Lucene search
+L

6 matches found

Positive Technologies
Positive Technologies
added 2025/01/01 12:0 a.m.4 views

PT-2025-52599

Name of the Vulnerable Software and Affected Versions PHP versions 8.1.0 through 8.1.33 PHP versions 8.2.0 through 8.2.29 PHP versions 8.3.0 through 8.3.28 PHP versions 8.4.0 through 8.4.15 PHP versions 8.5.0 Description When using the PDO PostgreSQL driver with PDO::ATTR EMULATE PREPARES enabled...

8.2CVSS6.6AI score0.00573EPSS
Exploits4References106
Positive Technologies
Positive Technologies
added 2024/05/07 12:0 a.m.4 views

PT-2024-25513 · Logpoint · Logpoint

Name of the Vulnerable Software and Affected Versions: Logpoint versions prior to 7.4.0 Description: A path injection issue is present when adding a CSV enrichment source. The source name parameter can be modified to an absolute path, allowing the CSV file to be written to that path inside the /t...

5.3CVSS7.4AI score0.00487EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2024/02/13 12:0 a.m.8 views

PT-2024-20529 · Typo3 Cms +1 · Typo3/Cms +1

Name of the Vulnerable Software and Affected Versions: sf event mgt versions prior to 7.4.0 Description: The existing access control check for events in the backend module of sf event mgt, an event management and registration extension for the TYPO3 CMS, got broken during the update to TYPO3 12.4...

8.8CVSS5AI score0.00485EPSS
Exploits0References8
NCSC
NCSC
added 2022/04/20 12:0 a.m.10 views

Vulnerabilities fixed in Liferay

Vulnerabilities have been fixed in Liferay Portal versions 7.3.3 through through 7.4.1. The vulnerabilities allow a malicious party to perform a Cross-Site Scripting attack or unintentionally view the list of groups and sites used within the portal. Liferay has made updates available for Liferay...

5.4CVSS6.5AI score0.00731EPSS
Exploits0
Elastic
Elastic
added 2019/10/23 4:7 p.m.12 views

Elastic Stack 7.4.1 security update

Logstash Beats input denial of service flaw ESA-2019-14 A denial of service flaw was found in the Logstash beats input plugin. An unauthenticated user who is able to connect to the port the Logstash beats input could send a specially crafted network packet that would cause Logstash to stop...

7.5CVSS6.7AI score0.0208EPSS
Exploits0
Elastic
Elastic
added 2019/10/23 4:2 p.m.14 views

Elastic Stack 6.8.4 security update

Elasticsearch username disclosure flaw ESA-2019-13 A username disclosure flaw was found in Elasticsearch’s API Key service. An unauthenticated attacker could send a specially crafted request and determine if a username exists in the Elasticsearch native realm. Affected Versions The following...

7.5CVSS6.5AI score0.02429EPSS
Exploits0
Rows per page
Query Builder