Lucene search
+L

362 matches found

OSV
OSV
added 2022/05/31 10:15 a.m.5 views

CVE-2021-3555

A Buffer Overflow vulnerability in the RSTP server component of Eufy Indoor 2K Indoor Camera allows a local attacker to achieve remote code execution. This issue affects: Eufy Indoor 2K Indoor Camera 2.0.9.3 version and prior versions...

8.8CVSS6AI score0.00818EPSS
Exploits1References1
Positive Technologies
Positive Technologies
added 2022/05/31 12:0 a.m.4 views

PT-2022-8884 · Form.Io · Form.Io

Name of the Vulnerable Software and Affected Versions: Form.io version 2.0.0 Description: A Server-Side Template Injection SSTI issue was discovered, leading to Remote Code Execution during the deletion of the default Email template URL. The email templating service was removed after 2020. The...

9.8CVSS8.1AI score0.02177EPSS
Exploits0References6
ATTACKERKB
ATTACKERKB
added 2022/05/12 9:15 a.m.3 views

CVE-2022-29930

SHA1 implementation in JetBrains Ktor Native 2.0.0 was returning the same value. The issue was fixed in Ktor version 2.0.1...

8.7CVSS5.9AI score0.0083EPSS
Exploits0References3Affected Software1
CNNVD
CNNVD
added 2022/05/05 12:0 a.m.5 views

LibreHealth EHR 跨站脚本漏洞

LibreHealth EHR is a clinically-focused Electronic Health Record EHR system designed to be easy to use out-of-the-box or customized for use in a variety of healthcare settings. A security vulnerability exists in LibreHealth EHR 2.0.0, which stems from the lack of filter escaping for the GET...

5.4CVSS5.8AI score0.00834EPSS
Exploits1References5
Positive Technologies
Positive Technologies
added 2022/03/12 12:0 a.m.5 views

PT-2022-18146 · Gpac +1 · Gpac +1

Name of the Vulnerable Software and Affected Versions: GPAC version 2.0 Description: The issue is a heap-based buffer overflow in the gf base64 encode function. It can be triggered via MP4Box. Recommendations: For GPAC version 2.0, at the moment, there is no information about a newer version that...

9.8CVSS7.7AI score0.04615EPSS
Exploits98References240
ATTACKERKB
ATTACKERKB
added 2022/03/10 5:46 p.m.5 views

CVE-2022-24608

Luocms v2.0 is affected by Cross Site Scripting XSS in /admin/news/sortadd.php and /inc/function.php...

6.1CVSS6.4AI score0.00665EPSS
Exploits1References2
OSV
OSV
added 2022/03/04 10:15 p.m.4 views

CVE-2021-27756

"TLS-RSA cipher suites are not disabled in BigFix Compliance up to v2.0.5. If TLS 2.0 and secure ciphers are not enabled then an attacker can passively record traffic and later decrypt it."...

7.5CVSS5.7AI score0.00557EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2022/02/03 3:15 a.m.6 views

CVE-2022-23357

mozilo2.0 was discovered to be vulnerable to directory traversal attacks via the parameter curentdir...

9.1CVSS7.2AI score0.19877EPSS
Exploits1References3
Positive Technologies
Positive Technologies
added 2022/02/03 12:0 a.m.4 views

PT-2022-15950 · Mozilo · Mozilo

Name of the Vulnerable Software and Affected Versions: mozilo version 2.0 Description: The issue allows directory traversal attacks via the curent dir parameter. Recommendations: For version 2.0, consider restricting access to the curent dir parameter to minimize the risk of exploitation...

9.1CVSS9.2AI score0.19877EPSS
Exploits1References4
ATTACKERKB
ATTACKERKB
added 2022/01/18 6:15 a.m.7 views

CVE-2022-0245

Cross-Site Request Forgery CSRF in GitHub repository livehelperchat/livehelperchat prior to 2.0...

5.7CVSS5.8AI score0.00439EPSS
Exploits1References3
OSV
OSV
added 2021/12/26 12:15 a.m.5 views

CVE-2021-37569

MediaTek microchips, as used in NETGEAR devices through 2021-11-11 and other devices, mishandle IEEE 1905 protocols. Affected Chipsets MT7603E, MT7613, MT7615, MT7622, MT7628, MT7629, MT7915; Affected Software Versions 2.0.2; Out-of-bounds write...

8.8CVSS5.8AI score0.01197EPSS
Exploits0References2
OSV
OSV
added 2021/12/26 12:15 a.m.6 views

CVE-2021-37570

MediaTek microchips, as used in NETGEAR devices through 2021-11-11 and other devices, mishandle IEEE 1905 protocols. Affected Chipsets MT7603E, MT7613, MT7615, MT7622, MT7628, MT7629, MT7915; Affected Software Versions 2.0.2; Out-of-bounds read...

7.5CVSS5.8AI score0.01118EPSS
Exploits0References2
CNNVD
CNNVD
added 2021/11/10 12:0 a.m.3 views

Pdf2xml 代码问题漏洞

pdftoxml is an open source PDF to XML converter. pdftoxml version 2.0 of the TextPage::restoreState function has a null pointer dereference vulnerability. An attacker can exploit this vulnerability to cause a denial of service...

7.5CVSS5.7AI score0.01361EPSS
Exploits1References2
CNNVD
CNNVD
added 2021/11/08 12:0 a.m.6 views

WordPress 插件跨站脚本漏洞

WordPress is the Wordpress Foundation's set of blogging platform developed using the PHP language. The platform supports the hosting of personal blogging sites on PHP and MySQL servers. WordPress plugin is a WordPress open source application plugin. WordPress plugin WP Header Images version 2.0.1...

6.1CVSS5.2AI score0.008EPSS
Exploits2References2
CNNVD
CNNVD
added 2021/10/12 12:0 a.m.8 views

IBM Data Risk Manager 加密问题漏洞

IBM Data Risk Manager is a data risk manager from IBM Corporation of the United States. The product supports discovery, analysis and visualization of business risk data, etc. A security vulnerability exists in IBM Data Risk Manager iDNA 2.0.6, which could be exploited by an attacker to decrypt...

7.5CVSS5.7AI score0.00665EPSS
Exploits0References3
CNNVD
CNNVD
added 2021/10/06 12:0 a.m.5 views

October CMS 授权问题漏洞

October CMS is an open source content management system CMS based on PHP and the Laravel web application framework. October CMS suffers from an authorization issue vulnerability where a previously deleted administrator account may still be able to log into the backend using October CMS v2.0...

7.2CVSS7.1AI score0.01056EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2021/10/04 12:15 p.m.3 views

CVE-2021-41878

A reflected cross-site scripting XSS vulnerability exists in the i-Panel Administration System Version 2.0 that enables a remote attacker to execute arbitrary JavaScript code in the browser-based web console and it is possible to insert a vulnerable malicious button...

6.1CVSS6.6AI score0.09912EPSS
Exploits4References5
CNNVD
CNNVD
added 2021/09/27 12:0 a.m.4 views

WordPress 插件 SQL注入漏洞

The WordPress plugin uListing is a directory and listing plugin based on Vue.js. A SQL injection vulnerability exists in the custom parameter of the WordPress plugin uListing 2.0.3 and earlier versions. No details of the vulnerability are currently available...

9.8CVSS8.5AI score0.02067EPSS
Exploits1References3
OSV
OSV
added 2021/09/15 7:15 p.m.6 views

CVE-2021-33692

SAP Cloud Connector, version - 2.0, allows the upload of zip files as backup. This backup file can be tricked to inject special elements such as '..' and '/' separators, for attackers to escape outside of the restricted location to access files or directories...

7.5CVSS6.3AI score0.0117EPSS
Exploits0References2
CNNVD
CNNVD
added 2021/08/13 12:0 a.m.5 views

2N Access Unit 信任管理问题漏洞

2N Access Unit is a smart access control reader from the Czech company 2N. A security vulnerability exists in 2N Access Unit, which originates in the 2N Access Unit 2.0,2.31.0.40.5 device, and can be exploited by an attacker to conduct a man-in-the-middle attack disguised as a web relay...

5.9CVSS6.1AI score0.00846EPSS
Exploits0References2
Rows per page
Query Builder