Lucene search
+L

36 matches found

Positive Technologies
Positive Technologies
added 2024/08/12 12:0 a.m.14 views

PT-2024-29979 · Fish Shop · Syntax-Check

Name of the Vulnerable Software and Affected Versions: fish-shop/syntax-check versions prior to v1.6.12 fish-shop/syntax-check versions prior to v2.0.0 Description: The issue is related to improper neutralization of delimiters in the pattern input, specifically the command separator ; and command...

6.9CVSS7.2AI score0.00821EPSS
Exploits0References11
Cvelist
Cvelist
added 2023/11/30 5:20 a.m.44 views

CVE-2023-49087 Validation of SignedInfo

xml-security is a library that implements XML signatures and encryption. Validation of an XML signature requires verification that the hash value of the related XML-document matches a specific DigestValue-value, but also that the cryptographic signature on the SignedInfo-tree the one that contain...

6.8CVSS7.6AI score0.00193EPSS
Exploits1References2
Positive Technologies
Positive Technologies
added 2023/11/27 12:0 a.m.8 views

PT-2023-8931 · Php +1 · Php +1

Name of the Vulnerable Software and Affected Versions: simplesamlphp/xml-security versions prior to 1.6.12 simplesamlphp/xml-security versions prior to 5.0.0-alpha.13 Description: The issue is related to insufficient validation of XML signatures, which could allow a remote attacker to forge SAML...

7.5CVSS6.9AI score0.00193EPSS
Exploits1References11
CBLMariner
CBLMariner
added 2023/11/08 2:7 a.m.19 views

CVE-2023-43787 affecting package libX11 for versions less than 1.8.7-1

CVE-2023-43787 affecting package libX11 for versions less than 1.8.7-1. An upgraded version of the package is available that resolves this issue...

7.8CVSS7AI score0.00427EPSS
Exploits1
CBLMariner
CBLMariner
added 2023/08/03 2:51 a.m.15 views

CVE-2023-3138 affecting package libX11 for versions less than 1.6.12-6

CVE-2023-3138 affecting package libX11 for versions less than 1.6.12-6. A patched version of the package is available...

7.5CVSS8AI score0.01656EPSS
Exploits0
Patchstack
Patchstack
added 2023/04/19 12:0 a.m.12 views

WordPress ReviewX Plugin <= 1.6.12 is vulnerable to SQL Injection

Software ReviewX Type Plugin Vulnerable versions = 1.6.12 Fixed in 1.6.13 OWASP Top 10 A1: Injection Classification SQL Injection CVE CVE-2023-26325 Patch priority High CVSS severity High 8.5 Developer Claim ownership PSID 2483e29b3913 Credits Joshua Martinelle Required privilege Subscriber...

8.8CVSS7.2AI score0.00872EPSS
Exploits2References3Affected Software1
OSV
OSV
added 2022/12/07 11:15 p.m.1 views

DEBIAN-CVE-2022-23471

containerd is an open source container runtime. A bug was found in containerd's CRI implementation where a user can exhaust memory on the host. In the CRI stream server, a goroutine is launched to handle terminal resize events if a TTY is requested. If the user's process fails to launch due to, f...

6.5CVSS6.4AI score0.01022EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2022/12/07 12:0 a.m.13 views

PT-2022-6020 · Containerd +7 · Kubernetes Containerd +6

Name of the Vulnerable Software and Affected Versions: containerd versions prior to 1.6.12 containerd versions prior to 1.5.16 Description: A bug was found in containerd's CRI implementation where a user can exhaust memory on the host. In the CRI stream server, a goroutine is launched to handle...

9.1CVSS7.7AI score0.27392EPSS
Exploits7References83
CNVD
CNVD
added 2018/09/11 12:0 a.m.6 views

Creme CRM Cross-Site Scripting Vulnerability (CNVD-2019-17467)

Creme CRM is a customer relationship management system. The system features sales automation, customer service and sending and receiving e-mail. A cross-site scripting vulnerability exists in the organization creation page in Creme CRM version 1.6.12, which can be exploited by remote attackers to...

5.4CVSS5.3AI score0.00545EPSS
Exploits1References1
CNVD
CNVD
added 2018/09/11 12:0 a.m.6 views

Creme CRM Cross-Site Scripting Vulnerability

Creme CRM is a customer relationship management system. The system features sales automation, customer service and sending and receiving e-mail. A cross-site scripting vulnerability exists in the salesman creation page in Creme CRM version 1.6.12, which can be exploited by remote attackers to...

5.4CVSS5.3AI score0.00545EPSS
Exploits1References1
CNVD
CNVD
added 2015/09/06 12:0 a.m.4 views

IBM OpenAFS vlserver Buffer Overflow Vulnerability

IBM OpenAFS is a distributed file system from IBM in the United States that allows sharing of files and resources between systems over LANs and WANs. A security vulnerability exists in IBM OpenAFS 1.6.12 and earlier versions of vlserver server. A remote attacker can exploit this vulnerability to...

4CVSS6.6AI score0.01933EPSS
Exploits0References1
CNVD
CNVD
added 2015/08/13 12:0 a.m.4 views

OpenAFS Denial of Service Vulnerability (CNVD-2015-05293)

OpenAFS is a distributed file system that allows sharing of archives and resources between systems over LANs and WANs. A security vulnerability exists in OpenAFS 1.6.12 and earlier versions of vlserver. A remote attacker can exploit this vulnerability to cause a denial of service out-of-bounds re...

6.7AI score
Exploits0References1
BDU FSTEC
BDU FSTEC
added 2015/04/28 12:0 a.m.12 views

The vulnerability of the Gentoo Linux operating system, which allows a malicious individual to compromise the accessibility of protected information

The vulnerability of the dbus package up to version 1.6.12 in the Gentoo Linux operating system can lead to a violation of the accessibility of protected information. This vulnerability can be exploited locally...

1.9CVSS7AI score0.00383EPSS
Exploits0References3Affected Software1
Metasploit
Metasploit
added 2014/05/27 3:15 p.m.34 views

MyBB Database Fingerprint

This module checks if MyBB is running behind an URL. Also uses a malformed query to force an error and fingerprint the backend database used by MyBB on version 1.6.12 and prior. This module requires Metasploit: https://metasploit.com/download Current source:...

0.3AI score
Exploits0
OpenVAS
OpenVAS
added 2014/02/26 12:0 a.m.23 views

MyBB sid SQLi Vulnerability

MyBB is prone to an SQL injection SQLi vulnerability. SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:mybb:mybb"; ifdescription...

8.1AI score
Exploits0References1
OpenVAS
OpenVAS
added 2014/02/05 12:0 a.m.16 views

MyBB 1.6.12 XSS Vulnerability

MyBB is prone to a cross-site scripting XSS vulnerability. SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:mybb:mybb";...

4.3CVSS6AI score0.00993EPSS
Exploits3References3
Rows per page
Query Builder