CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

10 matches found

EUVD•added 2025/10/07 12:30 a.m.•2 views

EUVD-2012-4142

Malware in sbrugna...

4CVSS6.1AI score0.00183EPSS

Exploits1References5

Tenable Nessus•added 2024/12/02 12:0 a.m.•13 views

FreeBSD : zabbix -- SQL injection in user.get API (f0d33375-b0e0-11ef-a724-b42e991fc52e)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the f0d33375-b0e0-11ef-a724-b42e991fc52e advisory. [email protected] reports: A non-admin user account on the Zabbix frontend with the default User role...

9.9CVSS8.6AI score0.91398EPSS

Exploits13References3

seebug.org•added 2012/11/19 12:0 a.m.•34 views

Bugzilla User.get()组信息泄露漏洞

BUGTRAQ ID: 56504 CVE ID: CVE-2012-4198 Bugzilla是一个开源的缺陷跟踪系统，它可以管理软件开发中缺陷的提交，修复，关闭等整个生命周期。 Bugzilla用'groups'参数调用 User.get 方法，根据是否有错误，可泄露组的存在信息。如果用户调用不属于这些组的User.get 方法，也会出现错误。 0 Mozilla Bugzilla 4.x Mozilla Bugzilla 3.x 厂商补丁： Mozilla ------- 目前厂商已经发布了升级补丁3.6.12, 4.0.9, 4.2.4, 4.4rc1...

4CVSS0.3AI score0.00183EPSS

Exploits1

NVD•added 2012/11/16 12:24 p.m.•14 views

CVE-2012-4198

The User.get method in Bugzilla/WebService/User.pm in Bugzilla 3.7.x and 4.0.x before 4.0.9, 4.1.x and 4.2.x before 4.2.4, and 4.3.x and 4.4.x before 4.4rc1 has a different outcome for a groups request depending on whether a group exists, which allows remote authenticated users to discover privat...

4CVSS6AI score0.00183EPSS

Exploits1References3

NVD•added 2012/11/16 12:24 p.m.•20 views

CVE-2012-5884

The User.get method in Bugzilla/WebService/User.pm in Bugzilla 4.3.2 allows remote attackers to obtain sensitive information about the saved searches of arbitrary users via an XMLRPC request or a JSONRPC request, a different vulnerability than CVE-2012-4198...

5CVSS6.1AI score0.0026EPSS

Exploits0References3