Lucene search
K

30 matches found

CNNVD
CNNVD
added 2023/02/22 12:0 a.m.4 views

modoboa 跨站脚本漏洞

modoboa is an email hosting and management platform for individual developers. A cross-site scripting vulnerability exists in versions prior to modoboa 2.0.5. An attacker can exploit this vulnerability to perform cross-site scripting attacks...

4.8CVSS4.8AI score0.00494EPSS
Exploits1References3
Circl
Circl
added 2022/12/16 6:37 p.m.4 views

CVE-2022-20503

creationtimestamp| type| source ---|---|--- 2022-12-16 18:37:40+00:00| seen| https://t.me/cibsecurity/54739...

7.8CVSS7.1AI score0.0016EPSS
Exploits0References1
Circl
Circl
added 2022/08/17 2:39 a.m.9 views

CVE-2021-42052

creationtimestamp| type| source ---|---|--- 2022-08-17 02:39:29+00:00| seen| https://t.me/cibsecurity/48268...

7.5CVSS7.4AI score0.00922EPSS
Exploits1References1
OSV
OSV
added 2022/03/04 10:15 p.m.4 views

CVE-2021-27756

"TLS-RSA cipher suites are not disabled in BigFix Compliance up to v2.0.5. If TLS 2.0 and secure ciphers are not enabled then an attacker can passively record traffic and later decrypt it."...

7.5CVSS5.7AI score0.00557EPSS
Exploits0References1
OSV
OSV
added 2021/09/27 3:15 p.m.4 views

CVE-2021-36878

Cross-Site Request Forgery CSRF vulnerability in WordPress uListing plugin versions = 2.0.5 makes it possible for attackers to update settings...

4.3CVSS5.8AI score
Exploits0References2
CNNVD
CNNVD
added 2021/03/12 12:0 a.m.5 views

Sonicwall SMA100 操作系统命令注入漏洞

The SonicWall SMA100 is a secure access gateway appliance from SonicWALL USA. An operating system command injection vulnerability exists in SonicWall SMA100 version 10.2.0.5 and earlier versions, which can be exploited by an authenticated attacker to execute operating system commands on the targe...

9CVSS6AI score0.01849EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2021/02/02 12:0 a.m.4 views

PT-2021-11705 · Harbor · Harbor

Name of the Vulnerable Software and Affected Versions: Harbor versions 2.0 through 2.0.4 Harbor versions 2.1.x through 2.1.1 Description: The catalog's registry API is exposed on an unauthenticated path, allowing bypass of authorization. The vulnerable API endpoint is "GET /v2/ catalog/" which ca...

5.3CVSS7.6AI score0.00722EPSS
Exploits0References13
OSV
OSV
added 2019/10/17 7:15 p.m.3 views

CVE-2019-17119

Multiple SQL injection vulnerabilities in Logs.jsp in WiKID 2FA Enterprise Server through 4.2.0-b2053 allow authenticated users to execute arbitrary SQL commands via the source or subString parameter...

8.8CVSS7.6AI score0.01749EPSS
Exploits3References3
CNVD
CNVD
added 2017/04/26 12:0 a.m.3 views

Serendipity Cross-Site Request Forgery Vulnerability

Serendipity is scalable PHP-powered weblog engine. A cross-site request forgery vulnerability in Serendipity 2.0.5 allows attackers to install any theme via a GET request...

8.8CVSS8.5AI score0.00604EPSS
Exploits0References1
RedHat Linux
RedHat Linux
added 2011/09/01 7:54 p.m.11 views

rsyslog: parseLegacySyslogMsg off-by-two buffer overflow

Stack-based buffer overflow in the parseLegacySyslogMsg function in tools/syslogd.c in rsyslogd in rsyslog 4.6.x before 4.6.8 and 5.2.0 through 5.8.4 might allow remote attackers to cause a denial of service application exit via a long TAG in a legacy syslog message...

5CVSS6AI score0.20759EPSS
Exploits2References5
Rows per page
Query Builder