Lucene search
K

1395 matches found

CNNVD
CNNVD
added 2025/01/14 12:0 a.m.4 views

H3C N12 V100R005 安全漏洞

The H3C N12 V100R005 is a wireless router from China's Xinhua San H3C. A security vulnerability exists in the H3C N12 V100R005 version, which stems from a lack of length validation in the 5G wireless network processing function, which could lead to an attacker crashing a remote target device or...

9.8CVSS7.1AI score0.00834EPSS
Exploits0References1
OSV
OSV
added 2025/01/07 1:15 p.m.2 views

CVE-2024-12131

The WP Job Portal – A Complete Recruitment System for Company or Job Board website plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 2.2.5 due to missing validation on a user controlled key. This makes it possible for authenticated...

4.3CVSS7.3AI score0.00303EPSS
Exploits0References2
OSV
OSV
added 2025/01/06 5:15 p.m.3 views

UBUNTU-CVE-2023-6604

A flaw was found in FFmpeg. This vulnerability allows unexpected additional CPU load and storage consumption, potentially leading to degraded performance or denial of service via the demuxing of arbitrary data as XBIN-formatted data without proper format validation...

5.3CVSS6.7AI score0.0043EPSS
Exploits1References3
Positive Technologies
Positive Technologies
added 2025/01/06 12:0 a.m.3 views

PT-2025-2407 · Qualcomm · Snapdragon +32

Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided descriptions. Description: The issue is related to memory corruption that occurs when input parameter validation for the number of fences is missing for fence frame IOCTL calls...

7.8CVSS7.1AI score0.00128EPSS
Exploits0References6
OSV
OSV
added 2024/12/26 6:15 a.m.4 views

CVE-2024-10903

The Broken Link Checker WordPress plugin before 2.4.2 does not validate a the link URLs before making a request to them, which could allow admin users to perform SSRF attack, for example on a multisite installation...

4.7CVSS7.3AI score0.00347EPSS
Exploits1References1
Positive Technologies
Positive Technologies
added 2024/12/25 12:0 a.m.4 views

PT-2024-17683 · WordPress · Wplegalpages

Name of the Vulnerable Software and Affected Versions: WP Legal Pages plugin for WordPress versions up to, and including, 3.2.6 Description: The issue is related to Cross-Site Request Forgery due to missing or incorrect nonce validation on the create popup delete process function. This allows...

4.3CVSS9.2AI score0.00167EPSS
Exploits0References7
Positive Technologies
Positive Technologies
added 2024/12/19 12:0 a.m.4 views

PT-2024-36737 · Altair · Altair

Name of the Vulnerable Software and Affected Versions: Altair versions prior to v12.24Q4.1 Description: The issue is related to a lack of validation and authentication in the image proxy for compressing and resizing remote files, which could allow attacks affecting availability. This could result...

8.6CVSS7.5AI score0.00579EPSS
Exploits0References9
OSV
OSV
added 2024/12/10 5:15 p.m.2 views

CVE-2024-55545

Missing input validation in the ORing IAP-420 web-interface allows Cross-Site Scripting XSS.This issue affects IAP-420 version 2.01e and below...

6.1CVSS5.8AI score0.00293EPSS
Exploits1References2
OSV
OSV
added 2024/12/10 4:15 p.m.5 views

CVE-2024-55544

Missing input validation in the ORing IAP-420 web-interface allows authenticated Command Injections on OS level.This issue affects IAP-420 version 2.01e and below...

8.8CVSS5.8AI score
Exploits0References2
OSV
OSV
added 2024/11/22 10:15 p.m.4 views

CVE-2024-9252

Foxit PDF Reader AcroForm Use-After-Free Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a...

7.8CVSS4.7AI score0.00448EPSS
Exploits0References2
OSV
OSV
added 2024/11/22 9:15 p.m.8 views

CVE-2024-9729

Trimble SketchUp Viewer SKP File Parsing Use-After-Free Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Trimble SketchUp Viewer. User interaction is required to exploit this vulnerability in that the target mus...

7.8CVSS6.2AI score
Exploits0References1
OSV
OSV
added 2024/11/22 9:15 p.m.7 views

CVE-2024-9725

Trimble SketchUp Viewer SKP File Parsing Use-After-Free Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Trimble SketchUp Viewer. User interaction is required to exploit this vulnerability in that the target mus...

7.8CVSS6.2AI score0.00324EPSS
Exploits0References1
OSV
OSV
added 2024/11/22 9:15 p.m.3 views

CVE-2024-11525

IrfanView DXF File Parsing Use-After-Free Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of IrfanView. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or...

7.8CVSS6.2AI score0.00423EPSS
Exploits0References1
CNNVD
CNNVD
added 2024/11/18 12:0 a.m.2 views

WordPress plugin SimpleGMaps 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripti...

6.5CVSS7.7AI score0.00231EPSS
Exploits0References1
CNNVD
CNNVD
added 2024/11/14 12:0 a.m.18 views

Harbor 授权问题漏洞

Harbor is an open source registry from Harbor Open Source. Artifacts are protected through policies and role-based access control to ensure that images are scanned and are not vulnerable, and that images are signed as trusted. Harbor suffers from an authorization issue vulnerability that stems fr...

7.7CVSS7.3AI score0.00396EPSS
Exploits0References1
CNNVD
CNNVD
added 2024/11/12 12:0 a.m.3 views

Dell SmartFabric OS10 命令注入漏洞

Dell SmartFabric OS10 is a Debian Linux-based network operating system from Dell Networking designed to run on its PowerSwitch platform. A command injection vulnerability exists in Dell SmartFabric OS10 that stems from the system not filtering and validating user input at command execution. An...

7.8CVSS8.1AI score0.00758EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2024/11/12 12:0 a.m.6 views

PT-2024-39789 · Trimble · Trimble Sketchup Viewer

Name of the Vulnerable Software and Affected Versions: Trimble SketchUp Viewer affected versions not specified Description: This issue allows remote attackers to execute arbitrary code on affected installations of Trimble SketchUp Viewer. User interaction is required to exploit this issue, where...

7.8CVSS7.2AI score0.00324EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2024/11/06 12:0 a.m.4 views

PT-2024-39134

Name of the Vulnerable Software and Affected Versions: JobSearch WP Job Board plugin for WordPress versions up to, and including, 2.6.7 Description: The issue is related to missing file type validation in the jobsearch wp handle upload function, allowing authenticated attackers with...

9.9CVSS7.9AI score0.00764EPSS
Exploits0References11
CNNVD
CNNVD
added 2024/11/05 12:0 a.m.5 views

Gitsign 安全漏洞

Gitsign is a tool from the individual developers of Gitsign that enables key-free completion of signing Git commits. A security vulnerability exists in Gitsign that stems from the fact that there is no additional validation to ensure that the hash of an entry matches the payload being validated...

1.8CVSS4.4AI score0.00116EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2024/10/30 12:0 a.m.5 views

PT-2024-39629 · WordPress · Wpglobus Translate Options

Name of the Vulnerable Software and Affected Versions: WPGlobus Translate Options plugin for WordPress versions up to, and including, 2.2.0 Description: The issue is due to missing or incorrect nonce validation on the on translate options page function, making it possible for unauthenticated...

6.1CVSS7.1AI score0.00158EPSS
Exploits0References6
Rows per page
Query Builder