Lucene search
K

9 matches found

EUVD
EUVD
added 2026/05/25 2:58 p.m.16 views

EUVD-2026-31696

Improper Isolation or Compartmentalization vulnerability in Apache Syncope. An administrator with adequate entitlements for Implementations can create a malicious Groovy class containing untrusted code reaching a non-sandboxed execution path via the class static initializer. This issue affects...

6AI score0.00652EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/05/25 2:58 p.m.12 views

CVE-2026-42782

Improper Isolation or Compartmentalization vulnerability in Apache Syncope. An administrator with adequate entitlements for Implementations can create a malicious Groovy class containing untrusted code reaching a non-sandboxed execution path via the class static initializer. This issue affects...

6AI score0.00652EPSS
Exploits0References2Affected Software1
Positive Technologies
Positive Technologies
added 2026/05/25 12:0 a.m.20 views

PT-2026-43078

Name of the Vulnerable Software and Affected Versions Apache Syncope versions 3.0 through 3.0.16 Apache Syncope versions 4.0 through 4.0.5 Apache Syncope version 4.1.0 Description Improper Isolation or Compartmentalization allows an administrator with sufficient entitlements for Implementations t...

7.2CVSS6.2AI score0.00652EPSS
Exploits0References6
OSV
OSV
added 2025/07/15 3:31 p.m.3 views

GHSA-36WV-V2QP-V4G4 Apache CXF is vulnerable to DoS attacks as entire files are read into memory and logged

Apache CXF stores large stream based messages as temporary files on the local filesystem. A bug was introduced which means that the entire temporary file is read into memory and then logged. An attacker might be able to exploit this to cause a denial of service attack by causing an out of memory...

5.6CVSS6.7AI score0.00624EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2024/03/20 12:0 a.m.6 views

PT-2024-2426 · Unknown · Jupyter Server Proxy

Name of the Vulnerable Software and Affected Versions: Jupyter Server Proxy versions prior to 3.2.3 Jupyter Server Proxy versions prior to 4.1.1 Description: The issue is related to the lack of proper user authentication when proxying websockets in Jupyter Server Proxy. This allows unauthenticate...

9.8CVSS8.3AI score0.01021EPSS
Exploits0References17
Positive Technologies
Positive Technologies
added 2023/01/02 12:0 a.m.17 views

PT-2023-10188 · Unknown · Interchange

Name of the Vulnerable Software and Affected Versions: nterchange versions up to 4.1.0 Description: A critical issue affects the function getContent of the file app/controllers/code caller controller.php. The manipulation of the argument q with the input %5C%27%29;phpinfo%28%29;/ leads to code...

9.8CVSS6.4AI score0.0086EPSS
Exploits0References9
Positive Technologies
Positive Technologies
added 2022/05/17 12:0 a.m.5 views

PT-2022-3224 · Smarty +2 · Smarty +2

Name of the Vulnerable Software and Affected Versions: Smarty versions prior to 3.1.45 Smarty versions 4.0.0 through 4.1.0 Description: The issue is related to incorrect code generation management in the PHP Smarty template engine, allowing a remote attacker to execute arbitrary PHP code. Templat...

9.8CVSS7.3AI score0.82316EPSS
Exploits4References64
Cvelist
Cvelist
added 2022/05/03 3:50 p.m.24 views

CVE-2022-0882 Illegal access to Kernel log in Fuchsia

A bug exists where an attacker can read the kernel log through exposed Zircon kernel addresses without the required capability ZXRSRCKINDROOT. It is recommended to upgrade the Fuchsia kernel to 4.1.1 or greater...

5.3CVSS5.6AI score0.00115EPSS
Exploits1References1
Positive Technologies
Positive Technologies
added 2021/04/06 12:0 a.m.4 views

PT-2021-4536 · Redmine · Redmine

Name of the Vulnerable Software and Affected Versions: Redmine versions 4.0.0 through 4.0.6 Redmine versions 4.1.0 through 4.1.0 Description: The issue is related to stored XSS via textile inline links, which can be exploited by a remote attacker to impact data integrity. The vulnerability is due...

9.8CVSS6AI score0.01737EPSS
Exploits0References39
Rows per page
Query Builder