Lucene search
K

6 matches found

Positive Technologies
Positive Technologies
added 2025/06/10 12:0 a.m.4 views

PT-2025-25170 · Apache · Apache Cloudstack

Name of the Vulnerable Software and Affected Versions: Apache CloudStack versions 4.10.0.0 through 4.20.0.0 Description: A privilege escalation issue exists where a malicious Domain Admin user in the ROOT domain can reset the password of user-accounts of Admin role type, allowing the attacker to...

9CVSS6.7AI score0.00499EPSS
Exploits0References9
Vulnrichment
Vulnrichment
added 2025/05/07 8:59 a.m.15 views

CVE-2025-27533 Apache ActiveMQ: Unchecked buffer length can cause excessive memory allocation

Memory Allocation with Excessive Size Value vulnerability in Apache ActiveMQ. During unmarshalling of OpenWire commands the size value of buffers was not properly validated which could lead to excessive memory allocation and be exploited to cause a denial of service DoS by depleting process memor...

6.9CVSS5.3AI score0.08453EPSS
Exploits2References1
Positive Technologies
Positive Technologies
added 2024/12/06 12:0 a.m.5 views

PT-2024-10156 · Gitlab · Gitlab Ce/Ee

Name of the Vulnerable Software and Affected Versions: GitLab CE/EE versions 11.0 through 17.4.6 GitLab CE/EE versions 17.5 through 17.5.4 GitLab CE/EE versions 17.6 through 17.6.2 Description: The issue is related to the GraphQL Mutation Handler component of the GitLab platform, which can lead t...

4CVSS5.9AI score0.00216EPSS
Exploits0References15
Positive Technologies
Positive Technologies
added 2024/12/04 12:0 a.m.3 views

PT-2024-9187 · Django +5 · Django +5

Name of the Vulnerable Software and Affected Versions: Django versions 4.2 through 4.2.17 Django versions 5.0 through 5.0.10 Django versions 5.1 through 5.1.4 Description: An issue was discovered in Django when using an Oracle database. Direct usage of the django.db.models.fields.json.HasKey look...

9.8CVSS7.5AI score0.01424EPSS
Exploits0References73
Positive Technologies
Positive Technologies
added 2024/04/04 12:0 a.m.5 views

PT-2024-22666 · Apache · Cloudstack

Name of the Vulnerable Software and Affected Versions: CloudStack versions prior to 4.18.1.1 CloudStack versions prior to 4.19.0.1 Description: The CloudStack management server and secondary storage VM could be tricked into making requests to restricted or random resources by means of following 3...

7.3CVSS7.1AI score0.00785EPSS
Exploits0References9
Positive Technologies
Positive Technologies
added 2022/09/15 12:0 a.m.6 views

PT-2022-23163 · Nextcloud · Nextcloud Files Access Control App

Name of the Vulnerable Software and Affected Versions: Nextcloud Files Access Control app versions prior to 1.12.2 Nextcloud Files Access Control app versions prior to 1.13.1 Nextcloud Files Access Control app versions prior to 1.14.1 Description: The Nextcloud Files Access Control app has an iss...

4.3CVSS4.5AI score0.0042EPSS
Exploits0References6
Rows per page
Query Builder