Lucene search
K

569 matches found

Positive Technologies
Positive Technologies
added 2022/07/20 12:0 a.m.3 views

PT-2022-21491 · Apple · Macos Monterey +7

Name of the Vulnerable Software and Affected Versions: iOS versions prior to 15.6 iPadOS versions prior to 15.6 macOS Big Sur versions prior to 11.6.8 watchOS versions prior to 8.7 tvOS versions prior to 15.6 macOS Monterey versions prior to 12.5 macOS Catalina versions prior to Security Update...

7.8CVSS6.9AI score0.00311EPSS
Exploits0References12
OSV
OSV
added 2022/07/13 5:15 p.m.5 views

CVE-2022-34358

IBM i 7.2, 7.3, 7.4, and 7.5 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 230516...

5.4CVSS5.4AI score0.00421EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 2022/04/26 5:34 p.m.3 views

mysql: InnoDB unspecified vulnerability (CPU Jul 2021)

Vulnerability in the MySQL Server product of Oracle MySQL component: InnoDB. Supported versions that are affected are 5.7.34 and prior and 8.0.25 and prior. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise MySQL Server...

7.1CVSS7.3AI score0.08216EPSS
Exploits0References4
CNNVD
CNNVD
added 2022/04/04 12:0 a.m.3 views

bVPN 代码问题漏洞

bVPN is a VPN software from the Dutch company bVPN. A security vulnerability exists in bVPN 2.5.1 via a carefully crafted file in the waselvpnserv service path...

7.8CVSS7.6AI score0.00305EPSS
Exploits0References4
Circl
Circl
added 2022/03/25 9:36 p.m.6 views

CVE-2022-25606

creationtimestamp| type| source ---|---|--- 2022-03-25 21:36:56+00:00| seen| https://t.me/cibsecurity/39573...

5.4CVSS5.5AI score0.00544EPSS
Exploits0References1
OSV
OSV
added 2022/03/25 5:15 p.m.3 views

CVE-2022-25582

A stored cross-site scripting XSS vulnerability in the Column module of ClassCMS v2.5 and below allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Add Articles field...

5.4CVSS5.9AI score0.00553EPSS
Exploits1References1
OSV
OSV
added 2022/03/18 6:15 p.m.4 views

ALPINE-CVE-2022-0547

OpenVPN 2.1 until v2.4.12 and v2.5.6 may enable authentication bypass in external authentication plug-ins when more than one of them makes use of deferred authentication replies, which allows an external user to be granted access with only partially correct credentials...

9.8CVSS7.1AI score0.03519EPSS
Exploits0References1
CNNVD
CNNVD
added 2022/03/18 12:0 a.m.6 views

WordPress plugin MaxGalleria 跨站脚本漏洞

WordPress is a set of blogging platform developed by Wordpress Foundation using PHP language. WordPress plugin is a WordPress application plugin. WordPress MaxGalleria plugin version 6.2.5 contains a cross-site scripting vulnerability. An attacker can exploit the vulnerability to execute JavaScri...

4.8CVSS5.7AI score0.0054EPSS
Exploits0References3
OSV
OSV
added 2022/03/03 7:15 p.m.5 views

CVE-2022-23899

MCMS v5.2.5 was discovered to contain a SQL injection vulnerability via search.do in the file /web/MCmsAction.java...

9.8CVSS5.8AI score0.01064EPSS
Exploits1References1
OSV
OSV
added 2022/03/03 7:15 p.m.2 views

CVE-2022-23898

MCMS v5.2.5 was discovered to contain a SQL injection vulnerability via the categoryId parameter in the file IContentDao.xml...

9.8CVSS5.8AI score0.07734EPSS
Exploits1References1
CNNVD
CNNVD
added 2022/03/03 12:0 a.m.7 views

MingSoft Mcms SQL注入漏洞

MingSoft Mcms is China's MingFei MingSoft company's a complete open source J2ee system . A security vulnerability exists in MingSoft Mcms v5.2.5 that allows an attacker to perform a SQL injection attack via the search.do parameter in the file /web/MCmsAction.java. No details of the vulnerability...

9.8CVSS5.8AI score0.01064EPSS
Exploits1References2
ATTACKERKB
ATTACKERKB
added 2022/02/18 8:15 p.m.6 views

CVE-2021-46063

MCMS v5.2.5 was discovered to contain a Server Side Template Injection SSTI vulnerability via the Template Management module...

9.1CVSS7.8AI score0.02731EPSS
Exploits1References2
Debian CVE
Debian CVE
added 2022/02/04 10:32 p.m.3 views

CVE-2022-23580

Tensorflow is an Open Source Machine Learning Framework. During shape inference, TensorFlow can allocate a large vector based on a value from a tensor controlled by the user. The fix will be included in TensorFlow 2.8.0. We will also cherrypick this commit on TensorFlow 2.7.1, TensorFlow 2.6.3, a...

6.5CVSS7AI score0.00821EPSS
Exploits1
PyPA
PyPA
added 2022/02/03 12:15 p.m.6 views

PYSEC-2022-76

Tensorflow is an Open Source Machine Learning Framework. The implementations of SparseCwise ops are vulnerable to integer overflows. These can be used to trigger large allocations so, OOM based denial of service or CHECK-fails when building new TensorShape objects so, assert failures based denial...

6.5CVSS6.9AI score0.01097EPSS
Exploits1References5Affected Software1
Positive Technologies
Positive Technologies
added 2022/02/03 12:0 a.m.4 views

PT-2022-15068 · Google · Tensorflow

Name of the Vulnerable Software and Affected Versions: TensorFlow versions 2.5.3 through 2.7.1 TensorFlow version 2.8.0 is not affected as it includes the fix. Description: The implementation of UnravelIndex is vulnerable to a division by zero caused by an integer overflow bug. This issue can be...

7.1CVSS6.4AI score0.00783EPSS
Exploits1References13
CNNVD
CNNVD
added 2022/01/26 12:0 a.m.3 views

MingSoft MCMS 代码问题漏洞

MingSoft MCMS is a complete open source J2ee system from China's MingSoft. A code issue vulnerability exists in MingSoft MCMS, which stems from a file upload vulnerability in MCMS version =5.2.5. An attacker can exploit this vulnerability to execute arbitrary code remotely...

9.8CVSS8.8AI score0.03111EPSS
Exploits1References2
OSV
OSV
added 2022/01/18 10:15 p.m.5 views

DEBIAN-CVE-2022-21695

OnionShare is an open source tool that lets you securely and anonymously share files, host websites, and chat with friends using the Tor network. In affected versions authenticated users or unauthenticated in public mode can send messages without being visible in the list of chat participants. Th...

5.3CVSS5.9AI score0.00849EPSS
Exploits0References1
OSV
OSV
added 2022/01/18 10:15 p.m.2 views

UBUNTU-CVE-2022-21688

OnionShare is an open source tool that lets you securely and anonymously share files, host websites, and chat with friends using the Tor network. Affected versions of the desktop application were found to be vulnerable to denial of service via an undisclosed vulnerability in the QT image parsing...

7.5CVSS5.9AI score0.00787EPSS
Exploits0References4
CNNVD
CNNVD
added 2021/12/26 12:0 a.m.4 views

Netgear NETGEAR 注入漏洞

Netgear NETGEAR is a router from the American company Netgear. A hardware device that connects two or more networks and acts as a gateway between networks. An injection vulnerability exists in NETGEAR devices that are subject to server-side injection. The following products and versions are...

7.8CVSS7.4AI score0.00335EPSS
Exploits0References1
PyPA
PyPA
added 2021/12/08 12:15 a.m.5 views

PYSEC-2021-439

In Django 2.2 before 2.2.25, 3.1 before 3.1.14, and 3.2 before 3.2.10, HTTP requests for URLs with trailing newlines could bypass upstream access control based on URL paths...

7.5CVSS6.9AI score0.02295EPSS
Exploits0References5Affected Software1
Rows per page
Query Builder