Lucene search
K

4 matches found

EUVD
EUVD
added 2026/06/01 6:50 p.m.14 views

EUVD-2026-33749

Kiteworks is a private data network PDN. Prior to version 9.3.0, a reflected XSS vulnerability in Kiteworks Secure Data Forms could allow an external attacker to trick a user into executing arbitrary JavaScript code. Upgrade Kiteworks to version 9.3.0 or later to receive a patch...

8.2CVSS5.9AI score0.00289EPSS
Exploits0References1
Snyk
Snyk
added 2026/03/27 12:23 a.m.2 views

Arbitrary File Upload

Overview Affected versions of this package are vulnerable to Arbitrary File Upload via the ApiFormUploadController function. An attacker can upload arbitrary files by manipulating the validationrule parameter to bypass all file type and extension restrictions. Note: This is only exploitable if th...

8.8CVSS6.2AI score0.00507EPSS
Exploits0References2
OSV
OSV
added 2024/01/15 10:15 a.m.8 views

UBUNTU-CVE-2023-50290

Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Apache Solr. The Solr Metrics API publishes all unprotected environment variables available to each Apache Solr instance. Users are able to specify which environment variables to hide, however, the default list is designe...

6.5CVSS5.7AI score0.68665EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2023/09/15 12:0 a.m.10 views

PT-2023-30141

Name of the Vulnerable Software and Affected Versions Saphira Connect versions prior to 9 Description The issue is related to an Incorrect Execution-Assigned Permissions vulnerability, which allows Privilege Escalation in Saphira Connect. Recommendations For versions prior to 9, update to version...

8.8CVSS7.3AI score0.0105EPSS
Exploits0References8
Rows per page
Query Builder