CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

19 matches found

EUVD•added 2025/10/07 12:30 a.m.•2 views

EUVD-2020-13382

Malware in sbrugna...

6.1CVSS6.3AI score0.0033EPSS

Exploits1References2

RedhatCVE•added 2025/05/22 4:29 p.m.•4 views

CVE-2020-20597

A cross-site scripting XSS vulnerability in the potrtalItemName parameter in \web\PortalController.java of lemon V1.10.0 allows attackers to execute arbitrary web scripts or HTML...

6.1CVSS6AI score0.0033EPSS

Exploits1

NVD•added 2023/11/16 6:15 p.m.•9 views

CVE-2023-48053

Archery v1.10.0 uses a non-random or static IV for Cipher Block Chaining CBC mode in AES encryption. This vulnerability can lead to the disclosure of information and communications...

7.5CVSS0.00155EPSS

Exploits0References1

OSV•added 2023/11/16 6:15 p.m.•13 views

CVE-2023-48053

Archery v1.10.0 uses a non-random or static IV for Cipher Block Chaining CBC mode in AES encryption. This vulnerability can lead to the disclosure of information and communications...

7.5CVSS6.6AI score

Exploits0References1

CNNVD•added 2023/11/16 12:0 a.m.•2 views

Archery Security Vulnerabilities

Archery is an open source set of vulnerability assessment and management tools. A security vulnerability exists in Archery version v1.10.0 that stems from the use of non-random or static IVs for Cipher Block Linking CBC mode in AES encryption, which could lead to information and communication...

7.5CVSS6.5AI score0.00155EPSS

Exploits0References2

Cvelist•added 2023/11/16 12:0 a.m.•13 views

CVE-2023-48053

Archery v1.10.0 uses a non-random or static IV for Cipher Block Chaining CBC mode in AES encryption. This vulnerability can lead to the disclosure of information and communications...

7.5AI score0.00155EPSS

Exploits0References1

Vulnrichment•added 2023/11/16 12:0 a.m.•7 views

CVE-2023-48053

Archery v1.10.0 uses a non-random or static IV for Cipher Block Chaining CBC mode in AES encryption. This vulnerability can lead to the disclosure of information and communications...

6.5AI score0.00155EPSS

Exploits0References1

Vulnrichment•added 2023/01/30 12:0 a.m.•10 views

CVE-2022-32514

A CWE-287: Improper Authentication vulnerability exists that could allow an attacker to gain control of the device when logging into a web page. Affected Products: C-Bus Network Automation Controller - LSS5500NAC Versions prior to V1.10.0, Wiser for C-Bus Automation Controller - LSS5500SHAC...

9.8CVSS9.7AI score0.0046EPSS

Exploits0References1

Prion•added 2022/10/24 2:15 p.m.•13 views

Stack overflow

A stack-based buffer overflow vulnerability in a subfunction of the Loginhandlerfunc function of spxrestservice allows an attacker to execute arbitrary code with the same privileges as the server user root. This issue affects: Lanner Inc IAC-AST2500A standard firmware version 1.10.0...

7.5CVSS9.7AI score0.01373EPSS

Exploits0References2Affected Software1

NVD•added 2021/12/22 11:15 p.m.•9 views

CVE-2020-20597

A cross-site scripting XSS vulnerability in the potrtalItemName parameter in \web\PortalController.java of lemon V1.10.0 allows attackers to execute arbitrary web scripts or HTML...

6.1CVSS0.0033EPSS

Exploits1References1

OSV•added 2021/12/22 11:15 p.m.•7 views

CVE-2020-20598

A cross-site scripting XSS vulnerability in the Editing component of lemon V1.10.0 allows attackers to execute arbitrary web scripts or HTML...

6.1CVSS6AI score

Exploits0References1

NVD•added 2021/12/22 11:15 p.m.•14 views

CVE-2020-20598

A cross-site scripting XSS vulnerability in the Editing component of lemon V1.10.0 allows attackers to execute arbitrary web scripts or HTML...

6.1CVSS0.0033EPSS

Exploits1References1

OSV•added 2021/12/22 11:15 p.m.•10 views

CVE-2020-20597

A cross-site scripting XSS vulnerability in the potrtalItemName parameter in \web\PortalController.java of lemon V1.10.0 allows attackers to execute arbitrary web scripts or HTML...

6.1CVSS6AI score

Exploits0References1

Prion•added 2021/12/22 11:15 p.m.•11 views

Cross site scripting

A cross-site scripting XSS vulnerability in the potrtalItemName parameter in \web\PortalController.java of lemon V1.10.0 allows attackers to execute arbitrary web scripts or HTML...

4.3CVSS6AI score0.0033EPSS

Exploits1References1Affected Software1

Prion•added 2021/12/22 11:15 p.m.•14 views

Cross site scripting

A cross-site scripting XSS vulnerability in the Editing component of lemon V1.10.0 allows attackers to execute arbitrary web scripts or HTML...

4.3CVSS6AI score0.0033EPSS

Exploits1References1Affected Software1

Cvelist•added 2021/12/22 10:40 p.m.•11 views

CVE-2020-20598

A cross-site scripting XSS vulnerability in the Editing component of lemon V1.10.0 allows attackers to execute arbitrary web scripts or HTML...

6AI score0.0033EPSS

Exploits1References1

CVE•added 2021/12/22 10:40 p.m.•39 views

CVE-2020-20598

The vulnerability is in Lemon OA v1.10.0, specifically in the Editing component, where a cross-site scripting (XSS) flaw enables attackers to execute arbitrary web scripts or HTML. Root cause is an XSS in the Editing module; context and exact vulnerable entry points are not detailed in the provid...

6.1CVSS6AI score0.0033EPSS

Exploits1References1Affected Software1

CVE•added 2021/12/22 10:40 p.m.•42 views

CVE-2020-20597

The CVE-2020-20597 entry concerns a cross-site scripting (XSS) vulnerability in Lemon OA version 1.10.0, affecting the potrtalItemName parameter in webPortalController.java. Public descriptions across NVD/Red Hat CNVD/etc confirm the root cause is unescaped user input in that parameter, enabling ...

6.1CVSS6AI score0.0033EPSS

Exploits1References1Affected Software1

Cvelist•added 2019/01/28 3:0 p.m.•11 views

CVE-2019-6986

SPARQL Injection in VIVO Vitro v1.10.0 allows a remote attacker to execute arbitrary SPARQL via the uri parameter, leading to a regular expression denial of service ReDoS, as demonstrated by crafted use of FILTER%20regex in a /individual?uri= request...

7.8AI score0.01079EPSS

Exploits1References3

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by