Lucene search
K

14 matches found

RedhatCVE
RedhatCVE
added 2025/05/22 3:51 p.m.7 views

CVE-2020-18451

Cross Site Scripting XSS vulnerability exists in DamiCMS v6.0.6 via the title parameter in the doadd function in LabelAction.class.php...

4.8CVSS6AI score0.00527EPSS
Exploits1
Prion
Prion
added 2023/12/26 8:15 a.m.19 views

Code injection

The App Settings /admin/app page in GROWI versions prior to v6.0.6 stores sensitive information in cleartext form. As a result, the Secret access key for external service may be obtained by an attacker who can access the App Settings page...

4CVSS6.6AI score0.00317EPSS
Exploits0References2Affected Software1
Prion
Prion
added 2023/07/19 8:15 p.m.35 views

Design/Logic Flaw

aiohttp is an asynchronous HTTP client/server framework for asyncio and Python. aiohttp v3.8.4 and earlier are bundled with llhttp v6.0.6. Vulnerable code is used by aiohttp for its HTTP request parser when available which is the default case when installing from a wheel. This vulnerability only...

5CVSS7.5AI score0.01422EPSS
Exploits1References4Affected Software1
OSV
OSV
added 2022/11/14 6:34 p.m.10 views

GSD-2022-1006699 KVM: arm64: vgic: Fix exit condition in scan_its_table()

KVM: arm64: vgic: Fix exit condition in scanitstable This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v6.0.6 by commit...

7.2AI score
Exploits0
OSV
OSV
added 2022/11/14 6:33 p.m.9 views

GSD-2022-1006693 i40e: Fix DMA mappings leak

i40e: Fix DMA mappings leak This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v6.0.6 by commit 5f499596dfa3db9b3172645b6de9e1096a669c95, it was...

7.2AI score
Exploits0
OSV
OSV
added 2022/11/14 6:33 p.m.6 views

GSD-2022-1006689 ip6mr: fix UAF issue in ip6mr_sk_done() when addrconf_init_net() failed

ip6mr: fix UAF issue in ip6mrskdone when addrconfinitnet failed This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v6.0.6 by commit...

7.2AI score
Exploits0
OSV
OSV
added 2022/11/14 6:33 p.m.6 views

GSD-2022-1006688 cifs: Fix xid leak in cifs_create()

cifs: Fix xid leak in cifscreate This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v6.0.6 by commit 92aa09c86ef297976a3c27c6574c0839418dc2c4, it w...

7.2AI score
Exploits0
OSV
OSV
added 2022/11/14 6:31 p.m.11 views

GSD-2022-1006674 iommu/vt-d: Clean up si_domain in the init_dmars() error path

iommu/vt-d: Clean up sidomain in the initdmars error path This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v6.0.6 by commit...

7.2AI score
Exploits0
OSV
OSV
added 2022/11/14 6:31 p.m.10 views

GSD-2022-1006669 mm: /proc/pid/smaps_rollup: fix no vma's null-deref

mm: /proc/pid/smapsrollup: fix no vma's null-deref This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v6.0.6 by commit...

7.2AI score
Exploits0
NVD
NVD
added 2021/11/15 3:15 p.m.19 views

CVE-2021-22959

The parser in accepts requests with a space SP right after the header name before the colon. This can lead to HTTP Request Smuggling HRS in llhttp v2.1.4 and v6.0.6...

6.5CVSS0.02936EPSS
Exploits1References3
Prion
Prion
added 2021/08/12 7:15 p.m.16 views

Cross site request forgery (csrf)

Cross Site Request Forgery CSRF vulnerability exists in DamiCMS v6.0.6 that can add an admin account via admin.php?s=/Admin/doadd...

6CVSS8AI score0.00458EPSS
Exploits1References1Affected Software1
Prion
Prion
added 2021/08/12 6:15 p.m.19 views

Cross site scripting

Cross Site Scripting XSS vulnerability exists in DamiCMS v6.0.6 via the title parameter in the doadd function in LabelAction.class.php...

3.5CVSS4.9AI score0.00527EPSS
Exploits1References1Affected Software1
Cvelist
Cvelist
added 2021/08/12 5:26 p.m.23 views

CVE-2020-18451

Cross Site Scripting XSS vulnerability exists in DamiCMS v6.0.6 via the title parameter in the doadd function in LabelAction.class.php...

5AI score0.00527EPSS
Exploits1References1
0day.today
0day.today
added 2010/01/02 12:0 a.m.31 views

VirtualDJ Trial v6.0.6 "New Year Edition" m3u Exploit (0day)

Exploit for unknown platform in category dos / poc ============================================================ VirtualDJ Trial v6.0.6 "New Year Edition" m3u Exploit 0day ============================================================ Title: VirtualDJ Trial v6.0.6 "New Year Edition" m3u Exploit 0day...

7AI score
Exploits0
Rows per page
Query Builder