Lucene search
K

14 matches found

CNNVD
CNNVD
added 2026/05/29 12:0 a.m.9 views

Suprema BioStar 安全漏洞

Suprema BioStar is a web-based, open-integrated security platform developed by the South Korean company Suprema. It offers comprehensive features for access control, attendance management, visitor management, and video log maintenance. There were security vulnerabilities in the versions of Suprem...

10CVSS5.8AI score0.00341EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/04/03 12:0 a.m.11 views

Juju 安全漏洞

Juju is a canonical Juju open-source application orchestration engine. Vulnerabilities existed in versions of Juju between 2.9 and 2.9.56, as well as in versions between 3.6 and 3.6.19. These vulnerabilities stemmed from the ability for any authenticated user, machine, or controller to modify the...

7.1CVSS5.8AI score0.00232EPSS
Exploits0References2
EUVD
EUVD
added 2026/02/06 6:7 p.m.3 views

EUVD-2026-5624

OpenSTAManager is an open source management software for technical assistance and invoicing. OpenSTAManager v2.9.8 and earlier contain a critical Time-Based Blind SQL Injection vulnerability in the global search functionality. The application fails to properly sanitize the term parameter before...

8.7CVSS5.9AI score0.00366EPSS
Exploits3References1
AstraLinux
AstraLinux
added 2025/10/31 4:38 p.m.7 views

Astra Linux - уязвимость в haproxy

HAProxy 2.9.x before 2.9.10, 3.0.x before 3.0.4, and 3.1.x through 3.1-dev6 allows a remote denial of service for HTTP/2 zero-copy forwarding h2send loop under a certain set of conditions, as exploited in the wild in 2024...

7.5CVSS6.9AI score0.01203EPSS
Exploits0References2
Patchstack
Patchstack
added 2024/04/19 1:39 p.m.7 views

WordPress RSS Feed Widget plugin <= 2.9.7 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by Joshua Chan Patchstack Alliance in WordPress Plugin RSS Feed Widget versions = 2.9.7...

5.9CVSS6.1AI score0.00338EPSS
Exploits0Affected Software1
SUSE CVE
SUSE CVE
added 2023/02/15 4:4 a.m.4 views

SUSE CVE-2020-1738

A flaw was found in Ansible Engine when the module package or service is used and the parameter 'use' is not specified. If a previous task is executed with a malicious user, the module sent can be selected by the attacker using the ansible facts file. All versions in 2.7.x, 2.8.x and 2.9.x branch...

5CVSS8.8AI score0.00381EPSS
Exploits0References6
SUSE CVE
SUSE CVE
added 2023/02/15 4:0 a.m.4 views

SUSE CVE-2020-10684

A flaw was found in Ansible Engine, all versions 2.7.x, 2.8.x and 2.9.x prior to 2.7.17, 2.8.9 and 2.9.6 respectively, when using ansiblefacts as a subkey of itself and promoting it to a variable when inject is enabled, overwriting the ansiblefacts after the clean. An attacker could take advantag...

7.1CVSS9.1AI score0.00345EPSS
Exploits0References6
OSV
OSV
added 2020/04/30 5:15 p.m.4 views

UBUNTU-CVE-2020-10691

An archive traversal flaw was found in all ansible-engine versions 2.9.x prior to 2.9.7, when running ansible-galaxy collection install. When extracting a collection .tar.gz file, the directory is created without sanitizing the filename. An attacker could take advantage to overwrite any file with...

5.2CVSS7.1AI score0.00358EPSS
Exploits0References3
OSV
OSV
added 2020/03/16 4:15 p.m.2 views

DEBIAN-CVE-2020-1738

A flaw was found in Ansible Engine when the module package or service is used and the parameter 'use' is not specified. If a previous task is executed with a malicious user, the module sent can be selected by the attacker using the ansible facts file. All versions in 2.7.x, 2.8.x and 2.9.x branch...

3.9CVSS6.6AI score0.00381EPSS
Exploits0References1
OSV
OSV
added 2020/03/16 4:15 p.m.1 views

UBUNTU-CVE-2020-1740

A flaw was found in Ansible Engine when using Ansible Vault for editing encrypted files. When a user executes "ansible-vault edit", another user on the same computer can read the old and new secret, as it is created in a temporary file with mkstemp and the returned file descriptor is closed and t...

4.7CVSS6.6AI score0.00374EPSS
Exploits0References3
OSV
OSV
added 2020/03/16 4:15 p.m.5 views

PYSEC-2020-7

A flaw was found in the Ansible Engine when the fetch module is used. An attacker could intercept the module, inject a new path, and then choose a new destination path on the controller node. All versions in 2.7.x, 2.8.x and 2.9.x branches are believed to be vulnerable...

4.6CVSS6.7AI score0.00487EPSS
Exploits1References7
Positive Technologies
Positive Technologies
added 2020/03/16 12:0 a.m.10 views

PT-2020-6580

Name of the Vulnerable Software and Affected Versions Ansible Engine versions 2.7.x through 2.9.x Description A flaw was found in the Ansible Engine when the fetch module is used, allowing an attacker to intercept the module, inject a new path, and choose a new destination path on the controller...

4.6CVSS7.1AI score0.00487EPSS
Exploits1References200
Positive Technologies
Positive Technologies
added 2020/03/12 12:0 a.m.7 views

PT-2020-6581

Name of the Vulnerable Software and Affected Versions Ansible versions 2.7.16 and prior Ansible versions 2.8.8 and prior Ansible versions 2.9.5 and prior Description A flaw was found in Ansible when a password is set with the argument password of the svn module, it is used on the svn command line...

3.9CVSS6.2AI score0.00358EPSS
Exploits0References215
OSV
OSV
added 2018/01/18 2:29 a.m.3 views

CVE-2018-2673

Vulnerability in the Oracle Hospitality Simphony component of Oracle Hospitality Applications subcomponent: POS. Supported versions that are affected are 2.7, 2.8 and 2.9. Difficult to exploit vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle...

5.9CVSS7.3AI score0.01251EPSS
Exploits0References2
Rows per page
Query Builder