Lucene search
K

23 matches found

CVE
CVE
added 2025/12/09 3:55 p.m.24 views

CVE-2025-10573

Ivanti Endpoint Manager is affected by CVE-2025-10573 (Stored XSS) in versions before 2024 SU4 SR1. The vulnerability allows an unauthenticated attacker to inject JavaScript in the administrator session via crafted device scan data, requiring user interaction to trigger the payload. Several conne...

9.6CVSS6.3AI score0.29949EPSS
Exploits0References1Affected Software1
CNNVD
CNNVD
added 2025/12/09 12:0 a.m.6 views

Ivanti Endpoint Manager 数据伪造问题漏洞

Ivanti Endpoint Manager EPM is a suite of endpoint security managers from Ivanti USA. A data forgery issue vulnerability exists in versions prior to Ivanti Endpoint Manager 2024 SU4 SR1 that stems from improper cryptographic signature validation and could lead to remote code execution...

7.8CVSS7.7AI score0.00494EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/04/28 12:0 a.m.4 views

OneVision Workspace 安全漏洞

OneVision Workspace is a software solution for automating PDF workflows from OneVision. A security vulnerability exists in OneVision Workspace versions prior to WS23.1 SR1, which originates from allowing the execution of arbitrary Java EL expressions...

9.8CVSS6.9AI score0.00296EPSS
Exploits0References3
Exploit DB
Exploit DB
added 2024/06/26 12:0 a.m.446 views

SolarWinds Platform 2024.1 SR1 - Race Condition

Exploit Title: SolarWinds Platform 2024.1 SR1 - Race Condition CVE: CVE-2024-28999 Affected Versions: SolarWinds Platform 2024.1 SR 1 and previous versions Author: Elhussain Fathy, AKA 0xSphinx import requests import urllib3 import asyncio import aiohttp...

7.5CVSS8.2AI score0.13913EPSS
Exploits4
CNNVD
CNNVD
added 2023/12/12 12:0 a.m.5 views

BeyondTrust Privilege Management Security Vulnerability

BeyondTrust Privilege Management is the BeyondTrust Privilege Management tool for Windows and Mac SaaS from BeyondTrust USA. A security vulnerability exists in BeyondTrust Privilege Management Windows versions prior to 5.7 SR1, which stems from the possibility of bypassing publisher application...

8.4CVSS6.8AI score0.00142EPSS
Exploits0References3
OSV
OSV
added 2023/10/20 7:15 a.m.4 views

CVE-2023-5523

Execution of downloaded content flaw in M-Files Web Companion before release version 23.10 and LTS Service Release Versions before 23.8 LTS SR1 allows Remote Code Execution...

7.8CVSS5.8AI score0.00328EPSS
Exploits0References3
OSV
OSV
added 2023/10/20 7:15 a.m.6 views

CVE-2023-2325

Stored XSS Vulnerability in M-Files Classic Web versions before 23.10 and LTS Service Release Versions before 23.2 LTS SR4 and 23.8 LTS SR1allows attacker to execute script on users browser via stored HTML document...

5.4CVSS5.9AI score0.00431EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2023/10/19 12:0 a.m.8 views

PT-2023-32154 · M Files · M-Files Web Companion

Name of the Vulnerable Software and Affected Versions: M-Files Web Companion versions prior to 23.10 M-Files Web Companion LTS Service Release Versions prior to 23.8 LTS SR1 Description: The issue is related to insufficient blacklisting in M-Files Web Companion, allowing Remote Code Execution via...

8.2CVSS7.9AI score0.00312EPSS
Exploits0References5
Cvelist
Cvelist
added 2020/01/23 7:46 p.m.42 views

CVE-2013-1593

A Denial of Service vulnerability exists in the WRITEC function in the msgserver.exe module in SAP NetWeaver 2004s, 7.01 SR1, 7.02 SP06, and 7.30 SP04 when sending a crafted SAP Message Server packet to TCP ports 36NN and/or 39NN...

7.5AI score0.02388EPSS
Exploits6References5
Tenable Nessus
Tenable Nessus
added 2019/11/08 12:0 a.m.22 views

Rockwellautomation Rslinx Integer Overflow or Wraparound

Rockwell Automation RSLinx Enterprise Software LogReceiver.exe CPR9, CPR9-SR1, CPR9-SR2, CPR9-SR3, CPR9-SR4, CPR9-SR5, CPR9-SR5.1, and CPR9-SR6 does not handle input correctly and results in a logic error if it calculates an incorrect value for the “End of Current Record” field. By sending a...

7.8CVSS1.7AI score0.03855EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2019/11/08 12:0 a.m.19 views

Rockwellautomation Rslinx Out-of-bounds Read

Rockwell Automation RSLinx Enterprise Software LogReceiver.exe CPR9, CPR9-SR1, CPR9-SR2, CPR9-SR3, CPR9-SR4, CPR9-SR5, CPR9-SR5.1, and CPR9-SR6 does not handle input correctly and results in a logic error if it calculates an incorrect value for the “Total Record Size” field. By sending a datagram...

7.8CVSS1.3AI score0.03855EPSS
Exploits0References2
NVD
NVD
added 2019/03/26 5:29 p.m.27 views

CVE-2013-2806

Rockwell Automation RSLinx Enterprise Software LogReceiver.exe CPR9, CPR9-SR1, CPR9-SR2, CPR9-SR3, CPR9-SR4, CPR9-SR5, CPR9-SR5.1, and CPR9-SR6 does not handle input correctly and results in a logic error if it calculates an incorrect value for the “End of Current Record” field. By sending a...

7.8CVSS7.8AI score0.03855EPSS
Exploits0References1
Cvelist
Cvelist
added 2019/03/26 4:47 p.m.29 views

CVE-2013-2806

Rockwell Automation RSLinx Enterprise Software LogReceiver.exe CPR9, CPR9-SR1, CPR9-SR2, CPR9-SR3, CPR9-SR4, CPR9-SR5, CPR9-SR5.1, and CPR9-SR6 does not handle input correctly and results in a logic error if it calculates an incorrect value for the “End of Current Record” field. By sending a...

7.8AI score0.03855EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2019/03/22 8:5 p.m.9 views

CVE-2019-1766 Cisco IP Phone 8800 Series File Upload Denial of Service Vulnerability

A vulnerability in the web-based management interface of Session Initiation Protocol SIP Software for Cisco IP Phone 8800 Series could allow an unauthenticated, remote attacker to cause high disk utilization, resulting in a denial of service DoS condition. The vulnerability exists because the...

7.5CVSS7AI score0.01527EPSS
Exploits0References1
NVD
NVD
added 2017/04/24 4:59 p.m.32 views

CVE-2017-1000357

Denial of Service attack when the switch rejects to receive packets from the controller. Component: This vulnerability affects OpenDaylight odl-l2switch-switch, which is the feature responsible for the OpenFlow communication. Version: OpenDaylight versions 3.3 Lithium-SR3, 3.4 Lithium-SR4, 4.0...

7.5CVSS7.5AI score0.01402EPSS
Exploits1References1
NVD
NVD
added 2015/07/02 9:59 p.m.22 views

CVE-2015-1916

Unspecified vulnerability in IBM Java 8 before SR1 allows remote attackers to cause a denial of service via unknown vectors related to SSL/TLS and the Secure Socket Extension provider...

7.5CVSS6.1AI score0.02696EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2015/07/02 9:16 p.m.5 views

CVE-2015-1916

Unspecified vulnerability in IBM Java 8 before SR1 allows remote attackers to cause a denial of service via unknown vectors related to SSL/TLS and the Secure Socket Extension provider...

6.1AI score0.02696EPSS
Exploits0References3
CERT
CERT
added 2014/07/03 12:0 a.m.29 views

Autodesk VRED contains an unauthenticated remote code execution vulnerability

Overview Autodesk VRED contains an unauthenticated remote code execution vulnerability. Description CWE-78: Improper Neutralization of Special Elements used in an OS Command 'OS Command Injection': Autodesk VRED Professional 2014 contains an unauthenticated remote code execution vulnerability...

10CVSS7.9AI score0.05073EPSS
Exploits0References2
Cvelist
Cvelist
added 2013/04/18 10:0 a.m.27 views

CVE-2012-4715

Buffer overflow in LogReceiver.exe in Rockwell Automation RSLinx Enterprise CPR9, CPR9-SR1, CPR9-SR2, CPR9-SR3, CPR9-SR4, CPR9-SR5, CPR9-SR5.1, and CPR9-SR6 allows remote attackers to cause a denial of service daemon crash or possibly execute arbitrary code via a UDP packet with a certain integer...

8.2AI score0.07788EPSS
Exploits0References2
NVD
NVD
added 2013/04/18 2:25 a.m.28 views

CVE-2012-4714

Integer overflow in RNADiagnostics.dll in Rockwell Automation FactoryTalk Services Platform FTSP CPR9, CPR9-SR1, CPR9-SR2, CPR9-SR3, CPR9-SR4, CPR9-SR5, CPR9-SR5.1, and CPR9-SR6 allows remote attackers to cause a denial of service service outage or RNADiagReceiver.exe daemon crash via UDP data th...

7.8CVSS7.6AI score0.03221EPSS
Exploits0References2
Rows per page
Query Builder