Lucene search
K

14 matches found

RedhatCVE
RedhatCVE
added 2026/01/09 9:33 a.m.9 views

CVE-2024-39171

Directory Travel in PHPVibe v11.0.46 due to incomplete blacklist checksums and directory checks, which can lead to code execution via writing specific statements to .htaccess and code to a file with a .png suffix...

9.8CVSS7.5AI score0.01247EPSS
Exploits1References1
NCSC
NCSC
added 2025/12/24 11:29 a.m.11 views

Vulnerability fixed in HPE OneView Software

HPE has fixed a vulnerability in the HPE OneView Software. The vulnerability is in the way the OneView Software handles remote requests. When HPE OneView Software is accessible over the Internet, unauthenticated remote users can execute code. This could allow attackers to gain control of affected...

10CVSS7.3AI score0.89733EPSS
Exploits8References1
NVD
NVD
added 2025/12/08 10:15 p.m.4 views

CVE-2025-36102

IBM Controller 11.1.0 through 11.1.1 and IBM Cognos Controller 11.0.0 through 11.0.1 FP6 could allow a privileged user to bypass validation, passing user input into the application as trusted data, due to client-side enforcement of server-side security...

2.7CVSS0.00193EPSS
Exploits0References1
NVD
NVD
added 2025/09/27 1:15 a.m.6 views

CVE-2025-59936

get-jwks contains fetch utils for JWKS keys. In versions prior to 11.0.2, a vulnerability in get-jwks can lead to cache poisoning in the JWKS key-fetching mechanism. When the iss issuer claim is validated only after keys are retrieved from the cache, it is possible for cached keys from an...

9.4CVSS0.00372EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2025/05/23 2:16 a.m.5 views

CVE-2023-42232

Pat Infinite Solutions HelpdeskAdvanced = 11.0.33 is vulnerable to Directory Traversal via the Navigator/Index function...

7.5CVSS6.9AI score0.00939EPSS
Exploits0References1
CVE
CVE
added 2025/01/13 12:0 a.m.34 views

CVE-2023-42232

Pat Infinite Solutions HelpdeskAdvanced is affected (versions

7.5CVSS6.6AI score0.00939EPSS
Exploits0References1Affected Software1
SUSE CVE
SUSE CVE
added 2023/02/15 4:18 a.m.5 views

SUSE CVE-2019-2818

Vulnerability in the Java SE component of Oracle Java SE subcomponent: Security. Supported versions that are affected are Java SE: 11.0.3 and 12.0.1. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE. Successful...

3.1CVSS6.5AI score0.01636EPSS
Exploits0References5
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2021/05/21 5:21 a.m.2 views

QND vulnerable to privilege escalation

Overview QND provided by QualitySoft Corporation contains a privilege escalation vulnerability CWE-268. Satoshi Ogawa of Mitsui Bussan Secure Directions, Inc. RedTeam reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership...

7.8CVSS6.7AI score0.0022EPSS
Exploits0References5
CNVD
CNVD
added 2020/12/23 12:0 a.m.3 views

Odoo Cross-Site Scripting Vulnerability (CNVD-2020-73762)

Odoo is an open source enterprise management suite , its features cover CRM, sales, purchasing, inventory management , manufacturing , quality management , HR full-featured , financial management , project management , PLM and a series of perfect enterprise information needs . A cross-site...

7.1CVSS6.1AI score0.0088EPSS
Exploits0References1
Citrix
Citrix
added 2019/12/22 12:0 a.m.7 views

Unable to access SDWAN management GUI once after upgrading to 11.0.2 and the Device is rebooted

You will experience the GUI accessibility issue when you upgrade SDWAN appliance to 11.0.2 version and when it gets rebooted either automatically or manually...

7.1AI score
Exploits0
CNVD
CNVD
added 2019/04/16 12:0 a.m.3 views

Sophos IPSec Client Access Control Error Vulnerability

Sophos IPSec Client is a VPN client application. An access control error vulnerability exists in Sophos IPSec Client version 11.04 NCPSecure Entry Client version 10.11 r32792. The vulnerability arises from the network system or product not properly restricting access to resources from unauthorize...

9.3CVSS6.9AI score0.00611EPSS
Exploits0References1
CNVD
CNVD
added 2018/11/06 12:0 a.m.3 views

IBM Robotic Process Automation with Automation Anywhere Information Disclosure Vulnerability (CNVD-2018-22535)

IBM Robotic Process Automation with Automation Anywhere is a process automation solution developed by IBM USA and Automation Anywhere. A security vulnerability exists in IBM Robotic Process Automation with Automation Anywhere version 11.0. An attacker could exploit the vulnerability to obtain...

5.3CVSS5.2AI score0.01301EPSS
Exploits0References1
CNVD
CNVD
added 2018/11/06 12:0 a.m.3 views

IBM Robotic Process Automation with Automation Anywhere Remote Code Execution Vulnerability

IBM Robotic Process Automation with Automation Anywhere is a process automation solution developed by IBM USA and Automation Anywhere. A remote code execution vulnerability exists in IBM Robotic Process Automation with Automation Anywhere versions 10.0 and 11.0, which stems from the program not...

9.3CVSS8AI score0.02908EPSS
Exploits0References1
OSV
OSV
added 2016/06/04 2:59 p.m.1 views

CVE-2016-1403

CISCO IP 8800 phones with software 11.0.1 and earlier allow local users to gain privileges for OS command execution via crafted CLI commands, aka Bug ID CSCuz03005...

7.8CVSS5.9AI score0.0051EPSS
Exploits0References1
Rows per page
Query Builder