Lucene search
K

7 matches found

OSV
OSV
added yesterday4 views

ROOT-OS-UBUNTU-2204-CVE-2025-39823 CVE-2025-39823 in rootio-linux - Patched by Root

Root has patched CVE-2025-39823 in the rootio-linux package for Root:Ubuntu:22.04. Multiple fixed versions available...

7.8CVSS6.9AI score0.00165EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2026/03/09 12:0 a.m.6 views

Ubuntu 22.04 LTS : Zutty vulnerability (USN-8078-1)

The remote Ubuntu 22.04 LTS host has a package installed that is affected by a vulnerability as referenced in the USN-8078-1 advisory. Carter Sande discovered that Zutty did not correctly echo invalid input to the console on DECRQSS. An attacker could possibly use this issue to execute arbitrary...

9.8CVSS6.1AI score0.01754EPSS
Exploits1References2
OSV
OSV
added 2026/02/19 6:24 p.m.3 views

CVE-2026-23617

GFI MailEssentials AI versions prior to 22.4 contain a stored cross-site scripting vulnerability in the Spam Keyword Checking Body conditions interface. An authenticated user can supply HTML/JavaScript in the ctl00$ContentPlaceHolder1$pvGeneral$TXBCondition parameter to...

5.4CVSS5.8AI score0.00173EPSS
Exploits0References2
OSV
OSV
added 2026/02/19 6:24 p.m.5 views

CVE-2026-23606

GFI MailEssentials AI versions prior to 22.4 contain a stored cross-site scripting vulnerability in the Advanced Content Filtering rule creation workflow. An authenticated user can supply HTML/JavaScript in the ctl00$ContentPlaceHolder1$pv1$txtRuleName parameter to...

5.4CVSS5.8AI score0.00173EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/02/19 12:0 a.m.7 views

GFI MailEssentials AI 安全漏洞

GFI MailEssentials AI is an open-source anti-spam and data breach protection software developed by GFI in the United States. Versions of GFI MailEssentials AI prior to version 22.4 contained a security vulnerability. This vulnerability stemmed from a storage cross-site scripting vulnerability in...

5.4CVSS5.6AI score0.00163EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2025/10/17 12:0 a.m.1 views

CVE-2025-56320

Enterprise Contract Management Portal v.22.4.0 is vulnerable to Stored Cross-Site Scripting XSS in its chat box component. This allows a remote attacker to execute arbitrary code. NOTE: the Supplier reports that this is "Present only in an obsolete, unsupported version no longer in circulation."...

5.4CVSS6.2AI score0.00394EPSS
Exploits0References4
CNNVD
CNNVD
added 2025/08/06 12:0 a.m.3 views

4C Strategies Exonaut 安全漏洞

4C Strategies Exonaut is a training, exercise and readiness management platform from the Swedish company 4C Strategies. A security vulnerability exists in versions prior to 4C Strategies Exonaut v22.4 that stems from an access control issue...

5.3CVSS6.6AI score0.00294EPSS
Exploits0References3
Rows per page
Query Builder