Lucene search
K

12 matches found

ATTACKERKB
ATTACKERKB
added 2026/02/02 6:37 a.m.7 views

CVE-2026-20711

Cross-site scripting vulnerability exists in E-mail function of Cybozu Garoon 5.0.0 to 6.0.3, which may allow an attacker to reset arbitrary users’ passwords...

6.9CVSS6.5AI score0.00225EPSS
Exploits0References3Affected Software1
CNNVD
CNNVD
added 2026/02/02 12:0 a.m.11 views

Cybozu Garoon 安全漏洞

Cybozu Garoon is a portal-based OA office system developed by Cybozu Corporation. This system provides functions such as portals, email, bookmarks, calendar management, bulletin boards, and file management. Versions of Cybozu Garoon from 5.0.0 to 6.0.3 have security vulnerabilities. These...

7.5CVSS6AI score0.00404EPSS
Exploits0References3
CVE
CVE
added 2026/01/13 6:32 p.m.17 views

CVE-2025-68271

OpenC3 COSMOS (versions 5.0.0–6.10.1) has a critical remote code execution vulnerability exploitable via the JSON-RPC API. The flaw occurs when parsing attacker-controlled parameter text with String#convert_to_value; for array-like inputs, convert_to_value may execute eval(), allowing an unauthen...

10CVSS8.1AI score0.00536EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2024/06/11 12:0 a.m.12 views

PT-2024-24050 · Cybozu · Cybozu Garoon

Name of the Vulnerable Software and Affected Versions: Cybozu Garoon versions 5.0.0 through 6.0.0 Description: The issue allows a remote authenticated attacker to alter and/or obtain the data of Memo due to an incorrect authorization vulnerability. Recommendations: For Cybozu Garoon versions 5.0....

5.4CVSS6.3AI score0.00288EPSS
Exploits0References5
OSV
OSV
added 2023/05/22 3:15 a.m.11 views

UBUNTU-CVE-2023-33285

An issue was discovered in Qt 5.x before 5.15.14, 6.x before 6.2.9, and 6.3.x through 6.5.x before 6.5.1. QDnsLookup has a buffer over-read via a crafted reply from a DNS server...

5.3CVSS7.2AI score0.00805EPSS
Exploits0References4
vulnersOsv
vulnersOsv
added 2021/12/10 8:24 p.m.6 views

com.buession.cas:buession-cas-captcha (>=2.0.0 <=2.2.1), com.buession.cas:buession-cas-oauth (>=2.3.0 <=2.3.2) +240 more potentially affected by CVE-2021-42567 via org.apereo.cas:cas-server-core-web (>=5.0.0 <=6.4.1)

org.apereo.cas:cas-server-core-web MAVEN version =5.0.0, =2.0.0, =2.3.0, =1.1.0, =1.1.0, =2.3.0, =1.2.0, =1.1.0, =1.1.0, =5.0.0, =5.0.0, =6.3.1, =6.1.7, =6.3.1, =6.3.1, =6.3.10 and more Source cves: CVE-2021-42567 Source advisory: OSV:GHSA-GFHX-JJWQ-63GV...

6.1CVSS6.3AI score0.08064EPSS
Exploits0
CNVD
CNVD
added 2019/03/15 12:0 a.m.5 views

IBM Rational Quality Manager Cross-Site Scripting Vulnerability (CNVD-2019-07327)

IBM Rational Quality Manager is the collaborative center for business-driven software and system quality across virtually any platform and any type of test. The software helps teams seamlessly share information, use automation to accelerate projects, and report metrics for targeted release...

5.4CVSS6.2AI score0.00968EPSS
Exploits0References1
CNVD
CNVD
added 2019/03/15 12:0 a.m.4 views

IBM Rational Quality Manager Cross-Site Scripting Vulnerability (CNVD-2019-07326)

IBM Rational Quality Manager is the collaborative center for business-driven software and system quality across virtually any platform and any type of test. The software helps teams seamlessly share information, use automation to accelerate projects, and report metrics for targeted release...

5.4CVSS6.2AI score0.00968EPSS
Exploits0References1
CNVD
CNVD
added 2019/03/15 12:0 a.m.3 views

IBM Rational Engineering Lifecycle Manager Information Disclosure Vulnerability (CNVD-2019-07358)

IBM Rational Engineering Lifecycle Manager is a product lifecycle management application that helps you visualize, analyze, and gain insight into engineering lifecycle data. An information disclosure vulnerability exists in IBM Rational Engineering Lifecycle Manager 5.0 - 6.0.6. A malicious user...

4.3CVSS6.2AI score0.01316EPSS
Exploits0References1
OSV
OSV
added 2019/03/14 10:29 p.m.4 views

CVE-2018-1952

IBM Jazz Foundation IBM Rational Engineering Lifecycle Manager 5.0 through 6.0.6 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a...

5.4CVSS5.4AI score0.00968EPSS
Exploits0References3
OSV
OSV
added 2019/03/14 10:29 p.m.3 views

CVE-2018-1658

IBM Jazz Foundation IBM Rational Collaborative Lifecycle Management 5.0 through 6.0.6 is vulnerable to HTTP header injection, caused by improper validation of input. By persuading a victim to visit a specially-crafted Web page, a remote attacker could exploit this vulnerability to inject arbitrar...

5.4CVSS5.8AI score0.00998EPSS
Exploits0References3
OSV
OSV
added 2018/07/10 3:29 p.m.4 views

CVE-2018-1407

IBM Rational Team Concert 5.0 through 5.0.2 and 6.0 through 6.0.5 are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted sessio...

5.4CVSS5.4AI score0.0066EPSS
Exploits0References2
Rows per page
Query Builder