Lucene search
K

1045 matches found

OSV
OSV
added 2019/10/01 8:15 p.m.4 views

CVE-2019-15041

JetBrains YouTrack versions before 2019.1.52545 allowed unbounded URL whitelisting because of Inclusion of Functionality from an Untrusted Control Sphere...

6.1CVSS6.4AI score0.01047EPSS
Exploits0References1
Prion
Prion
added 2019/10/01 8:15 p.m.19 views

Design/Logic Flaw

JetBrains YouTrack versions before 2019.1.52545 allowed unbounded URL whitelisting because of Inclusion of Functionality from an Untrusted Control Sphere...

5.8CVSS6.3AI score0.01047EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2019/10/01 7:35 p.m.109 views

CVE-2019-15041

CVE-2019-15041 affects JetBrains YouTrack. YouTrack versions before 2019.1.52545 allow unbounded URL whitelisting due to Inclusion of Functionality from an Untrusted Control Sphere. Public sources (Red Hat, CNVD, CVE listings) confirm the issue and associate the fixed build with YouTrack 2019.1.5...

6.1CVSS6.3AI score0.01047EPSS
Exploits0References1Affected Software1
ICS
ICS
added 2019/07/30 12:0 a.m.155 views

Prima Systems FlexAir

1. EXECUTIVE SUMMARY CVSS v3 10.0 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Prima Systems Equipment: FlexAir Vulnerabilities : OS Command Injection, Unrestricted Upload of File with Dangerous Type, Cross-site Request Forgery, Small Space of Random Values, Cross-site...

9.8CVSS9.6AI score0.31419EPSS
Exploits26References5
Kaspersky
Kaspersky
added 2019/06/28 12:0 a.m.12 views

KLA11586 Linux Kernel TCP SACK Denial of Service Vulnerability

Various vulnerabilities was found in Linux Kernel. Microsoft adresses the various effects of these vulnerabilities and provides links to more information: 1. If you are running a Linux kernel in your Azure environment, you should contact the provider of that Linux kernel to understand their...

7.3AI score
Exploits0References6
CNVD
CNVD
added 2019/05/06 12:0 a.m.2 views

IBM InfoSphere Information Analyzer, InfoSphere Information Governance Catalog and InfoSphere Information Server on Cloud Information Disclosure Vulnerabilities

IBM InfoSphere Information Analyzer, InfoSphere Information Governance Catalog, and InfoSphere Information Server on Cloud are products of IBM USA. An information disclosure vulnerability exists in IBM InfoSphere Information Analyzer, InfoSphere Information Governance Catalog, and InfoSphere...

4.3CVSS6.1AI score0.00994EPSS
Exploits0References1
OSV
OSV
added 2019/04/25 8:29 p.m.3 views

CVE-2018-16660

A command injection vulnerability in PWS in Imperva SecureSphere 13.0.0.10 and 13.1.0.10 Gateway allows an attacker with authenticated access to execute arbitrary OS commands on a vulnerable installation...

8.8CVSS6AI score
Exploits0References2
Github Security Blog
Github Security Blog
added 2019/04/15 4:19 p.m.37 views

Cleartext Transmission of Sensitive Information, Inclusion of Functionality from Untrusted Control Sphere , and Download of Code Without Integrity Check in Eclipse hawkBit

Eclipse hawkBit versions prior to 0.3.0M2 resolved Maven build artifacts for the Vaadin based UI over HTTP instead of HTTPS. Any of these dependent artifacts could have been maliciously compromised by a MITM attack. Hence produced build artifacts of hawkBit might be infected...

8.1CVSS0.3AI score0.00435EPSS
Exploits1References2Affected Software10
OSV
OSV
added 2019/04/15 4:19 p.m.30 views

GHSA-JWQM-C9F2-2CQ3 Cleartext Transmission of Sensitive Information, Inclusion of Functionality from Untrusted Control Sphere , and Download of Code Without Integrity Check in Eclipse hawkBit

Eclipse hawkBit versions prior to 0.3.0M2 resolved Maven build artifacts for the Vaadin based UI over HTTP instead of HTTPS. Any of these dependent artifacts could have been maliciously compromised by a MITM attack. Hence produced build artifacts of hawkBit might be infected...

8.1CVSS8.1AI score0.00435EPSS
Exploits1References2
Packet Storm
Packet Storm
added 2019/01/21 12:0 a.m.48 views

Joomla Akeeba Backup 6.3.3 Database Disclosure

Exploit Title : Joomla Akeeba Backup Components 6.3.3 Database Disclosure Author Discovered By : KingSkrupellos Team : Cyberizm Digital Security Army Date : 19/01/2019 Vendor Homepage : akeebabackup.com Software Information Link : extensions.joomla.org/extension/akeeba-backup/ Software Download...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2019/01/17 12:0 a.m.50 views

Joomla ZHYandexMap 8.0.0.2 Database Disclosure

Exploit Title : Joomla ZHYandexMap Components 8.0.0.2 Database Disclosure Author Discovered By : KingSkrupellos Team : Cyberizm Digital Security Army Date : 18/01/2019 Vendor Homepage : joomla.org Software Information Link : extensions.joomla.org/extension/zh-yandexmap/ Software Download Link :...

7.4AI score
Exploits0
OSV
OSV
added 2019/01/10 10:29 p.m.5 views

CVE-2018-5403

Imperva SecureSphere gateway GW running v13, for both pre-First Time Login or post-First Time Login FTL, if the attacker knows the basic authentication passwords, the GW may be vulnerable to RCE through specially crafted requests, from the web access management interface...

8.1CVSS5.8AI score0.02413EPSS
Exploits1References1
Packet Storm
Packet Storm
added 2018/12/06 12:0 a.m.38 views

WordPress Orbis 1.3.3 Database Disclosure

Exploit Title : WordPress Orbis Plugins 1.3.3 Pronamic Database Backup Disclosure Author Discovered By : KingSkrupellos from Cyberizm Digital Security Army Date : 06/12/2018 Vendor Homepage : pronamic.eu wordpress.org/plugins/orbis/ Software Download Link :...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2018/12/06 12:0 a.m.57 views

WordPress Search-Engine 0.5.9 Database Disclosure

Exploit Title : WordPress Search-Engine Plugins 0.5.9 Database Backup Disclosure Author Discovered By : KingSkrupellos from Cyberizm Digital Security Army Date : 06/12/2018 Vendor Homepage : wordpress.org/plugins/search-engine/ Software Download Link :...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2018/12/06 12:0 a.m.174 views

WordPress newwpml 3.0 Database Disclosure

Exploit Title : WordPress newwpml Plugins 3.0 Database Backup Disclosure Author Discovered By : KingSkrupellos from Cyberizm Digital Security Army Date : 06/12/2018 Vendor Homepage : wordpress.org Software Download Link : N/A Tested On : Windows and Linux Category : WebApps Version Information :...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2018/12/04 12:0 a.m.55 views

WordPress jomiz-plugins-accounting 1.0 Database Disclosure

Exploit Title : WordPress jomiz-plugins-accounting Plugins 1.0 Database Backup Disclosure Author Discovered By : KingSkrupellos from Cyberizm Digital Security Army Date : 02/12/2018 Vendor Homepage : wordpress.org Tested On : Windows and Linux Software Download Link : N/A Category : WebApps Explo...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2018/12/04 12:0 a.m.58 views

WordPress HitAppoint 5.0.5 Database Disclosure

Exploit Title : WordPress HitAppoint Plugins 5.0.5 Database Backup Disclosure Author Discovered By : KingSkrupellos from Cyberizm Digital Security Army Date : 02/12/2018 Vendor Homepage : wordpress.org hitappoint.com/wordpress-appointment-plugin/ Software Download Link : N/A Tested On : Windows a...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2018/11/29 12:0 a.m.36 views

WordPress Events Calendar Premium 1.0 Database Disclosure

Exploit Title : WordPress events-calendar-premium Plugins 1.0 Database Backup Information Disclosure Vulnerability Author Discovered By : KingSkrupellos from Cyberizm Digital Security Army Date : 30/11/2018 Vendor Homepage : wordpress.org Tested On : Windows and Linux Category : WebApps Version...

0.2AI score
Exploits0
Packet Storm
Packet Storm
added 2018/11/29 12:0 a.m.57 views

WordPress WP Complete Backup 3.0.5 Database Backup Disclosure

Exploit Title : WordPress wp-complete-backup Plugins 3.0.5 Database Backup Information Disclosure Vulnerability Author Discovered By : KingSkrupellos from Cyberizm Digital Security Army Date : 30/11/2018 Vendor Homepage : wordpress.org/plugins/wp-complete-backup/ Software Download Link :...

Exploits0
Packet Storm
Packet Storm
added 2018/11/29 12:0 a.m.102 views

WordPress Delme 3.0 Database Disclosure

Exploit Title : WordPress Delme Plugins 3.0 Database Backup Information Disclosure Vulnerability Author Discovered By : KingSkrupellos from Cyberizm Digital Security Army Date : 28/11/2018 Vendor Homepage : wordpress.org Tested On : Windows and Linux Category : WebApps Version Information : 3.0...

7.4AI score
Exploits0
Rows per page
Query Builder