Lucene search
K

267 matches found

FreeBSD Advisory
FreeBSD Advisory
added 2023/08/01 12:0 a.m.56 views

FreeBSD-SA-23:08.ssh

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 ============================================================================= FreeBSD-SA-23:08.ssh Security Advisory The FreeBSD Project Topic: Potential remote code execution via ssh-agent forwarding Category: contrib Module: OpenSSH Announced:...

9.8CVSS7.7AI score0.76768EPSS
Exploits10
FreeBSD Advisory
FreeBSD Advisory
added 2023/02/16 12:0 a.m.35 views

FreeBSD-SA-23:02.openssh

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 ============================================================================= FreeBSD-SA-23:02.openssh Security Advisory The FreeBSD Project Topic: OpenSSH pre-authentication double free Category: contrib Module: openssh Announced: 2023-02-16...

6.5CVSS7.4AI score0.89955EPSS
Exploits10
IBM Security Bulletins
IBM Security Bulletins
added 2023/02/14 9:14 p.m.30 views

Security Bulletin: IBM CICS TX Standard is vulnerable to HTTP Header injection (CVE-2022-34306)

Summary IBM CICS TX Standard could allow a remote attacker to invoke cross-site scripting, cache poisoning or session hijacking attacks on a vulnerable system. The fix removes this vulnerability CVE-2022-34306 from IBM CICS TX Standard. Vulnerability Details CVEID:CVE-2022-34306 DESCRIPTION: IBM...

5.5CVSS5.3AI score0.00693EPSS
Exploits0Affected Software1
Veracode
Veracode
added 2022/12/13 6:9 a.m.16 views

Cross-site Scripting (XSS)

github.com/alist-org/alist is vulnerable to cross-site scripting. The vulnerability exists due to lack of sanitization in useradmin page which allows a remote attacker to inject and execute malicious javascript on the system...

5.4CVSS5.4AI score0.00465EPSS
Exploits1References2Affected Software1
Prion
Prion
added 2022/12/02 3:15 a.m.20 views

Design/Logic Flaw

Insecure permissions in Telos Alliance Omnia MPX Node v1.0.0 to v1.4.9 allow attackers to manipulate and access system settings with backdoor account low privilege, this can lead to change hardware settings and execute arbitrary commands in vulnerable system functions that is requires high...

6.5CVSS8.8AI score0.01003EPSS
Exploits1References1Affected Software1
Xen Project
Xen Project
added 2022/11/01 12:0 p.m.39 views

Xenstore: Guests can crash xenstored

ISSUE DESCRIPTION Due to a bug in the fix of XSA-115 a malicious guest can cause xenstored to use a wrong pointer during node creation in an error path, resulting in a crash of xenstored or a memory corruption in xenstored causing further damage. Entering the error path can be controlled by the...

8.8CVSS1.9AI score0.00272EPSS
Exploits0
Vulnrichment
Vulnrichment
added 2022/10/20 12:0 a.m.4 views

CVE-2022-42201

Simple Exam Reviewer Management System v1.0 is vulnerable to Insecure file upload...

6.9AI score0.00973EPSS
Exploits1References2
Vulnrichment
Vulnrichment
added 2022/10/14 12:0 a.m.10 views

CVE-2022-42070

Online Birth Certificate Management System version 1.0 is vulnerable to Cross Site Request Forgery CSRF...

8.8AI score0.00331EPSS
Exploits1References2
NVD
NVD
added 2022/09/14 11:15 a.m.16 views

CVE-2022-37138

Loan Management System 1.0 is vulnerable to SQL Injection at the login page, which allows unauthorized users to login as Administrator after injecting username form...

9.8CVSS0.00952EPSS
Exploits2References2
CNVD
CNVD
added 2022/07/22 12:0 a.m.28 views

IBM QRadar Network Security Trust Management Issue Vulnerability

IBM QRadar Network Security is a network security manager from IBM, USA. used to provide better visibility and control over activities and users on the network, while using deep packet inspection, heuristics and behavior-based analysis to detect and prevent advanced threats.IBM QRadar Network...

5CVSS2.8AI score0.00778EPSS
Exploits0Affected Software1
Prion
Prion
added 2022/06/29 1:15 a.m.16 views

Cross site scripting

SourceCodester Zoo Management System 1.0 is vulnerable to Cross Site Scripting XSS via publichtml/registervisitor?msg=...

4.3CVSS6AI score0.00835EPSS
Exploits3References2Affected Software1
ATTACKERKB
ATTACKERKB
added 2022/06/02 3:15 p.m.3 views

CVE-2022-32004

Badminton Center Management System v1.0 is vulnerable to SQL Injection via bcms/admin/products/manageproduct.php?id=...

7.2CVSS7.2AI score0.00958EPSS
Exploits1References2
NVD
NVD
added 2022/06/02 2:15 p.m.12 views

CVE-2022-30832

Wedding Management System v1.0 is vulnerable to SQL Injection via /Wedding-Management/admin/clientassign.php?booking=31&userid=...

7.2CVSS0.00945EPSS
Exploits1References1
Prion
Prion
added 2022/06/02 2:15 p.m.14 views

Sql injection

School Dormitory Management System 1.0 is vulnerable to SQL Injection via reports/dailycollectionreport.php:59...

7.5CVSS9.8AI score0.03697EPSS
Exploits2References2Affected Software1
Cvelist
Cvelist
added 2022/05/24 1:49 p.m.15 views

CVE-2022-30461

Water-billing-management-system v1.0 is vulnerable to SQL Injection via /wbms/classes/Master.php?f=deleteclient, id...

10AI score0.01026EPSS
Exploits1References1
Prion
Prion
added 2022/05/13 3:15 p.m.12 views

Sql injection

Covid-19 Travel Pass Management System v1.0 is vulnerable to SQL Injection via /ctpms/admin/?page=applications/viewapplication&id=...

6.5CVSS7.3AI score0.00929EPSS
Exploits1References1Affected Software1
Prion
Prion
added 2022/05/12 4:15 p.m.16 views

Sql injection

Money Transfer Management System 1.0 is vulnerable to SQL Injection via \mtms\classes\Master.php?f=deletetransaction...

7.5CVSS9.8AI score0.01091EPSS
Exploits1References1Affected Software1
Prion
Prion
added 2022/05/03 7:15 p.m.19 views

Cross site scripting

IBM Maximo Asset Management 7.6.1.1 and 7.6.1.2 is vulnerable to HTTP header injection, caused by improper validation of input by the HOST headers. By sending a specially crafted HTTP request, a remote attacker could exploit this vulnerability to inject HTTP HOST header, which will allow the...

4.3CVSS6.7AI score0.01063EPSS
Exploits0References2Affected Software2
GithubExploit
GithubExploit
added 2022/03/23 11:8 a.m.441 views

Exploit for Out-of-bounds Write in Polkit_Project Polkit

CVE-2021-4034 One day for the polkit privilege escalation expl...

7.8CVSS7.9AI score0.94921EPSS
Exploits152
hivepro
hivepro
added 2022/02/09 1:44 p.m.37 views

Microsoft Patch Tuesday addresses a zero-day vulnerability in Windows Kernel

THREAT LEVEL: Amber. For a detailed advisory, download the pdf file here Microsoft addressed 51 vulnerabilities in the February 2022 patch Tuesday release, one of which was classified as a zero-day vulnerability. A remote attacker could exploit some of these vulnerabilities to gain control of a...

6.9CVSS0.3AI score0.03193EPSS
Exploits0
Rows per page
Query Builder