Lucene search
K

49 matches found

EUVD
EUVD
added 2025/11/07 5:12 a.m.7 views

EUVD-2025-38242

ClipBucket v5 is an open source video sharing platform. In versions 5.5.2-146 and below, the Manage Playlists feature is vulnerable to stored Cross-site Scripting XSS,specifically in the Playlist Name field. An authenticated low-privileged user can create a playlist with a malicious name containi...

8.6CVSS5.9AI score0.00248EPSS
Exploits1References2
Positive Technologies
Positive Technologies
added 2025/11/07 12:0 a.m.9 views

PT-2025-45443

Name of the Vulnerable Software and Affected Versions File Station 5 versions prior to 5.5.6.5018 Description A flaw exists where a remote attacker, having obtained a user account, could potentially trigger a denial-of-service DoS attack due to a NULL pointer dereference. Recommendations Update t...

5.3CVSS6.4AI score0.00332EPSS
Exploits0References3
CVE
CVE
added 2025/10/27 2:32 a.m.29 views

CVE-2025-12205

Kamailio 5.5 is affected by a vulnerability in the function sr_push_yy_state (src/core/cfg.lex) that causes use-after-free. The issue requires local access to exploit. Public exploit exists, but the real-world existence of the vulnerability has been doubted in the sources. Connected advisories (R...

7.8CVSS4.8AI score0.00207EPSS
Exploits1References8Affected Software1
Positive Technologies
Positive Technologies
added 2025/10/25 12:0 a.m.7 views

PT-2025-43699

Name of the Vulnerable Software and Affected Versions BackWPup – WordPress Backup & Restore Plugin versions prior to 5.5.1 Description The BackWPup – WordPress Backup & Restore Plugin for WordPress is susceptible to unauthorized data access. A missing capability check on the backwpup working AJAX...

5.3CVSS5.7AI score0.00254EPSS
Exploits0References7
Positive Technologies
Positive Technologies
added 2025/09/19 12:0 a.m.5 views

PT-2025-38625

Name of the Vulnerable Software and Affected Versions Libraesva Email Security Gateway versions 4.5 through 5.5.x before 5.5.7 Libraesva Email Security Gateway version 5.0 through 5.0.31 Libraesva Email Security Gateway version 5.1 through 5.1.20 Libraesva Email Security Gateway version 5.2 throu...

6.1CVSS9.3AI score0.01929EPSS
Exploits0References49
Positive Technologies
Positive Technologies
added 2025/08/13 12:0 a.m.6 views

PT-2025-33095

Name of the Vulnerable Software and Affected Versions: Sysax Multi Server versions prior to 5.55 Description: Sysax Multi Server versions prior to 5.55 contain a stack-based buffer overflow in its SSH service. When a remote attacker provides an overly long username during authentication, the serv...

9.8CVSS6.7AI score0.0284EPSS
Exploits1References10
Positive Technologies
Positive Technologies
added 2025/02/13 12:0 a.m.7 views

PT-2025-6949

Name of the Vulnerable Software and Affected Versions: Dell SupportAssist OS Recovery versions prior to 5.5.13.1 Description: The issue concerns a symbolic link attack vulnerability. A low-privileged attacker with local access could potentially exploit this vulnerability, leading to arbitrary fil...

7.8CVSS6.2AI score0.00167EPSS
Exploits0References7
OSV
OSV
added 2025/01/15 4:15 p.m.5 views

CVE-2024-56295

Missing Authorization vulnerability in Poll Maker Team Poll Maker allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Poll Maker: from n/a through 5.5.6...

6.5CVSS7.3AI score0.00429EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2023/09/23 12:0 a.m.17 views

PT-2023-31778 · WordPress · The Contact Form By Formget

Name of the Vulnerable Software and Affected Versions: The Contact Form by FormGet plugin for WordPress versions up to, and including, 5.5.5 Description: The issue is related to Stored Cross-Site Scripting via the formget shortcode due to insufficient input sanitization and output escaping on...

6.4CVSS5.4AI score0.00364EPSS
Exploits0References6
OSV
OSV
added 2023/07/18 3:15 a.m.5 views

CVE-2023-3714

The ProfileGrid plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'editgroup' handler in versions up to, and including, 5.5.2. This makes it possible for authenticated attackers, with group ownership, to update group options, includin...

8.8CVSS7.3AI score0.00692EPSS
Exploits0References4
CNNVD
CNNVD
added 2022/09/22 12:0 a.m.6 views

Insyde InsydeH2O 安全漏洞

Insyde InsydeH2O is a C-language source from Insyde Corporation of Taiwan that implements the new technology "EFI/UEFI" specification, designed to replace the traditional BIOS Basic Input/Output System. A security vulnerability exists in Insyde InsydeH2O versions 5.0 to 5.5, which is caused by an...

6CVSS6.1AI score0.00311EPSS
Exploits1References5
Positive Technologies
Positive Technologies
added 2020/10/21 12:0 a.m.6 views

PT-2020-4568 · Oracle · Oracle Business Intelligence Enterprise Edition

Name of the Vulnerable Software and Affected Versions: Oracle Business Intelligence Enterprise Edition versions 5.5.0.0.0, 12.2.1.3.0, 12.2.1.4.0 Description: The issue is related to insufficient input validation in the Installation component of Oracle Business Intelligence Enterprise Edition,...

7.8CVSS8.9AI score0.97233EPSS
Exploits2References9
OSV
OSV
added 2020/03/12 9:15 p.m.6 views

ALPINE-CVE-2020-0556

Improper access control in subsystem for BlueZ before version 5.54 may allow an unauthenticated user to potentially enable escalation of privilege and denial of service via adjacent access...

7.1CVSS7.4AI score0.01033EPSS
Exploits0References1
CNVD
CNVD
added 2018/02/23 12:0 a.m.11 views

Trend Micro Email Encryption Gateway Cross-Site Request Forgery Vulnerability

Trend Micro Email Encryption is a suite of identity-based email encryption solutions from Trend Micro, Inc. The Trend Micro Email Encryption Gateway TMEEG is one of the gateway products that provides data protection. A cross-site request forgery vulnerability exists in Trend Micro Email Encryptio...

8.8CVSS6.8AI score0.02227EPSS
Exploits5References1
CNVD
CNVD
added 2018/01/22 12:0 a.m.5 views

SQL Injection Vulnerability in Daimi CMS v5.5.3

DAMI CMS is a free open source, fast, simple PC station and cell phone station integration integration system, is committed to providing users with simple, fast PC station and smart phone station solutions. A SQL injection vulnerability exists in the version V5.5.32017-04-15 of DAMI CMS, which ca...

7.8AI score
Exploits0
OSV
OSV
added 2017/10/23 1:8 p.m.12 views

USN-3459-1 mysql-5.5, mysql-5.7 vulnerabilities

Multiple security issues were discovered in MySQL and this update includes new upstream MySQL versions to fix these issues. MySQL has been updated to 5.5.58 in Ubuntu 14.04 LTS. Ubuntu 16.04 LTS, Ubuntu 17.04 and Ubuntu 17.10 have been updated to MySQL 5.7.20. In addition to security fixes, the...

7.5CVSS6.7AI score0.04291EPSS
Exploits0References17
OSV
OSV
added 2017/05/05 7:29 p.m.6 views

CVE-2016-8916

IBM Tivoli Storage Manager 5.5, 6.1-6.4, and 7.1 stores password information in a log file that could be read by a local user when a set password command is issued. IBM X-Force ID: 118472...

5.5CVSS5.8AI score0.00307EPSS
Exploits0References2
OSV
OSV
added 2017/02/03 7:59 a.m.5 views

CVE-2016-8216

EMC Data Domain OS DD OS 5.4 all versions, EMC Data Domain OS DD OS 5.5 family all versions prior to 5.5.5.0, EMC Data Domain OS DD OS 5.6 family all versions prior to 5.6.2.0, EMC Data Domain OS DD OS 5.7 family all versions prior to 5.7.2.10 has a command injection vulnerability that could...

6.7CVSS5.8AI score0.00812EPSS
Exploits0References3
CNVD
CNVD
added 2016/12/22 12:0 a.m.3 views

VMware ESXi HTML Injection Vulnerability

VMware ESXi is a bare-metal virtualization hypervisor from VMware that is installed directly on a physical server and divides the physical server into multiple virtual machines. The program features less disk space, higher reliability and security. An HTML injection vulnerability exists in VMware...

5.4CVSS7.7AI score0.01129EPSS
Exploits0References1
CNVD
CNVD
added 2016/11/29 12:0 a.m.7 views

VMware vSphere Client XML External Entity Information Disclosure Vulnerability

VMware vSphere is a virtualization platform for building cloud computing infrastructures from VMware that simplifies IT operations by separating applications and operating systems from the underlying hardware.VMware vSphere Client is a client software for VMware vSphere. An XML external entity...

5.8CVSS6.2AI score0.01227EPSS
Exploits0References1
Rows per page
Query Builder