Lucene search
K

5 matches found

Positive Technologies
Positive Technologies
added 2024/12/16 12:0 a.m.6 views

PT-2024-36252 · Unknown · Vimeography

Name of the Vulnerable Software and Affected Versions: Vimeography versions prior to 2.4.4 Vimeography version 2.4.4 Description: The issue is related to the generation of error messages that contain sensitive information, allowing the retrieval of embedded sensitive data. Recommendations: For...

5.3CVSS7.1AI score0.00553EPSS
Exploits0References3
Snyk
Snyk
added 2024/10/10 12:31 p.m.4 views

Improper Input Validation

Overview magento/community-edition is a modern cloud eCommerce platform. Affected versions of this package are vulnerable to Improper Input Validation through the PHP filter chain. An attacker with administrative privileges can read files from the system outside of the intended directories and...

7.6CVSS6.9AI score0.00852EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2024/01/18 12:0 a.m.6 views

PT-2024-19279 · Nextcloud · Nextcloud Global Site Selector

Name of the Vulnerable Software and Affected Versions: Nextcloud Global Site Selector versions prior to 1.4.1 Nextcloud Global Site Selector versions prior to 2.1.2 Nextcloud Global Site Selector versions prior to 2.3.4 Nextcloud Global Site Selector versions prior to 2.4.5 Description: The...

9.8CVSS9.4AI score0.00755EPSS
Exploits0References8
Snyk
Snyk
added 2023/06/15 9:30 p.m.4 views

Improper Neutralization of Special Elements Used in a Template Engine

Overview magento/community-edition is a modern cloud eCommerce platform. Affected versions of this package are vulnerable to Improper Neutralization of Special Elements Used in a Template Engine due to the improper neutralization of special elements used in a template engine. An attacker can...

9.4CVSS7.8AI score0.01223EPSS
Exploits0References2
Snyk
Snyk
added 2023/06/15 9:30 p.m.3 views

Missing Support for Integrity Check

Overview magento/community-edition is a modern cloud eCommerce platform. Affected versions of this package are vulnerable to Missing Support for Integrity Check due to improper handling of authorization checks. An attacker can bypass security features and access restricted functionalities without...

6.9CVSS7AI score0.00566EPSS
Exploits0References2
Rows per page
Query Builder