Lucene search
K

11 matches found

RedhatCVE
RedhatCVE
added 2026/05/14 7:58 p.m.7 views

CVE-2026-41132

CKAN is an open-source DMS data management system for powering data hubs and data portals. Prior to 2.10.10 and 2.11.5, the configured SMTP server may be spoofed with any certificate e.g. self-signed, leaving credentials and all emails sent open to MITM attacks. This vulnerability is fixed in...

8.7CVSS5.8AI score0.00194EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/13 12:0 a.m.14 views

CKAN 安全漏洞

CKAN is an open-source data management system developed by CKAN itself. It is used to power data centers and data portals. Versions of CKAN prior to 2.10.10 and 2.11.5 contained security vulnerabilities. These vulnerabilities stemmed from a vulnerability in datastoresearchsql, which allowed...

9.1CVSS5.8AI score0.00367EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/04/29 12:0 a.m.13 views

PT-2026-36110

Name of the Vulnerable Software and Affected Versions CKAN versions prior to 2.10.10 CKAN versions prior to 2.11.5 Description A SQL injection flaw exists in the datastore search sql function. This allows attackers to inject SQL commands to gain unauthorized access to private resources and...

8.3CVSS5.8AI score0.01815EPSS
Exploits0References10
CBLMariner
CBLMariner
added 2026/01/20 9:41 p.m.8 views

CVE-2025-7425 affecting package libxml2 for versions less than 2.11.5-8

CVE-2025-7425 affecting package libxml2 for versions less than 2.11.5-8. A patched version of the package is available...

7.8CVSS6.1AI score0.00339EPSS
Exploits1
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2025-8216

Malicious code in bioql PyPI...

7.6CVSS6.3AI score0.00306EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2025/08/18 12:0 a.m.5 views

Linux Distros Unpatched Vulnerability : CVE-2025-30164

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Icinga Web 2 is an open source monitoring web interface, framework and command-line interface. A vulnerability in versions prior to 2.11.5 and 2.12.13...

6.1CVSS5.8AI score0.00249EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2025/03/27 12:14 a.m.6 views

SUSE CVE-2025-27404

Icinga Web 2 is an open source monitoring web interface, framework and command-line interface. A vulnerability in versions prior to 2.11.5 and 2.12.13 allows an attacker to craft a URL that, once visited by any user, allows to embed arbitrary Javascript into Icinga Web and to act on behalf of tha...

7.6CVSS6.8AI score0.00561EPSS
Exploits0References3
Cvelist
Cvelist
added 2025/03/26 4:10 p.m.40 views

CVE-2025-27609 Icinga Web 2 Vulnerable to Reflected XSS

Icinga Web 2 is an open source monitoring web interface, framework and command-line interface. A vulnerability in versions prior to 2.11.5 and 2.12.13 allows an attacker to craft a request that, once transmitted to a victim's Icinga Web, allows to embed arbitrary Javascript into it and to act on...

4.8CVSS0.00228EPSS
Exploits0References3
CNNVD
CNNVD
added 2025/03/26 12:0 a.m.6 views

Icinga Web 2 跨站脚本漏洞

Icinga Web 2 is an open source monitoring and metrics solution from Icinga Open Source. A cross-site scripting vulnerability exists in Icinga Web 2 versions prior to 2.11.5 and prior to 2.12.13, which stems from embeddable arbitrary Javascript that could lead to user identity impersonation...

7.6CVSS5.8AI score0.00561EPSS
Exploits0References3
CNNVD
CNNVD
added 2023/10/06 12:0 a.m.4 views

libxml2 Resource Management Error Vulnerability

libxml2 is an open source library used to parse XML documents . It is written in C and can be called by many languages, such as C, C++, XSH. A security vulnerability exists in libxml2 version 2.11.5 and earlier, which stems from a post-release reuse vulnerability...

6.5CVSS6.8AI score0.00826EPSS
Exploits0References7
seebug.org
seebug.org
added 2008/03/06 12:0 a.m.23 views

phpMyAdmin $_REQUEST参数SQL注入漏洞

BUGTRAQ ID: 28068 phpMyAdmin是用PHP编写的工具,用于通过WEB管理MySQL。 phpMyAdmin使用$REQUEST而不是$GET和$POST变量作为其参数来源,并且在SQL查询中未经过滤便使用了参数,如果用户受骗访问了恶意网站的话,就可能导致SQL注入攻击。 phpMyAdmin phpMyAdmin 2.11.5 厂商补丁: phpMyAdmin ---------- 目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下载:...

6.9AI score
Exploits0
Rows per page
Query Builder