Lucene search
+L

9 matches found

euvd
euvd
added 2025/10/07 12:30 a.m.4 views

EUVD-2019-4913

Malware in sbrugna...

7.5CVSS7.6AI score0.00934EPSS
Exploits0References3
prion
prion
added 2022/06/15 7:15 p.m.19 views

Design/Logic Flaw

Rundeck is an open source automation service with a web console, command line tools and a WebAPI. The Key Storage converter plugin mechanism was not enabled correctly in Rundeck 4.2.0 and 4.2.1, resulting in use of the encryption layer for Key Storage possibly not working. Any credentials created...

5CVSS7.7AI score0.00634EPSS
Exploits0References1Affected Software1
cnvd
cnvd
added 2022/03/18 12:0 a.m.33 views

Rapid7 Nexpose has an unspecified vulnerability (CNVD-2022-21218)

Rapid7 Nexpose is a set of vulnerability management software from Rapid7, Inc. that can use the scan results to deeply probe the network. The software supports scanning configuration environments for errors, vulnerabilities, malware, etc. Rapid7 Nexpose 6.6.129 and previous versions have a securi...

6.1CVSS3.1AI score0.0042EPSS
Exploits0References1
veracode
veracode
added 2021/12/22 3:11 a.m.18 views

Cross-site Scripting (XSS)

pimcore/pimcore is vulnerable to cross-site scripting. The vulnerability exists due to the lack of sanitization of text-values in the getTranslationColumnRenderer function...

9CVSS1.7AI score0.00877EPSS
Exploits1References4Affected Software1
cnvd
cnvd
added 2021/09/02 12:0 a.m.19 views

Pimcore Cross-Site Scripting Vulnerability (CNVD-2021-93906)

Pimcore is a comprehensive open source enterprise platform for master data management PIM/MDM, user experience management CMS/UX, digital asset management DAM, and e-commerce. cross-site scripting vulnerabilities exist in versions of Pimcore prior to 10.1.2. The vulnerability stems from text valu...

8CVSS2.3AI score0.00781EPSS
Exploits0References1
github
github
added 2021/09/01 6:22 p.m.37 views

Improper Neutralization of Text-Values in Object Version Preview

Text-values were not properly escaped before printed in the version preview. This allowed XSS by authenticated users with access to the resources...

8CVSS5.1AI score0.00781EPSS
Exploits0References4Affected Software1
osv
osv
added 2021/09/01 6:22 p.m.16 views

GHSA-W6J8-JC36-X5Q9 Improper Neutralization of Text-Values in Object Version Preview

Text-values were not properly escaped before printed in the version preview. This allowed XSS by authenticated users with access to the resources...

8CVSS6.1AI score0.00781EPSS
Exploits0References4
nvd
nvd
added 2019/08/13 3:15 p.m.20 views

CVE-2019-13419

Search Guard versions before 23.1 had an issue that for aggregations clear text values of anonymised fields were leaked...

7.5CVSS7.6AI score0.00934EPSS
Exploits0References2
cvelist
cvelist
added 2019/08/13 2:28 p.m.27 views

CVE-2019-13419

Search Guard versions before 23.1 had an issue that for aggregations clear text values of anonymised fields were leaked...

7.6AI score0.00934EPSS
Exploits0References2
Rows per page
Query Builder