Lucene search
K

12646 matches found

RedhatCVE
RedhatCVE
added 2025/05/22 10:36 p.m.7 views

CVE-2022-27134

EOSIO batdappboomx v327c04cf has an Access-control vulnerability in the transfer function of the smart contract which allows remote attackers to win the cryptocurrency without paying ticket fee via the std::string memo parameter...

7.5CVSS7AI score0.0201EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/22 10:32 p.m.15 views

CVE-2022-25221

Money Transfer Management System Version 1.0 allows an attacker to inject JavaScript code in the URL and then trick a user into visit the link in order to execute JavaScript code...

6.1CVSS7.1AI score0.00691EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/22 10:31 p.m.14 views

CVE-2022-25222

Money Transfer Management System Version 1.0 allows an unauthenticated user to inject SQL queries in 'admin/maintenance/managebranch.php' and 'admin/maintenance/managefee.php' via the 'id' parameter...

9.8CVSS7.6AI score0.01615EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/22 10:8 p.m.7 views

CVE-2022-29739

Money Transfer Management System 1.0 is vulnerable to SQL Injection via /mtms/admin/?page=user/manageuser=...

9.8CVSS8.1AI score0.01068EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/22 9:46 p.m.5 views

CVE-2022-45526

SQL Injection vulnerability in Future-Depth Institutional Management Website IMS 1.0, allows attackers to execute arbitrary commands via the ad parameter to /adminarea/logintransfer.php...

9.8CVSS8.8AI score0.00953EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/22 9:3 p.m.3 views

CVE-2021-2206

Vulnerability in the Oracle Trade Management product of Oracle E-Business Suite component: Quotes. Supported versions that are affected are 12.1.1-12.1.3 and 12.2.3-12.2.10. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Trade...

8.2CVSS6.5AI score0.00933EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 9:0 p.m.6 views

CVE-2021-20587

Heap-based buffer overflow vulnerability in Mitsubishi Electric FA Engineering Software CPU Module Logging Configuration Tool versions 1.112R and prior, CW Configurator versions 1.011M and prior, Data Transfer versions 3.44W and prior, EZSocket versions 5.4 and prior, FR Configurator all versions...

9.8CVSS9.1AI score0.03663EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 8:53 p.m.5 views

CVE-2021-37614

In certain Progress MOVEit Transfer versions before 2021.0.3 aka 13.0.3, SQL injection in the MOVEit Transfer web application could allow an authenticated remote attacker to gain access to the database. Depending on the database engine being used MySQL, Microsoft SQL Server, or Azure SQL, an...

8.8CVSS7.3AI score0.01496EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 8:51 p.m.4 views

CVE-2021-31986

User controlled parameters related to SMTP notifications are not correctly validated. This can lead to a buffer overflow resulting in crashes and data leakage...

6.8CVSS6.9AI score0.00779EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 8:51 p.m.4 views

CVE-2021-31887

A vulnerability has been identified in APOGEE MBC PPC BACnet All versions, APOGEE MBC PPC P2 Ethernet All versions, APOGEE MEC PPC BACnet All versions, APOGEE MEC PPC P2 Ethernet All versions, APOGEE PXC Compact BACnet All versions = V2.3 and = V2.3 and = V2.3 and = V2.3 and = V2.3 and = V2.3 and...

8.8CVSS7.6AI score0.02371EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 8:47 p.m.6 views

CVE-2021-22704

A CWE-22: Improper Limitation of a Pathname to a Restricted Directory vulnerability exists in Harmony/HMI Products Configured by Vijeo Designer all versions prior to V6.2 SP11 , Vijeo Designer Basic all versions prior to V1.2, or EcoStruxure Machine Expert all versions prior to V2.0 that could...

9.1CVSS6.5AI score0.01282EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 7:53 p.m.6 views

CVE-2021-35448

Emote Interactive Remote Mouse 3.008 on Windows allows attackers to execute arbitrary programs as Administrator by using the Image Transfer Folder feature to navigate to cmd.exe. It binds to local ports to listen for incoming connections...

7.8CVSS7.5AI score0.01045EPSS
Exploits2References1
RedhatCVE
RedhatCVE
added 2025/05/22 7:49 p.m.7 views

CVE-2021-33894

In Progress MOVEit Transfer before 2019.0.6 11.0.6, 2019.1.x before 2019.1.5 11.1.5, 2019.2.x before 2019.2.2 11.2.2, 2020.x before 2020.0.5 12.0.5, 2020.1.x before 2020.1.4 12.1.4, and 2021.x before 2021.0.1 13.0.1, a SQL injection vulnerability exists in SILUtility.vb in MOVEit.DMZ.WebApp in th...

8.8CVSS7.5AI score0.01095EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 7:38 p.m.7 views

CVE-2021-30297

Possible out of bound read due to improper validation of packet length while handling data transfer in VR service in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Wearables...

8.4CVSS7.2AI score0.00146EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 7:38 p.m.8 views

CVE-2021-30278

Improper input validation in TrustZone memory transfer interface can lead to information disclosure in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking...

7.1CVSS7.4AI score0.00145EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 7:8 p.m.10 views

CVE-2021-20793

Untrusted search path vulnerability in the installer of Sony Audio USB Driver V1.10 and prior and the installer of HAP Music Transfer Ver.1.3.0 and prior allows an attacker to gain privileges and execute arbitrary code via a Trojan horse DLL in an unspecified directory...

7.8CVSS7.9AI score0.00315EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 6:55 p.m.5 views

CVE-2021-46561

controller/org.controller/org.controller.js in the CVE Services API 1.1.1 before 5c50baf3bda28133a3bc90b854765a64fb538304 allows an organizational administrator to transfer a user account to an arbitrary new organization, and thereby achieve unintended access within the context of that new...

7.2CVSS6.9AI score0.00836EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2025/05/22 6:40 p.m.16 views

CVE-2021-38159

In certain Progress MOVEit Transfer versions before 2021.0.4 aka 13.0.4, SQL injection in the MOVEit Transfer web application could allow an unauthenticated remote attacker to gain access to the database. Depending on the database engine being used MySQL, Microsoft SQL Server, or Azure SQL, an...

9.8CVSS8.1AI score0.01891EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 6:20 p.m.8 views

CVE-2021-22572

On unix-like systems, the system temporary directory is shared between all users on that system. The root cause is File.createTempFile creates files in the the system temporary directory with world readable permissions. Any sensitive information written to theses files is visible to all other loc...

5.5CVSS6.3AI score0.00128EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 5:54 p.m.5 views

CVE-2020-7659

reel through 0.6.1 allows Request Smuggling attacks due to incorrect Content-Length and Transfer encoding header parsing. It is possible to conduct HTTP request smuggling attacks by sending the Content-Length header twice. Furthermore, invalid Transfer Encoding headers were found to be parsed as...

7.5CVSS6.8AI score0.01334EPSS
Exploits0References1
Rows per page
Query Builder