSS. Information about security vulnerabilities affecting IBM WebSphere Application Server has been published in a security bulletin. Vulnerability Details Refer to t...

5.4CVSS5.4AI score0.00371EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2023/05/30 6:32 p.m.11 views

Security Bulletin: IBM WebSphere Application Server is vulnerable to cross-site scripting in the Admin Console

Summary IBM Security Verify Governance uses IBM WebSphere Application Server. The fix includes upgrading IBM WebSphere Application Server with the security patch. Vulnerability Details Refer to the security bulletins listed in the Remediation/Fixes section Affected Products and Versions Affected...

9.1CVSS7.6AI score0.00859EPSS
Exploits0Affected Software1
BDU FSTEC
BDU FSTEC
added 2023/03/06 12:0 a.m.9 views

The hardware-software component of WebAdmin is vulnerable to cyber threats from Sophos SG UTM (Unified Thread Management), allowing attackers to execute arbitrary commands.

The vulnerability of the WebAdmin component in the hardware-software security system for handling network threats, Sophos SG UTM Unified Thread Management, is related to the failure to take measures to neutralize specific elements used in operating system processes. Exploiting this vulnerability...

10CVSS8.3AI score0.96693EPSS
Exploits9References6
F5 Networks
F5 Networks
added 2023/02/21 7:5 p.m.39 views

K17248: OpenSSL vulnerability CVE-2010-0742

Security Advisory Description The Cryptographic Message Syntax CMS implementation in crypto/cms/cmsasn1.c in OpenSSL before 0.9.8o and 1.x before 1.0.0a does not properly handle structures that contain OriginatorInfo, which allows context-dependent attackers to modify invalid memory locations or...

7.5CVSS8.3AI score0.07834EPSS
Exploits2Affected Software9
IBM Security Bulletins
IBM Security Bulletins
added 2023/01/09 4:53 p.m.16 views

Security Bulletin: Security vulnerabilities have been fixed in IBM Security Verify Governance, Identity Manager software component

Summary IBM Security Verify Governance, Identity Manager software component has addressed the following vulnerabilities Vulnerability Details Refer to the security bulletins listed in the Remediation/Fixes section Affected Products and Versions Affected Products| Versions ---|--- IBM Security...

6AI score
Exploits0Affected Software1
OSV
OSV
added 2022/08/18 5:15 a.m.12 views

CVE-2022-35166

libjpeg commit 842c7ba was discovered to contain an infinite loop via the component JPEG::ReadInternal...

5.5CVSS5.6AI score
Exploits0References1
NVD
NVD
added 2022/05/18 4:15 p.m.26 views

CVE-2021-3922

A race condition vulnerability was reported in IMController, a software component of Lenovo System Interface Foundation, prior to version 1.1.20.3 that could allow a local attacker to connect and interact with the IMController child process' named pipe...

7.8CVSS0.01771EPSS
Exploits0References1
Github Security Blog
Github Security Blog
added 2021/11/19 8:18 p.m.31 views

Incorrect Access Control in Ignition

The Ignition component before 1.16.15, and 2.0.x before 2.0.6, for Laravel has a "fix variable names" feature that can lead to incorrect access control...

9.8CVSS3.6AI score0.0167EPSS
Exploits0References5Affected Software1
hivepro
hivepro
added 2021/09/20 5:48 a.m.29 views

ManageEngine ADSelfService Plus has been abused in the wild due to a zero-day vulnerability

THREAT LEVEL: Red. For a detailed advisory, download the pdf file here. An APT actor is attempting to exploit a zero-day vulnerability in ManageEngine ADSelfService Plus, a self-service password management and single sign-on solution that poses a high risk to critical infrastructure companies,...

1AI score
Exploits0
Rows per page
Query Builder