Lucene search
K

97 matches found

CNNVD
CNNVD
added 2024/08/16 12:0 a.m.4 views

ZZCMS 安全漏洞

ZZCMS is a content management system CMS by the ZZCMS team in China. A cross-site scripting vulnerability exists in ZZCMS v2023, which originates from the lack of effective filtering and escaping of user-supplied data in the content parameter of /user/askedit.php?action=add, which can be exploite...

5.4CVSS6.2AI score0.00228EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2024/07/22 12:0 a.m.5 views

PT-2024-37397 · National Instruments · Ni Flexlogger +1

Name of the Vulnerable Software and Affected Versions: NI SystemLink Server versions 2024 Q1 and prior NI FlexLogger versions 2023 Q2 and prior Description: The issue is related to an out-of-date version of Redis shipped with the affected software, which is susceptible to multiple vulnerabilities...

7.8CVSS7.2AI score0.00275EPSS
Exploits0References5
CNNVD
CNNVD
added 2024/07/22 12:0 a.m.4 views

Act-On 安全漏洞

Act-On is an email marketing automation platform for businesses from Act-On, Inc. in the United States. A security vulnerability exists in Act-On version 2023. A remote attacker can exploit the vulnerability to execute arbitrary code via the newUser parameter in the login.jsp component...

6.1CVSS7.8AI score0.00418EPSS
Exploits1References2
OSSF Malicious Packages
OSSF Malicious Packages
added 2024/06/25 1:15 p.m.2 views

Malicious code in updated-tricks-v-bucks-generator-free_2023-hhg65 (npm)

--- -= Per source details. Do not edit below this line.=-...

7AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 2024/06/25 1:14 p.m.2 views

Malicious code in updated-tricks-v-bucks-generator-free_2023-h4543 (npm)

--- -= Per source details. Do not edit below this line.=-...

7AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 2024/06/25 1:13 p.m.2 views

Malicious code in updated-tricks-v-bucks-generator-free_2023-dfrt5 (npm)

--- -= Per source details. Do not edit below this line.=-...

7AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 2024/06/25 1:12 p.m.4 views

Malicious code in updated-tricks-v-bucks-generator-free_2023-7szc38qtb (npm)

--- -= Per source details. Do not edit below this line.=-...

7AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 2024/06/25 1:12 p.m.1 views

Malicious code in updated-tricks-v-bucks-generator-free_2023-6dp2u (npm)

--- -= Per source details. Do not edit below this line.=-...

7AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 2024/06/25 1:12 p.m.2 views

Malicious code in updated-tricks-v-bucks-generator-free_2023-0m1j (npm)

--- -= Per source details. Do not edit below this line.=-...

7AI score
Exploits0
Positive Technologies
Positive Technologies
added 2024/06/17 12:0 a.m.5 views

PT-2024-37353 · Ingenico · Ingenico Estate Manager

Name of the Vulnerable Software and Affected Versions: Ingenico Estate Manager version 2023 Description: A problematic issue has been found in the News Feed component, affecting the processing of the file /emgui/rest/ums/messages. The manipulation of the message argument leads to cross-site...

5.1CVSS3.9AI score0.00413EPSS
Exploits1References6
Vulnrichment
Vulnrichment
added 2024/06/13 11:27 a.m.18 views

CVE-2024-34113 ColdFusion | Weak Cryptography for Passwords (CWE-261)

ColdFusion versions 2023u7, 2021u13 and earlier are affected by a Weak Cryptography for Passwords vulnerability that could result in a security feature bypass. This vulnerability arises due to the use of insufficiently strong cryptographic algorithms or flawed implementation that compromises the...

5.5CVSS5.8AI score0.00335EPSS
Exploits0References1
OpenVAS
OpenVAS
added 2024/06/13 12:0 a.m.17 views

Adobe Photoshop Arbitrary Code Execution Vulnerability (APSB24-27) - Mac OS X

Adobe Photoshop is prone to an arbitrary code execution vulnerability. SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

7.8CVSS7.9AI score0.00315EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/06/11 2:16 p.m.23 views

CVE-2024-37294 Aimeos denial of service vulnerability in SaaS and marketplace setups

Aimeos is an Open Source e-commerce framework for online shops. All SaaS and marketplace setups using Aimeos version from 2022/2023/2024 are affected by a potential denial of service attack. Users should upgrade to versions 2022.10.17, 2023.10.17, or 2024.04 of the aimeos/aimeos-core package to...

5.5CVSS0.00435EPSS
Exploits0References1
UbuntuCve
UbuntuCve
added 2024/06/06 7:15 p.m.20 views

CVE-2024-23793

The file upload feature in OTRS and OTRS Community Edition has a path traversal vulnerability. This issue permits authenticated agents or customer users to upload potentially harmful files to directories accessible by the web server, potentially leading to the execution of local code like Perl...

6.3CVSS6.1AI score0.00775EPSS
Exploits0References2
GitLab Advisory Database
GitLab Advisory Database
added 2024/05/29 12:0 a.m.11 views

Aimeos denial of service vulnerability in SaaS and marketplace setups

All SaaS and marketplace setups using Aimeos version from 2022/2023/2024 are affected by a potential denial of service attack...

5.5CVSS7.1AI score0.00435EPSS
Exploits0References10Affected Software1
CNNVD
CNNVD
added 2024/04/04 12:0 a.m.6 views

SOLIDWORKS eDrawings 安全漏洞

SOLIDWORKS eDrawings is a SOLIDWORKS application for viewing and sharing CAD models by SolidWorks, Inc. A security vulnerability exists in SOLIDWORKS eDrawings versions 2023 to 2024, which stems from an out-of-bounds write, use of uninitialized resources, and reuse-after-release vulnerabilities...

7.8CVSS6.6AI score0.00355EPSS
Exploits0References2
CNNVD
CNNVD
added 2024/02/14 12:0 a.m.3 views

Intel(R) oneAPI DPC++/C++ Compiler Security Vulnerability

IntelR oneAPI DPC++/C++ Compiler is a compiler from Intel Corporation USA. A security vulnerability previously existed in Intel oneAPI DPC++/C++ Compiler software version 2023.2.1, which stems from improper access control in the affected product. It could result in an authenticated user potential...

7.8CVSS6.6AI score0.00161EPSS
Exploits0References2
NVD
NVD
added 2024/02/02 4:15 p.m.14 views

CVE-2024-23824

mailcow is a dockerized email package, with multiple containers linked in one bridged network. The application is vulnerable to pixel flood attack, once the payload has been successfully uploaded in the logo the application goes slow and doesn't respond in the admin page. It is tested on the...

4.7CVSS4.7AI score0.00597EPSS
Exploits1References3
Prion
Prion
added 2024/02/02 4:15 p.m.16 views

Code injection

mailcow is a dockerized email package, with multiple containers linked in one bridged network. The application is vulnerable to pixel flood attack, once the payload has been successfully uploaded in the logo the application goes slow and doesn't respond in the admin page. It is tested on the...

3.3CVSS7AI score0.00597EPSS
Exploits1References3
Cvelist
Cvelist
added 2024/02/02 3:18 p.m.18 views

CVE-2024-23824 mailcow ipixel flood attack leads to Denial of Service in admin page

mailcow is a dockerized email package, with multiple containers linked in one bridged network. The application is vulnerable to pixel flood attack, once the payload has been successfully uploaded in the logo the application goes slow and doesn't respond in the admin page. It is tested on the...

4.7CVSS5AI score0.00597EPSS
Exploits1References3
Rows per page
Query Builder