CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Passwords of agents and customers are displayed in plain text in the OTRS admin log module if certain configurations regarding the authentication sources match and debugging for the authentication backend has been enabled. This issue affects: OTRS from 7.0.X through 7.0.50 OTRS 8.0.X OTRS 2023.X...

8.2CVSS0.00197EPSS

Exploits0References1

Fedora•added 2024/05/26 1:29 a.m.•11 views

[SECURITY] Fedora 40 Update: rust-uu_echo-0.0.23-3.fc40

echo uutils display TEXT...

7.3AI score

Exploits0

Tenable Nessus•added 2023/11/06 12:0 a.m.•30 views

Rocky Linux 8 : annobin (RLSA-2021:4593)

The remote Rocky Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2021:4593 advisory. - DISPUTED An issue was discovered in the Bidirectional Algorithm in the Unicode Specification through 14.0. It permits the visual reordering of characters via...

8.3CVSS7.6AI score0.24988EPSS

Exploits4References3

Tenable Nessus•added 2023/11/06 12:0 a.m.•37 views

Rocky Linux 8 : gcc-toolset-10-annobin (RLSA-2021:4592)

The remote Rocky Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2021:4592 advisory. - DISPUTED An issue was discovered in the Bidirectional Algorithm in the Unicode Specification through 14.0. It permits the visual reordering of characters via...

8.3CVSS7.6AI score0.24988EPSS

Exploits4References3

Tenable Nessus•added 2023/11/03 12:0 a.m.•33 views

F5 Networks BIG-IP : OpenSSL vulnerability (K21462542)

The version of F5 Networks BIG-IP installed on the remote host is prior to 14.0.0 / 15.0.0. It is, therefore, affected by a vulnerability as referenced in the K21462542 advisory. - While parsing an IPAddressFamily extension in an X.509 certificate, it is possible to do a one-byte overread. This...

5.3CVSS6.4AI score0.3862EPSS

Exploits0References2

0day.today•added 2023/04/14 12:0 a.m.•242 views

Sielco PolyEco Digital FM Transmitter 2.0.6 - Radio Data System POST Manipulation Vulnerability

Exploit Title: Sielco PolyEco Digital FM Transmitter 2.0.6 - Radio Data System POST Manipulation Exploit Author: LiquidWorm Vendor: Sielco S.r.l Product web page: https://www.sielco.org Affected version: PolyEco1000 CPU:2.0.6 FPGA:10.19 PolyEco1000 CPU:1.9.4 FPGA:10.19 PolyEco1000 CPU:1.9.3...

6.8AI score

Exploits0

Japan Vulnerability Notes•added 2022/12/21 5:13 a.m.•1 views

+Message App improper handling of Unicode control characters

Overview +Message App displays text unprocessed, even when control characters are contained, and the text is shown based on Unicode control character's specifications. Therefore, a crafted text may display misleading web links CWE-451. Akaki Tsunoda reported this vulnerability to IPA. JPCERT/CC...

5.4CVSS6.5AI score0.00318EPSS

Exploits0References11

CNVD•added 2022/07/06 12:0 a.m.•20 views

WordPress WP Contact Slider plugin cross-site scripting vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting...

4.8CVSS4.8AI score0.00206EPSS

Exploits2References1

OSV•added 2021/11/01 4:15 a.m.•2 views

CVE-2021-42574

An issue was discovered in the Bidirectional Algorithm in the Unicode Specification through 14.0. It permits the visual reordering of characters via control sequences, which can be used to craft source code that renders different logic than the logical ordering of tokens ingested by compilers and...

8.3CVSS8.4AI score

Exploits0References18

UbuntuCve•added 2021/11/01 4:15 a.m.•61 views

CVE-2021-42574

8.3CVSS7AI score0.24988EPSS

Exploits4References5

AlpineLinux•added 2021/11/01 12:0 a.m.•69 views

CVE-2021-42574

8.3CVSS8.7AI score0.24988EPSS

Exploits4

Rosalinux•added 2021/07/02 5:27 p.m.•25 views

Advisory ROSA-SA-2021-1913

Software: mailman 2.1.15 OS: Cobalt 7.9 CVE-ID: CVE-2016-6893 CVE-Crit: HIGH CVE-DESC: A cross-site request forgery CSRF vulnerability in the user parameter page in GNU Mailman 2.1.x through 2.1.23 allows remote attackers to intercept arbitrary user authentication for requests that modify a...

8.8CVSS6.6AI score0.07993EPSS

Exploits4

CNNVD•added 2021/03/30 12:0 a.m.•2 views

Ovidentia SQL注入漏洞

Ovidentia is an open source content management system and multi-user collaboration platform . It is written in PHP , and uses MYSQL as its database . It can be simple and easy to integrate a content can be published on the WEB environment or a portal component of the company , organization ,...

5.5CVSS6AI score0.00188EPSS

Exploits1References3

Tenable Nessus•added 2021/01/20 12:0 a.m.•94 views

EulerOS 2.0 SP3 : mailman (EulerOS-SA-2021-1096)

According to the versions of the mailman package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - Cross-site scripting vulnerability in Mailman 2.1.26 and earlier allows remote authenticated attackers to inject arbitrary web script or HTML vi...

6.5CVSS6.4AI score0.07993EPSS

Exploits1References6

Amazon•added 2020/10/27 12:0 a.m.•33 views

Medium: mailman

Issue Overview: A cross-site scripting vulnerability XSS has been discovered in mailman due to the hostname field not being properly validated. A malicious list owner could use this flaw to create a specially crafted list and inject client-side scripts. CVE-2018-0618 An issue was discovered in GN...

6.5CVSS6.5AI score0.00725EPSS

Exploits0