Lucene search
K

19 matches found

Cvelist
Cvelist
added 2026/04/28 9:19 a.m.35 views

CVE-2026-41603 Apache Thrift: Java TSSLTransportFactory hostname verification

Improper Validation of Certificate with Host Mismatch vulnerability in Apache Thrift. This issue affects Apache Thrift: before 0.23.0. Users are recommended to upgrade to version 0.23.0, which fixes the issue...

0.00593EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2017-12245

Malware in sbrugna...

6.1CVSS6.4AI score0.0279EPSS
Exploits0References4
IBM Security Bulletins
IBM Security Bulletins
added 2025/08/26 5:59 p.m.6 views

Security Bulletin: IBM Watson Discovery Cartridge affected by vulnerability in golang.org/x/net-v0.33.0

Summary IBM Watson Discovery Cartridge contains a vulnerable version of golang.org/x/net-v0.33.0 Vulnerability Details CVEID:CVE-2025-22870 DESCRIPTION: Matching of hosts against proxy patterns can improperly treat an IPv6 zone ID as a hostname component. For example, when the NOPROXY environment...

4.4CVSS6.8AI score0.00384EPSS
Exploits2Affected Software1
Positive Technologies
Positive Technologies
added 2025/08/26 12:0 a.m.5 views

PT-2025-34791 · Ibm · Ibm Cognos Command Center

Name of the Vulnerable Software and Affected Versions: IBM Cognos Command Center versions 10.2.4.1 through 10.2.5 Description: IBM Cognos Command Center versions 10.2.4.1 and 10.2.5 may allow a local user to execute arbitrary code on the system due to the unsafe use of the BinaryFormatter functio...

7.8CVSS7.8AI score0.00148EPSS
Exploits0References4
NVD
NVD
added 2025/08/20 8:15 a.m.8 views

CVE-2025-54052

Cross-Site Request Forgery CSRF vulnerability in Realtyna Realtyna Organic IDX plugin real-estate-listing-realtyna-wpl allows PHP Local File Inclusion.This issue affects Realtyna Organic IDX plugin: from n/a through = 5.0.0...

7.5CVSS0.00159EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2025/08/20 12:0 a.m.5 views

Linux Distros Unpatched Vulnerability : CVE-2020-14651

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Security: Roles. Supported versions that are affected are 8.0.20 and prior. Easily...

5.5CVSS5.7AI score0.02023EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2025/08/19 12:0 a.m.6 views

PT-2025-33884 · Unknown · Neurobin Shc

Name of the Vulnerable Software and Affected Versions: neurobin shc versions prior to 4.0.4 Description: A vulnerability exists in neurobin shc up to version 4.0.3. This issue affects the make function within the src/shc.c file of the Filename Handler component. Manipulation of this function can...

5.3CVSS5.6AI score0.0134EPSS
Exploits0References9
Tenable Nessus
Tenable Nessus
added 2025/08/18 12:0 a.m.3 views

Linux Distros Unpatched Vulnerability : CVE-2022-2512

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue has been discovered in GitLab CE/EE affecting all versions starting from 15.0 before 15.0.5, all versions starting from 15.1 before 15.1.4, all version...

6.5CVSS6.3AI score0.00744EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/08/09 12:0 a.m.6 views

Linux Distros Unpatched Vulnerability : CVE-2020-14836

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Optimizer. Supported versions that are affected are 8.0.21 and prior. Easily...

6.8CVSS6.2AI score0.0202EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2025/07/16 12:0 a.m.3 views

PT-2025-29731 · Yaysmtp · Yaysmtp

Name of the Vulnerable Software and Affected Versions: YaySMTP versions n/a through 1.5 Description: YaySMTP contains a SQL injection flaw. The flaw is due to improper neutralization of special elements used in an SQL command. Recommendations: Versions prior to 1.6 are affected...

7.6CVSS7.1AI score0.00355EPSS
Exploits0References5
NVD
NVD
added 2025/05/30 11:15 a.m.14 views

CVE-2025-1763

An issue has been discovered in GitLab EE that allows for cross-site-scripting attack and content security policy bypass in a user's browser under specific conditions, affecting all versions from 16.6 before 17.9.7, 17.10 before 17.10.5, and 17.11 before 17.11.1...

8.7CVSS0.00522EPSS
Exploits1References2
Debian CVE
Debian CVE
added 2025/02/13 8:31 a.m.7 views

CVE-2024-3303

Removed by vendor...

6.4CVSS5.8AI score0.00369EPSS
Exploits1
NVD
NVD
added 2025/02/11 11:15 a.m.6 views

CVE-2024-53648

A vulnerability has been identified in SIPROTEC 5 6MD84 CP300 All versions V9.90, SIPROTEC 5 6MD85 CP200 All versions, SIPROTEC 5 6MD85 CP300 All versions V9.90, SIPROTEC 5 6MD86 CP200 All versions, SIPROTEC 5 6MD86 CP300 All versions V9.90, SIPROTEC 5 6MD89 CP300 All versions V9.90, SIPROTEC 5...

7CVSS0.00288EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/02/07 5:6 p.m.12 views

CVE-2022-26388 Use of Hard-Coded Password Vulnerability in ELI Electrocardiograph Devices

A use of hard-coded password vulnerability may allow authentication abuse.This issue affects ELI 380 Resting Electrocardiograph: Versions 2.6.0 and prior; ELI 280/BUR280/MLBUR 280 Resting Electrocardiograph: Versions 2.3.1 and prior; ELI 250c/BUR 250c Resting Electrocardiograph: Versions 2.1.2 an...

6.4CVSS0.00259EPSS
Exploits0References2
NVD
NVD
added 2025/01/24 6:15 p.m.8 views

CVE-2025-24698

Cross-Site Request Forgery CSRF vulnerability in g5theme Essential Real Estate essential-real-estate allows Cross Site Request Forgery.This issue affects Essential Real Estate: from n/a through = 5.1.8...

4.3CVSS0.00208EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2022/08/02 12:0 a.m.6 views

PT-2022-8886 · Unknown · Monorepo-Build

Name of the Vulnerable Software and Affected Versions: monorepo-build affected versions not specified Description: A command injection issue affects the package. The estimated number of potentially affected devices worldwide is not available. There is no information about real-world incidents whe...

9.8CVSS9.7AI score0.0109EPSS
Exploits1References4
NVD
NVD
added 2020/09/21 1:15 a.m.17 views

CVE-2020-14177

Affected versions of Atlassian Jira Server and Data Center allow remote attackers to impact the application's availability via a Regex-based Denial of Service DoS vulnerability in JQL version searching. The affected versions are before version 7.13.16; from version 7.14.0 before 8.5.7; from versi...

6.5CVSS0.02233EPSS
Exploits0References1
UbuntuCve
UbuntuCve
added 2017/09/28 1:29 a.m.18 views

CVE-2017-14849

Node.js 8.5.0 before 8.6.0 allows remote attackers to access unintended files, because a change to ".." handling was incompatible with the pathname validation used by unspecified community modules...

7.5CVSS7.2AI score0.53416EPSS
Exploits2References3
OSV
OSV
added 2016/12/11 2:59 a.m.9 views

CVE-2016-6625

An issue was discovered in phpMyAdmin. An attacker can determine whether a user is logged in to phpMyAdmin. The user's session, username, and password are not compromised by this vulnerability. All 4.6.x versions prior to 4.6.4, 4.4.x versions prior to 4.4.15.8, and 4.0.x versions prior to...

4.3CVSS5.4AI score
Exploits0References3
Rows per page
Query Builder