Lucene search
+L

304 matches found

Positive Technologies
Positive Technologies
added 2022/01/24 12:0 a.m.8 views

PT-2022-11456

Name of the Vulnerable Software and Affected Versions Sourcecodester Banking System version 1 Description The issue allows attackers to execute arbitrary SQL commands via the username or password field, potentially leading to unauthorized access or data manipulation. Recommendations For...

9.8CVSS8AI score0.01254EPSS
Exploits1References5
ALT Linux
ALT Linux
added 2021/12/27 12:0 a.m.46 views

Security fix for the ALT Linux 10 package apache2 version 1:2.4.52-alt1

1:2.4.52-alt1 built Dec. 27, 2021 Anton Farygin in task 292417 Dec. 21, 2021 Anton Farygin - 2.4.52 Fixes: CVE-2021-44790, CVE-2021-44224...

7.5CVSS9.3AI score0.97108EPSS
Exploits4
ALT Linux
ALT Linux
added 2021/10/11 12:0 a.m.62 views

Security fix for the ALT Linux 10 package apache2 version 1:2.4.51-alt1

1:2.4.51-alt1 built Oct. 11, 2021 Anton Farygin in task 286598 Oct. 10, 2021 Anton Farygin - 2.4.51 Fixes: CVE-2021-42013...

7.5CVSS8.7AI score0.99964EPSS
Exploits176
ALT Linux
ALT Linux
added 2021/10/07 12:0 a.m.86 views

Security fix for the ALT Linux 9 package apache2 version 1:2.4.50-alt1

Oct. 7, 2021 Anton Farygin 1:2.4.50-alt1 - 2.4.50 Fixes: CVE-2021-41773, CVE-2021-41524...

5CVSS7.9AI score0.99992EPSS
Exploits151
GitLab Advisory Database
GitLab Advisory Database
added 2021/09/01 12:0 a.m.45 views

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

Improper configuration will cause ServiceComb ServiceCenter Directory Traversal problem in ServcieCenter 1.x.x versions and fixed in 2.0.0...

7.5CVSS4.9AI score0.04441EPSS
Exploits0References3Affected Software1
OSV
OSV
added 2021/08/27 7:15 p.m.5 views

CVE-2021-28233

Heap-based Buffer Overflow vulnerability exists in ok-file-formats 1 via the okjpggeneratehuffmantable function in okjpg.c...

8.8CVSS5.8AI score0.01064EPSS
Exploits1References1
ALT Linux
ALT Linux
added 2021/08/20 12:0 a.m.34 views

Security fix for the ALT Linux 9 package systemd version 1:246.16-alt1

1:246.16-alt1 built Aug. 20, 2021 Alexey Shabalin in task 283283 Aug. 18, 2021 Alexey Shabalin - 246.16 Fixes CVE-2020-13529 - Package /lib/systemd/system-shutdown and /lib/systemd/system-sleep dirs ALT 39349. - Delete resovconfopenresolv settings before add ALT 33589...

2.9CVSS6.7AI score0.01399EPSS
Exploits1
CNNVD
CNNVD
added 2021/08/10 12:0 a.m.6 views

Apache ServiceComb Service-Center 路径遍历漏洞

Apache ServiceComb Service-Center is a Restful-based service registry from the Apache Foundation that provides microservice discovery and microservice management. Apache ServiceComb Service-Center is vulnerable to a path traversal vulnerability in version 1.x.x. The vulnerability stems from A...

7.5CVSS5.7AI score0.04441EPSS
Exploits0References4
Exploit DB
Exploit DB
added 2021/07/27 12:0 a.m.247 views

Customer Relationship Management System (CRM) 1.0 - Sql Injection Authentication Bypass

Exploit Title: Customer Relationship Management System CRM 1.0 - Sql Injection Authentication Bypass Date: 27/07/2021 Exploit Author: ShafiqueWasta Vendor Homepage: https://www.sourcecodester.com/php/14794/customer-relationship-management-crm-system-php-source-code.html Software Link:...

7.4AI score
Exploits0
Huntr
Huntr
added 2021/07/02 6:53 p.m.13 views

Cross-site Scripting (XSS) - Stored in bigprof-software/online-invoicing-system

💥 BUG xss via groupname 💥 VERSION TESTED latest version as of 1/7/21 💥 IMPACT xss allow to execute arbitary javascript in vicitm account 💥 STEP TO REPRODUCE 1. first goto http://localhost/online-invoice2/app/admin/pageEditGroup.php and add a new group and put bellow xss payload in group-name....

1AI score
Exploits0
Github Security Blog
Github Security Blog
added 2021/06/29 3:13 a.m.89 views

Time-of-check Time-of-use (TOCTOU) Race Condition in league/flysystem

Impact The whitespace normalisation using in 1.x and 2.x removes any unicode whitespace. Under certain specific conditions this could potentially allow a malicious user to execute code remotely. The conditions: - A user is allowed to supply the path or filename of an uploaded file. - The supplied...

9.8CVSS3.5AI score0.03486EPSS
Exploits2References9Affected Software1
Tenable Nessus
Tenable Nessus
added 2021/06/10 12:0 a.m.35 views

Debian DLA-2683-1 : rxvt security update

rxvt, VT102 terminal emulator for the X Window System, allowed potentially remote code execution because of improper handling of certain escape sequences ESC G Q. For Debian 9 stretch, this problem has been fixed in version 1:2.7.10-7+deb9u2. We recommend that you upgrade your rxvt packages. For...

8.8CVSS7.8AI score0.04012EPSS
Exploits2References5
CNNVD
CNNVD
added 2021/04/27 12:0 a.m.5 views

TYPO3 跨站脚本漏洞

TYPO3 is a free and open source content management system framework from the Swiss TYPO3 Association. A cross-site scripting vulnerability exists in version 1.x prior to TYPO3 1.3.3, which stems from insufficient innocuous handling of user-supplied data, and can be exploited by attackers to condu...

5.4CVSS5.2AI score0.00534EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2021/04/12 12:0 a.m.35 views

Debian DLA-2622-1 : python-django security update

It was discovered that there was a potential directory traversal issue in Django, a Python-based web development framework. The vulnerability could have been exploited by maliciously crafted filenames. However, the upload handlers built into Django itself were not affected. For Debian 9 'Stretch'...

5.3CVSS6.5AI score0.03865EPSS
Exploits0References4
Debian
Debian
added 2021/04/10 3:46 p.m.162 views

[SECURITY] [DSA 4889-1] mediawiki security update

------------------------------------------------------------------------- Debian Security Advisory DSA-4889-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff April 10, 2021 https://www.debian.org/security/faq -...

7.5CVSS7.8AI score0.03906EPSS
Exploits7
CNNVD
CNNVD
added 2021/04/06 12:0 a.m.6 views

VIGRA 安全漏洞

Hans Meine vigra is a Hans Meine open source application. It is a computer vision library. A security vulnerability exists in VIGRA Computer Vision Library Version-1-11-1, which stems from the inclusion of a segmentation error in impex, a crafted file that can lead to a denial of service...

6.5CVSS6.5AI score0.01044EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2021/04/06 12:0 a.m.239 views

Debian DSA-4885-1 : netty - security update

Multiple security issues were discovered in Netty, a Java NIO client/server framework, which could result in HTTP request smuggling, denial of service or information disclosure. C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from Debian...

9.1CVSS6.4AI score0.18891EPSS
Exploits4References10
Prion
Prion
added 2021/03/10 3:15 a.m.21 views

Integer overflow

An integer buffer overflow in the Nginx webserver of ExpressVPN Router version 1 allows remote attackers to obtain sensitive information when the server running as reverse proxy via specially crafted request...

5CVSS7.6AI score0.16354EPSS
Exploits3References4Affected Software1
NVD
NVD
added 2021/03/03 11:15 p.m.32 views

CVE-2021-21331

The Java client for the Datadog API before version 1.0.0-beta.9 has a local information disclosure of sensitive information downloaded via the API using the API Client. The Datadog API is executed on a unix-like system with multiple users. The API is used to download a file containing sensitive...

4.3CVSS0.00563EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2021/03/02 12:0 a.m.25 views

Debian DLA-2578-1 : thunderbird security update

Multiple security issues were discovered in Thunderbird, which could result in the execution of arbitrary code or information disclosure. For Debian 9 stretch, these problems have been fixed in version 1:78.8.0-1deb9u1. We recommend that you upgrade your thunderbird packages. For the detailed...

8.8CVSS7.8AI score0.0153EPSS
Exploits0References7
Rows per page
Query Builder