Lucene search
K

120 matches found

Positive Technologies
Positive Technologies
added 2025/04/30 12:0 a.m.4 views

PT-2025-18332 · Hcl · Hcl Domino Volt

Name of the Vulnerable Software and Affected Versions: HCL Domino Volt affected versions not specified Description: The issue is related to improper sanitization of SVG files, which allows client-side script injection in deployed applications. This can potentially lead to malicious script executi...

4.6CVSS6.4AI score0.00182EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2025/04/30 12:0 a.m.6 views

PT-2025-18331 · Hcl · Hcl Domino Volt

Name of the Vulnerable Software and Affected Versions: HCL Domino Volt affected versions not specified Description: The issue concerns an unsafe default file type filter policy that allows the upload of .html files, leading to the execution of unsafe JavaScript in deployed applications. This coul...

4.6CVSS6.2AI score0.00218EPSS
Exploits0References5
CNNVD
CNNVD
added 2025/04/30 12:0 a.m.5 views

HCL Domino Volt 安全漏洞

HCL Domino Volt is a low-code application development solution based on the Domino platform from HCL India. A security vulnerability exists in HCL Domino Volt, which stems from an insecure default file type filtering policy that could lead to the execution of malicious JavaScript...

5.4CVSS6.8AI score0.00218EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/04/30 12:0 a.m.3 views

HCL Domino Volt和HCL Domino Leap 安全漏洞

HCL Domino Volt and HCL Domino Leap are both products of HCL India.HCL Domino Volt is a low-code application development solution based on the Domino platform.HCL Domino Leap is a cloud-based collaboration platform that modernizes traditional Domino applications. A security vulnerability exists i...

6.5CVSS6.7AI score0.0021EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/04/30 12:0 a.m.5 views

PT-2025-18330 · Hcl · Hcl Domino Volt

Name of the Vulnerable Software and Affected Versions: HCL Domino Volt affected versions not specified Description: The issue concerns an unsafe default file type filter policy that allows the upload of .html files and the execution of unsafe JavaScript in deployed applications. This could...

4.6CVSS6.4AI score0.00218EPSS
Exploits0References5
CNNVD
CNNVD
added 2025/04/30 12:0 a.m.5 views

HCL Domino Volt 安全漏洞

HCL Domino Volt is a low-code application development solution based on the Domino platform from HCL India. A security vulnerability exists in HCL Domino Volt, which stems from an insecure default file type filtering policy that could lead to the execution of malicious JavaScript...

5.4CVSS6.8AI score0.00218EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/04/30 12:0 a.m.5 views

HCL Domino Volt 安全漏洞

HCL Domino Volt is a low-code application development solution based on the Domino platform from HCL India. A security vulnerability exists in HCL Domino Volt, which stems from improper cleaning of SVG files and could lead to client-side script injection...

5.4CVSS6.7AI score0.00182EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/04/30 12:0 a.m.7 views

HCL Domino Volt和HCL Domino Leap 安全漏洞

HCL Domino Volt and HCL Domino Leap are both products of HCL India.HCL Domino Volt is a low-code application development solution based on the Domino platform.HCL Domino Leap is a cloud-based collaboration platform that modernizes traditional Domino applications. HCL Domino Volt and HCL Domino Le...

7.1CVSS6.7AI score0.00194EPSS
Exploits0References1
HackRead
HackRead
added 2025/03/12 11:57 p.m.4 views

Chinese Volt Typhoon Hackers Infiltrated US Electric Utility for Nearly a Year

Dragos reveals Volt Typhoon hackers infiltrated a US electric utility for 300 days, collecting sensitive data. Learn how this cyberattack threatens infrastructure...

7.2AI score
Exploits0
Veracode
Veracode
added 2025/03/10 3:38 p.m.9 views

Remote Code Execution (RCE)

livewire/volt is vulnerable to Remote Code Execution RCE.The vulnerability is due to improper handling of user-crafted request payloads due to inadequate input validation, allowing attackers to execute arbitrary code within Volt components...

9.3CVSS8.6AI score0.00567EPSS
Exploits0References3Affected Software1
RedhatCVE
RedhatCVE
added 2025/03/07 7:36 p.m.20 views

CVE-2025-27517

Volt is an elegantly crafted functional API for Livewire. Malicious, user-crafted request payloads could potentially lead to remote code execution within Volt components. This vulnerability is fixed in 1.7.0...

9.3CVSS8AI score0.00567EPSS
Exploits0References1
NVD
NVD
added 2025/03/05 8:16 p.m.13 views

CVE-2025-27517

Volt is an elegantly crafted functional API for Livewire. Malicious, user-crafted request payloads could potentially lead to remote code execution within Volt components. This vulnerability is fixed in 1.7.0...

9.3CVSS0.00567EPSS
Exploits0References1
Snyk
Snyk
added 2025/03/05 7:47 p.m.1 views

Improper Input Validation

Overview livewire/livewire is an A front-end framework for Laravel. Affected versions of this package are vulnerable to Improper Input Validation. An attacker can execute arbitrary code within Volt components by sending specially crafted payloads. Remediation Upgrade livewire/livewire to version...

9.8CVSS7.8AI score0.00567EPSS
Exploits0References2
OSV
OSV
added 2025/03/05 7:47 p.m.6 views

GHSA-V69F-5JXM-HWVV Volt Allows RCE Via User-Crafted Requests

Malicious, user-crafted request payloads could potentially lead to remote code execution within Volt components...

9.3CVSS8.1AI score0.00567EPSS
Exploits0References3
Github Security Blog
Github Security Blog
added 2025/03/05 7:47 p.m.17 views

Volt Allows RCE Via User-Crafted Requests

Malicious, user-crafted request payloads could potentially lead to remote code execution within Volt components...

9.3CVSS8.1AI score0.00567EPSS
Exploits0References3Affected Software1
Vulnrichment
Vulnrichment
added 2025/03/05 7:11 p.m.6 views

CVE-2025-27517 Volt Allows RCE Via User-Crafted Requests

Volt is an elegantly crafted functional API for Livewire. Malicious, user-crafted request payloads could potentially lead to remote code execution within Volt components. This vulnerability is fixed in 1.7.0...

9.3CVSS8AI score0.00567EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/03/05 7:11 p.m.23 views

CVE-2025-27517 Volt Allows RCE Via User-Crafted Requests

Volt is an elegantly crafted functional API for Livewire. Malicious, user-crafted request payloads could potentially lead to remote code execution within Volt components. This vulnerability is fixed in 1.7.0...

9.3CVSS0.00567EPSS
Exploits0References1
CVE
CVE
added 2025/03/05 7:11 p.m.970 views

CVE-2025-27517

Volt (Livewire) contains a remote code execution vulnerability in Volt components triggered by malicious, user-crafted payloads. Affected versions are prior to 1.7.0; the issue is fixed in 1.7.0. The CVE entry documents the vulnerability as critical with network attack vector and no user interact...

9.3CVSS8AI score0.00567EPSS
Exploits0References1
OSV
OSV
added 2025/03/05 7:11 p.m.3 views

CVE-2025-27517 Volt Allows RCE Via User-Crafted Requests

Volt is an elegantly crafted functional API for Livewire. Malicious, user-crafted request payloads could potentially lead to remote code execution within Volt components. This vulnerability is fixed in 1.7.0...

9.3CVSS8.1AI score0.00567EPSS
Exploits0References3
CNNVD
CNNVD
added 2025/03/05 12:0 a.m.5 views

volt 输入验证错误漏洞

volt is an open source functional API built for Livewire. An input validation error vulnerability exists in Volt versions prior to 1.7.0, which stems from a remote code execution vulnerability...

9.3CVSS7.6AI score0.00567EPSS
Exploits0References2
Rows per page
Query Builder