Lucene search
K

16 matches found

CNNVD
CNNVD
added 2026/05/13 12:0 a.m.12 views

cPanel 注入漏洞

cPanel is a web-based automated hosting platform developed by cPanel Inc. This platform is primarily used for automating the management of websites and servers. cPanel has a vulnerability known as “injection attack,” which stems from improper cleaning of the status query parameters in the...

8.3CVSS5.9AI score0.00301EPSS
Exploits0References1
EUVD
EUVD
added 2025/12/19 3:31 p.m.5 views

EUVD-2025-204539

Turms IM Server v0.10.0-SNAPSHOT and earlier contains a broken access control vulnerability in the user online status query functionality. The handleQueryUserOnlineStatusesRequest method in UserServiceController.java allows any authenticated user to query the online status, device information, an...

6.5CVSS6.2AI score0.0028EPSS
Exploits1References4
Cvelist
Cvelist
added 2025/12/19 12:0 a.m.29 views

CVE-2025-66911

Turms IM Server v0.10.0-SNAPSHOT and earlier contains a broken access control vulnerability in the user online status query functionality. The handleQueryUserOnlineStatusesRequest method in UserServiceController.java allows any authenticated user to query the online status, device information, an...

0.0028EPSS
Exploits1References3
CNNVD
CNNVD
added 2025/12/19 12:0 a.m.6 views

turms 安全漏洞

turms is an instant messaging engine from turms-im open source. A security vulnerability exists in turms v0.10.0-SNAPSHOT and prior versions, which stems from improper access control in the user online status query function and could lead to information disclosure...

6.5CVSS6.4AI score0.0028EPSS
Exploits1References4
CVE
CVE
added 2025/12/19 12:0 a.m.12 views

CVE-2025-66911

Turms IM Server prior to 0.10.0-SNAPSHOT is affected by a broken access control vulnerability in the user online status query function. The handleQueryUserOnlineStatusesRequest() in UserServiceController.java lets any authenticated user query the online status, device information, and login times...

6.5CVSS6.4AI score0.0028EPSS
Exploits1References3Affected Software1
OSV
OSV
added 2025/12/19 12:0 a.m.6 views

CVE-2025-66911

Turms IM Server v0.10.0-SNAPSHOT and earlier contains a broken access control vulnerability in the user online status query functionality. The handleQueryUserOnlineStatusesRequest method in UserServiceController.java allows any authenticated user to query the online status, device information, an...

6.5CVSS6.6AI score0.0028EPSS
Exploits1References5
Tenable Nessus
Tenable Nessus
added 2025/05/05 12:0 a.m.4 views

Device Status Query Detected (Critical)

A status query has been sent to the device, which might indicate a reconnaissance activity. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL 80900 C Tenable, Inc. include'compat.inc'; if description scriptid503185...

5.3AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2025/05/05 12:0 a.m.1 views

Device Status Query Detected (Medium)

A status query has been sent to the device, which might indicate a reconnaissance activity. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL 80900 C Tenable, Inc. include'compat.inc'; if description scriptid503183...

5.3AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2025/05/05 12:0 a.m.4 views

Device Status Query Detected (Low)

A status query has been sent to the device, which might indicate a reconnaissance activity. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL 80900 C Tenable, Inc. include'compat.inc'; if description scriptid503182...

5.3AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2025/05/05 12:0 a.m.1 views

Device Status Query Detected (High)

A status query has been sent to the device, which might indicate a reconnaissance activity. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL 80900 C Tenable, Inc. include'compat.inc'; if description scriptid503184...

5.3AI score
Exploits0
ATTACKERKB
ATTACKERKB
added 2023/06/07 9:15 p.m.2 views

CVE-2023-31114

An issue was discovered in the Shannon RCS component in Samsung Exynos Modem 5123 and 5300. Incorrect resource transfer between spheres can cause unintended querying of the SIM status via a crafted application...

9.1CVSS5.9AI score0.0056EPSS
Exploits0References2
IBM Security Bulletins
IBM Security Bulletins
added 2022/06/16 12:15 p.m.32 views

Security Bulletin: IBM WebSphere Application Server Liberty for IBM i is vulnerable to identity spoofing and port status query (CVE-2022-22475 CVE-2022-22393)

Summary IBM WebSphere Application Server Liberty for IBM i is vulnerable to identity spoofing by an authenticated user and the ability to obtain the status of application server ports as described in the vulnerability details section. IBM i has addressed the CVEs by providing fixes to IBM WebSphe...

6.5CVSS1.7AI score0.00693EPSS
Exploits0Affected Software4
RedHat Linux
RedHat Linux
added 2020/07/21 11:24 a.m.10 views

kernel: heap-based buffer overflow in mwifiex_ret_wmm_get_status function in drivers/net/wireless/marvell/mwifiex/wmm.c

A flaw was found in the Linux kernel. The Marvell mwifiex driver allows a remote WiFi access point to trigger a heap-based memory buffer overflow due to an incorrect memcpy operation. The highest threat from this vulnerability is to data integrity and system availability...

7.1CVSS7.4AI score0.01218EPSS
Exploits0References4
OpenVAS
OpenVAS
added 2006/03/26 12:0 a.m.21 views

Ventrilo Server Malformed Status Query Remote DoS

The remote Ventrilo service can be disabled remotely. Description : A malicious user can crash the remote version of Ventrilo due to a vulnerability in the way the server handles malformed status queries. OpenVAS Vulnerability Test $Id: ventrilodos.nasl 6053 2017-05-01 09:02:51Z teissa $...

5CVSS6.6AI score0.07793EPSS
Exploits1References2
OpenVAS
OpenVAS
added 2006/03/26 12:0 a.m.16 views

Ventrilo Server Malformed Status Query Remote DoS

The remote Ventrilo service can be disabled remotely. SPDX-FileCopyrightText: 2005 Josh Zlatin-Amishav Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

5CVSS6.9AI score0.07793EPSS
Exploits1References3
Tenable Nessus
Tenable Nessus
added 2005/09/19 12:0 a.m.37 views

Ventrilo Server Malformed Status Query Remote DoS

A malicious user can crash the remote version of Ventrilo due to a vulnerability in the way the server handles malformed status queries. Josh Zlatin-Amishav and Boaz Shatz GPLv2 include"compat.inc"; ifdescription scriptid19757; scriptversion "1.17"; scriptcveid"CVE-2005-2719"; scriptbugtraqid1464...

5CVSS5.5AI score0.07793EPSS
Exploits1References2
Rows per page
Query Builder