Lucene search
K

67 matches found

Cvelist
Cvelist
added 2025/04/10 1:19 p.m.16 views

CVE-2023-43037 IBM Maximo Application Suite improper access control

IBM Maximo Application Suite 8.11 and 9.0 could allow an authenticated user to perform unauthorized actions due to improper input validation...

6.5CVSS0.0029EPSS
Exploits0References1
NVD
NVD
added 2025/02/13 4:16 p.m.15 views

CVE-2025-24903

libsignal-service-rs is a Rust version of the libsignal-service-java library which implements the core functionality to communicate with Signal servers. Prior to commit 82d70f6720e762898f34ae76b0894b0297d9b2f8, any contact may forge a sync message, impersonating another device of the local user...

8.5CVSS0.00171EPSS
Exploits0References2
Patchstack
Patchstack
added 2025/01/09 7:51 a.m.4 views

WordPress PostLists plugin <= 2.0.2 - Reflected XSS vulnerability

Reflected XSS vulnerability discovered by Bob Matyas in WordPress Plugin PostLists versions = 2.0.2...

4.2CVSS6.4AI score0.0027EPSS
Exploits1References1Affected Software1
Patchstack
Patchstack
added 2024/12/05 10:20 p.m.5 views

WordPress ABCBiz Addons and Templates for Elementor plugin <= 2.0.2 - Stored Cross Site Scripting (XSS) vulnerability

Stored Cross Site Scripting XSS vulnerability discovered by Gab Patchstack Alliance in WordPress Plugin ABCBiz Addons and Templates for Elementor versions = 2.0.2...

6.5CVSS5.8AI score0.00334EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2024/11/18 9:31 p.m.5 views

WordPress WordPress GDPR plugin <= 2.0.2 - Unauthenticated Stored Cross-Site Scripting vulnerability

Unauthenticated Stored Cross-Site Scripting vulnerability discovered by István Márton in WordPress Plugin WordPress GDPR & CCPA versions = 2.0.2...

7.2CVSS5.8AI score0.003EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2024/11/18 10:29 a.m.5 views

WordPress LGPD Framework plugin <= 2.0.2 - Reflected Cross Site Scripting (XSS) vulnerability

Reflected Cross Site Scripting XSS vulnerability discovered by SOPROBRO Patchstack Alliance in WordPress Plugin LGPD Framework versions = 2.0.2...

7.1CVSS6.1AI score0.00339EPSS
Exploits0Affected Software1
CNNVD
CNNVD
added 2024/10/22 12:0 a.m.5 views

Liferay Portal和Liferay DXP 跨站请求伪造漏洞

Liferay Portal and Liferay DXP are both products of Liferay, Inc.Liferay Portal is a J2EE-based portal solution. The solution uses technologies such as EJB as well as JMS, and can be used as a Web publishing and sharing workspace, enterprise collaboration platform, social network, etc. Liferay DX...

8.8CVSS7.1AI score0.00342EPSS
Exploits0References2
Amazon
Amazon
added 2023/10/17 12:0 a.m.24 views

Important: dotnet6.0

Issue Overview: The HTTP/2 protocol allows a denial of service server resource consumption because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023. CVE-2023-44487 Affected Packages: dotnet6.0 Issue Correction: Run dnf update dotnet6.0...

7.5CVSS7.5AI score0.99999EPSS
Exploits19
Positive Technologies
Positive Technologies
added 2023/07/25 12:0 a.m.6 views

PT-2023-25220 · Iq Wifi 6 · Iq Wifi 6

Name of the Vulnerable Software and Affected Versions: IQ Wifi 6 versions prior to 2.0.2 Description: An unauthorized user could gain account access by conducting a brute force authentication attack. Recommendations: For IQ Wifi 6 versions prior to 2.0.2, update to version 2.0.2 or later to resol...

9.8CVSS9.5AI score0.00447EPSS
Exploits0References5
Vulnrichment
Vulnrichment
added 2023/07/24 3:19 p.m.12 views

CVE-2023-3640 Kernel: x86/mm: a per-cpu entry area leak was identified through the init_cea_offsets function when prefetchnta and prefetcht2 instructions being used for the per-cpu entry area mapping to the user space

A possible unauthorized memory access flaw was found in the Linux kernel's cpuentryarea mapping of X86 CPU data to memory, where a user may guess the location of exception stacks or other important data. Based on the previous CVE-2023-0597, the 'Randomize per-cpu entry area' feature was implement...

7CVSS7.3AI score0.00719EPSS
Exploits1References3
Vulnrichment
Vulnrichment
added 2023/04/11 7:13 p.m.13 views

CVE-2023-21769 Microsoft Message Queuing (MSMQ) Denial of Service Vulnerability

...

7.5CVSS7.6AI score0.91524EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2023/01/16 12:0 a.m.4 views

PT-2023-10236 · Little Apps · Little Apps Little Software Stats

Name of the Vulnerable Software and Affected Versions: Little Apps Little Software Stats versions prior to 0.2 Description: A critical issue was found in the Password Reset Handler component, specifically in the file inc/class.securelogin.php, leading to improper access controls. The complexity o...

9.8CVSS5AI score0.00643EPSS
Exploits0References7
OSV
OSV
added 2022/07/21 6:15 p.m.5 views

CVE-2022-33198

Unauthenticated WordPress Options Change vulnerability in Biplob Adhikari's Accordions plugin = 2.0.2 at WordPress...

5.3CVSS5.8AI score0.02654EPSS
Exploits0References2
CNNVD
CNNVD
added 2022/05/25 12:0 a.m.31 views

HashiCorp go-getter 命令注入漏洞

HashiCorp go-getter is a library for HashiCorp's Go golang for downloading files or directories from various sources using URLs as the primary form of input. A command injection vulnerability exists in HashiCorp go-getter version 2.0.2 and prior versions, which stems from the presence of a comman...

9.8CVSS7AI score0.01525EPSS
Exploits0References24
OSV
OSV
added 2021/12/26 12:15 a.m.5 views

CVE-2021-37570

MediaTek microchips, as used in NETGEAR devices through 2021-11-11 and other devices, mishandle IEEE 1905 protocols. Affected Chipsets MT7603E, MT7613, MT7615, MT7622, MT7628, MT7629, MT7915; Affected Software Versions 2.0.2; Out-of-bounds read...

7.5CVSS5.8AI score0.01118EPSS
Exploits0References2
OSV
OSV
added 2021/12/26 12:15 a.m.4 views

CVE-2021-37569

MediaTek microchips, as used in NETGEAR devices through 2021-11-11 and other devices, mishandle IEEE 1905 protocols. Affected Chipsets MT7603E, MT7613, MT7615, MT7622, MT7628, MT7629, MT7915; Affected Software Versions 2.0.2; Out-of-bounds write...

8.8CVSS5.8AI score0.01197EPSS
Exploits0References2
OSV
OSV
added 2021/05/19 11:34 a.m.8 views

SUSE-SU-2021:1637-1 Security update for python-httplib2

This update for python-httplib2 contains the following fixes: Security fixes included in this update: - CVE-2021-21240: Fixed a regular expression denial of service via malicious header bsc1182053. - CVE-2020-11078: Fixed an issue where an attacker could change request headers and body bsc1171998...

7.5CVSS6.8AI score0.03876EPSS
Exploits1References5
CNNVD
CNNVD
added 2021/01/13 12:0 a.m.7 views

IBM Security Guardium Insights 信息泄露漏洞

IBM Security Guardium Insights is a modern hybrid cloud data security hub designed to provide a reliable view of an organization's data security and compliance posture. An information disclosure vulnerability exists in IBM Security Guardium Insights 2.0.2. A remote attacker could exploit this...

5.3CVSS6.1AI score0.01284EPSS
Exploits0References4
OSV
OSV
added 2020/05/15 7:15 p.m.3 views

DEBIAN-CVE-2020-12872

yawsconfig.erl in Yaws through 2.0.2 and/or 2.0.7 loads obsolete TLS ciphers, as demonstrated by ones that allow Sweet32 attacks, if running on an Erlang/OTP virtual machine with a version less than 21.0...

5.5CVSS6.1AI score0.00389EPSS
Exploits1References1
Positive Technologies
Positive Technologies
added 2020/04/27 12:0 a.m.5 views

PT-2020-10763 · Trustwave +1 · Opendmarc +1

Name of the Vulnerable Software and Affected Versions: OpenDMARC versions 1.3.2 and 1.4.x Description: The issue allows attacks to bypass SPF and DMARC authentication when the HELO field is inconsistent with the MAIL FROM field, specifically when OpenDMARC is used with pypolicyd-spf 2.0.2...

9.8CVSS9.4AI score0.02658EPSS
Exploits1References17
Rows per page
Query Builder