CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

24 matches found

OSV•added 2024/11/15 7:15 p.m.•1 views

CVE-2024-24425

Magma v1.8.0 and OAI EPC Federation v1.20 were discovered to contain an out-of-bounds read in the amfasestablishreq function at /tasks/amf/amfas.cpp. This vulnerability allows attackers to cause a Denial of Service DoS via a crafted NAS packet...

6.5CVSS7.3AI score

Exploits0References3

Cvelist•added 2024/11/15 12:0 a.m.•14 views

CVE-2024-24425

0.00306EPSS

Exploits0References3

CVE•added 2024/11/15 12:0 a.m.•62 views

CVE-2024-24425

CVE-2024-24425 affects Magma v1.8.0 and OpenAirInterface (OAI) EPC Federation v1.20. It is caused by an out-of-bounds read in amf_as_establish_req (file /tasks/amf/amf_as.cpp) that can allow a attacker to trigger a Denial of Service via specially crafted NAS packets. Multiple sources (Red Hat, SU...

6.5CVSS7.1AI score0.00306EPSS

Exploits0References3

OSV•added 2024/08/21 3:11 p.m.•12 views

GO-2022-0620 HashiCorp Vault underlying database had excessively broad filesystem permissions from v1.4.0 until v1.8.0 in github.com/hashicorp/vault

HashiCorp Vault underlying database had excessively broad filesystem permissions from v1.4.0 until v1.8.0 in github.com/hashicorp/vault...

4.4CVSS4.9AI score0.00032EPSS

Exploits0References5

NVD•added 2024/02/27 5:15 p.m.•8 views

CVE-2024-24323

SQL injection vulnerability in linlinjava litemall v.1.8.0 allows a remote attacker to obtain sensitive information via the nickname, consignee, orderSN, orderStatusArray parameters of the AdminOrdercontroller.java component...

7.2CVSS7AI score0.00758EPSS

Exploits1References1

CVE•added 2024/02/27 12:0 a.m.•4049 views

CVE-2024-24323

CVE-2024-24323 is a SQL injection vulnerability affecting linlinjava litemall v.1.8.0. The issue arises in AdminOrdercontroller.java where the nickname, consignee, orderSN, and orderStatusArray parameters can be exploited by an attacker to access sensitive information. Multiple sources (NVD, Red ...

7.2CVSS7.2AI score0.00758EPSS

Exploits1References1Affected Software1

Hacker One•added 2023/06/26 11:46 p.m.•32 views

Kubernetes: Code inject via nginx.ingress.kubernetes.io/permanent-redirect annotation

The nginx.ingress.kubernetes.io/permanent-redirect annotation was not properly sanitized when passed into the nginx configuration, allowing code injection from users able to create ingress objects. This allowed commands to be run on the ingress-nginx-controller pod and the Kubernetes API to be...

8.8CVSS8.3AI score0.10611EPSS

Exploits2

Cvelist•added 2023/03/02 12:0 a.m.•22 views

CVE-2023-26780

CleverStupidDog yf-exam v 1.8.0 is vulnerable to SQL Injection...

9.8AI score0.00233EPSS

Exploits1References2

OSV•added 2022/05/14 2:19 a.m.•8 views

GHSA-2263-JWGM-WV97 Showdoc XSS Vulnerability

ShowDoc v1.8.0 has XSS via a new page...

5.4CVSS5.1AI score0.00191EPSS

Exploits1References3

OSV•added 2021/08/30 5:22 p.m.•27 views

GHSA-23FQ-Q7HC-993R HashiCorp Vault underlying database had excessively broad filesystem permissions from v1.4.0 until v1.8.0

HashiCorp Vault and Vault Enterprise 1.4.0 through 1.7.3 initialized an underlying database file associated with the Integrated Storage feature with excessively broad filesystem permissions. Fixed in Vault and Vault Enterprise 1.8.0...

9.8CVSS4.9AI score0.00032EPSS

Exploits0References4

Github Security Blog•added 2021/08/30 5:22 p.m.•52 views

HashiCorp Vault underlying database had excessively broad filesystem permissions from v1.4.0 until v1.8.0

4.4CVSS5.4AI score0.00032EPSS

Exploits0References4Affected Software1

NVD•added 2020/09/30 6:15 p.m.•12 views

CVE-2020-26042

An issue was discovered in Hoosk CMS v1.8.0. There is a SQL injection vulnerability in install/index.php...

9.8CVSS0.00264EPSS

Exploits1References1

OSV•added 2020/09/30 6:15 p.m.•10 views

CVE-2020-26043

An issue was discovered in Hoosk CMS v1.8.0. There is a XSS vulnerability in install/index.php...

6.1CVSS6AI score0.0024EPSS

Exploits1References1

Prion•added 2020/09/30 6:15 p.m.•9 views

Remote code execution

An issue was discovered in Hoosk CmS v1.8.0. There is an Remote Code Execution vulnerability in install/index.php...

7.5CVSS9.6AI score0.02647EPSS

Exploits1References1Affected Software1

Cvelist•added 2020/09/29 1:45 p.m.•10 views

CVE-2020-26043

An issue was discovered in Hoosk CMS v1.8.0. There is a XSS vulnerability in install/index.php...

6AI score0.0024EPSS

Exploits1References1

CVE•added 2020/09/29 1:43 p.m.•40 views

CVE-2020-26042

CVE-2020-26042 affects Hoosk CMS v1.8.0 with a SQL injection vulnerability in install/index.php. Per the connected NVD record, the issue yields partial confidentiality, partial integrity, and partial availability impacts (CVSS v2 base 7.5, HIGH; CVSS v3.1 base 9.8, CRITICAL). Exploitation details...

9.8CVSS9.7AI score0.00264EPSS

Exploits1References1Affected Software1

Japan Vulnerability Notes•added 2019/09/10 12:0 a.m.•140 views

JVN#74699196: SHIRASAGI vulnerable to open redirect

SHIRASAGI provided by SHIRASAGI Project contains an open redirect vulnerability CWE-601. Impact When accessing a specially crafted URL, the user may be redirected to an arbitrary website. As a result, the user may become a victim of a phishing attack. Solution Update the Software Update to the...

6.1CVSS6.1AI score0.00235EPSS

Exploits0

Prion•added 2018/09/02 6:29 p.m.•10 views

Design/Logic Flaw

ShowDoc v1.8.0 has XSS via a new page...

3.5CVSS5.1AI score0.00191EPSS

Exploits1References1Affected Software1

OSV•added 2018/09/02 6:29 p.m.•18 views

CVE-2018-16342

ShowDoc v1.8.0 has XSS via a new page...

5.4CVSS5.7AI score

Exploits0References1