Lucene search
+L

41 matches found

OSV
OSV
added 2025/05/08 12:15 p.m.4 views

UBUNTU-CVE-2025-3506

Files to be deployed with agents are accessible without authentication in Checkmk 2.1.0, Checkmk 2.2.0, Checkmk 2.3.0 and Checkmk 2.4.0b6 allows attacker to access files that could contain secrets...

6.3CVSS5.8AI score0.00275EPSS
Exploits0References2
OSV
OSV
added 2025/03/20 12:34 p.m.9 views

CLSA-2025-1742474086 bind: Fix of CVE-2022-3094

CVE-2022-3094: fix resources exhaustion issue caused by flood of dynamic DNS updates...

7.5CVSS7.1AI score0.13108EPSS
Exploits0References1
Github Security Blog
Github Security Blog
added 2025/03/20 12:32 p.m.9 views

Aim allows denial of service due to no timeouts for some tracking server endpoints

In version 3.23.0 of aimhubio/aim, certain methods that request data from external servers do not have set timeouts, causing the server to wait indefinitely for a response. This can lead to a denial of service, as the tracking server does not respond to other requests while waiting. The issue...

7.5CVSS6.9AI score0.00446EPSS
Exploits1References4Affected Software1
Rosalinux
Rosalinux
added 2025/02/15 10:9 p.m.14 views

Advisory ROSA-SA-2025-2689

Software: scipy 1.0.0 OS: ROSA Virtualization 3.0 packageevrstring: scipy-1.0.0-21.0.2 CVE-ID: CVE-2023-29824 BDU-ID: 2024-07432 CVE-Crit: CRITICAL. CVE-DESC.: A vulnerability in the PyFindObjects function of the PyFindObjects library for the open source Python programming language scipy is relat...

9.8CVSS9.5AI score0.01334EPSS
Exploits1
Patchstack
Patchstack
added 2024/11/04 9:2 a.m.5 views

WordPress WP Visual Adverts plugin <= 2.3.0 - Reflected Cross Site Scripting (XSS) vulnerability

Reflected Cross Site Scripting XSS vulnerability discovered by João Pedro Soares de Alcântara - Kinorth Patchstack Alliance in WordPress Plugin WP Visual Adverts versions = 2.3.0...

7.1CVSS6.1AI score0.00259EPSS
Exploits0Affected Software1
CNNVD
CNNVD
added 2023/09/25 12:0 a.m.7 views

Docker Desktop Security Vulnerabilities

Docker Desktop is a container technology-based desktop software for lightweight deployment of applications from the U.S. company Docker. The product provides a desktop environment that supports creating a container lightweight virtual machine and deploying and running applications on...

8.8CVSS6.7AI score0.00225EPSS
Exploits0References2
OSV
OSV
added 2023/08/08 10:15 a.m.7 views

CVE-2023-38679

A vulnerability has been identified in Tecnomatix Plant Simulation V2201 All versions V2201.0008, Tecnomatix Plant Simulation V2302 All versions V2302.0002. The affected application contains an out of bounds write past the end of an allocated buffer while parsing a specially crafted SPP file. Thi...

7.8CVSS7.4AI score0.00222EPSS
Exploits0References1
OSV
OSV
added 2023/07/11 8:15 a.m.4 views

CVE-2023-35781

Cross-Site Request Forgery CSRF vulnerability in LWS Cleaner plugin = 2.3.0 versions...

8.8CVSS7.3AI score0.00248EPSS
Exploits0References1
OSV
OSV
added 2023/06/02 1:15 p.m.5 views

CVE-2023-3058

A vulnerability was found in 07FLY CRM up to 1.2.0. It has been declared as problematic. This vulnerability affects unknown code of the component User Profile Handler. The manipulation leads to cross site scripting. The attack can be initiated remotely. The exploit has been disclosed to the publi...

5.4CVSS3.7AI score0.00564EPSS
Exploits1References3
Positive Technologies
Positive Technologies
added 2022/12/13 12:0 a.m.22 views

PT-2022-26953 · Siemens · Simcenter Star-Ccm+

Name of the Vulnerable Software and Affected Versions: Simcenter STAR-CCM+ versions prior to V2306 Description: A vulnerability has been identified in the affected application, where it improperly assigns file permissions to installation folders. This could allow a local attacker with an...

7.8CVSS7.5AI score0.00206EPSS
Exploits0References4
CNNVD
CNNVD
added 2022/10/10 12:0 a.m.6 views

WordPress plugin WP 2FA 信息泄露漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. An information disclosure vulnerability...

5.9CVSS6AI score0.00747EPSS
Exploits1References2
ATTACKERKB
ATTACKERKB
added 2022/06/15 10:15 p.m.3 views

CVE-2022-30155

Windows Kernel Denial of Service Vulnerability...

7.1CVSS6.7AI score0.04719EPSS
Exploits0References4Affected Software25
Circl
Circl
added 2022/06/08 6:32 p.m.6 views

CVE-2022-30922

creationtimestamp| type| source ---|---|--- 2022-06-08 18:32:46+00:00| seen| https://t.me/cibsecurity/44040...

10CVSS8.7AI score0.01542EPSS
Exploits1References1
Circl
Circl
added 2022/05/17 10:27 p.m.4 views

CVE-2022-30688

creationtimestamp| type| source ---|---|--- 2022-05-17 22:27:47+00:00| seen| https://t.me/cibsecurity/42852...

7.8CVSS7.4AI score0.0041EPSS
Exploits2References1
ATTACKERKB
ATTACKERKB
added 2022/05/13 3:15 p.m.3 views

CVE-2022-30412

Covid-19 Travel Pass Management System v1.0 is vulnerable to SQL Injection via /ctpms/admin/individuals/updatestatus.php?id=...

7.2CVSS7.2AI score0.00929EPSS
Exploits1References2
OSV
OSV
added 2022/04/27 9:15 p.m.3 views

DEBIAN-CVE-2022-24891

ESAPI The OWASP Enterprise Security API is a free, open source, web application security control library. Prior to version 2.3.0.0, there is a potential for a cross-site scripting vulnerability in ESAPI caused by a incorrect regular expression for "onsiteURL" in the antisamy-esapi.xml configurati...

6.1CVSS6AI score0.01688EPSS
Exploits1References1
OSV
OSV
added 2021/10/19 1:15 p.m.6 views

CVE-2021-38478

InHand Networks IR615 Router's Versions 2.3.0.r4724 and 2.3.0.r4870 are vulnerable to an attacker using a traceroute tool to inject commands into the device. This may allow the attacker to remotely run commands on behalf of the device...

9.1CVSS5.8AI score0.01091EPSS
Exploits0References1
OSV
OSV
added 2021/07/06 3:15 p.m.5 views

DEBIAN-CVE-2021-32740

Addressable is an alternative implementation to the URI implementation that is part of Ruby's standard library. An uncontrolled resource consumption vulnerability exists after version 2.3.0 through version 2.7.0. Within the URI template implementation in Addressable, a maliciously crafted templat...

7.5CVSS7.3AI score0.02199EPSS
Exploits0References1
vulnersOsv
vulnersOsv
added 2020/09/25 6:28 p.m.6 views

deep-floorplan (=0.0.0) potentially affected by CVE-2020-15195 via tensorflow-gpu (=2.3.0)

tensorflow-gpu PYPI version =2.3.0 is affected by a known vulnerability. The following packages have a transitive dependency on tensorflow-gpu and may be impacted: - deep-floorplan =0.0.0 Source cves: CVE-2020-15195 Source advisory: OSV:GHSA-63XM-RX5P-XVQR...

8.8CVSS7.2AI score0.00938EPSS
Exploits1
OSV
OSV
added 2020/04/14 11:15 p.m.9 views

AZL-44928 CVE-2020-11760 affecting package OpenEXR 2.3.0-6

An issue was discovered in OpenEXR before 2.4.1. There is an out-of-bounds read during RLE uncompression in rleUncompress in ImfRle.cpp...

5.5CVSS6.7AI score0.01807EPSS
Exploits1References1
Rows per page
Query Builder