Lucene search
K

15 matches found

EUVD
EUVD
added 2026/03/09 9:30 a.m.5 views

EUVD-2025-208382

An unauthenticated remote attacker can obtain valid session tokens because they are exposed in plaintext within the URL parameters of the wwwupdate.cgi endpoint in UBR...

7.5CVSS5.8AI score0.00318EPSS
Exploits0References2
NVD
NVD
added 2025/09/30 6:15 p.m.7 views

CVE-2025-56513

NiceHash QuickMiner 6.12.0 perform software updates over HTTP without validating digital signatures or hash checks. An attacker capable of intercepting or redirecting traffic to the update url and can hijack the update process and deliver arbitrary executables that are automatically executed,...

9.8CVSS0.00418EPSS
Exploits2References2
CNNVD
CNNVD
added 2025/09/30 12:0 a.m.3 views

NiceHash QuickMiner 安全漏洞

NiceHash QuickMiner is a cryptocurrency miner software open source by NiceHash.com. A security vulnerability exists in NiceHash QuickMiner version 6.12.0 that originates from executing a software update over HTTP without verifying digital signatures or hash checking, which could lead to remote co...

9.8CVSS7.8AI score0.00418EPSS
Exploits2References2
OPENSUSE Linux
OPENSUSE Linux
added 2024/10/19 12:0 a.m.11 views

element-web-1.11.81-1.1 on GA media (moderate)

element-web-1.11.81-1.1 on GA media Announcement ID: openSUSE-SU-2024:14407-1 Rating: moderate Cross-References: CVE-2024-47771 Affected Products: openSUSE Tumbleweed An update that solves one vulnerability can now be installed. Description: These are all security issues fixed in the...

7CVSS7.3AI score0.00567EPSS
Exploits0
OSV
OSV
added 2023/08/08 4:17 p.m.11 views

SUSE-SU-2023:3237-1 Security update for webkit2gtk3

This update for webkit2gtk3 fixes the following issues: Update to version 2.40.5 bsc1213905: - CVE-2023-38133: Fixed information disclosure. - CVE-2023-38572: Fixed Same-Origin-Policy bypass. - CVE-2023-38592: Fixed arbitrary code execution. - CVE-2023-38594: Fixed arbitrary code execution. -...

8.8CVSS8.1AI score0.23788EPSS
Exploits1References15
OSV
OSV
added 2022/11/28 9:39 a.m.4 views

SUSE-SU-2022:4244-1 Security update for ganglia-web

This update for ganglia-web fixes the following issues: - updated to 3.7.5 which fixes bsc1179835 - CVE-2019-20378: Fixed a possible XSS via ce and cs parameters in header.php bsc1160761...

6.1CVSS5.9AI score0.01014EPSS
Exploits1References4
OSV
OSV
added 2022/11/28 9:39 a.m.6 views

SUSE-SU-2022:4243-1 Security update for ganglia-web

This update for ganglia-web fixes the following issues: - updated to 3.7.5 which fixes bsc1179835 - CVE-2019-20378: Fixed a possible XSS via ce and cs parameters in header.php bsc1160761...

6.1CVSS5.9AI score0.01014EPSS
Exploits1References4
OSV
OSV
added 2019/10/21 12:0 a.m.19 views

DLA-1962-1 graphite-web - security update

Bulletin has no description...

7.5CVSS7.3AI score0.16948EPSS
Exploits1
Fedora
Fedora
added 2019/08/11 1:14 a.m.13 views

[SECURITY] Fedora 30 Update: icedtea-web-1.8-3.fc30

The IcedTea-Web project provides a Java web browser plugin, an implementati on of Java Web Start originally based on the Netx project and a settings too l to manage deployment settings for the aforementioned plugin and Web Start implementations...

1.9AI score
Exploits0
Oracle linux
Oracle linux
added 2019/07/31 12:0 a.m.60 views

icedtea-web security update

1.7.2-16 - added patch1, patch4 and patch11 to fix CVE-2019-10182 - added patch2 to fix CVE-2019-10181 - added patch3 and patch33 to fix CVE-2019-10185 - Resolves: rhbz1724958 - Resolves: rhbz1725928 - Resolves: rhbz1724989...

8.6CVSS2AI score0.04022EPSS
Exploits0
OSV
OSV
added 2016/04/06 2:9 p.m.7 views

MGASA-2016-0130 Updated java packages fix CVE-2016-0636

Updated java-1.8.0-openjdk packages fix security vulnerability: An improper type safety check was discovered in the Hotspot component. An untrusted Java application or applet could use this flaw to bypass Java Sandbox restrictions CVE-2016-0636. Also, the icedtea-web package has been updated to...

9.3CVSS8.2AI score0.05765EPSS
Exploits0References4
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2013/06/27 12:0 a.m.39 views

JVN#26394323: POST-MAIL vulnerable to cross-site scripting

POST-MAIL provided by KENT-WEB contains an issue in the webpage output of strings entered in the form, which may result in a cross-site scripting vulnerability. Impact An arbitrary script may be executed on the user's web browser. Solution Update the Software Update to the latest version accordin...

4.3CVSS5.9AI score0.01148EPSS
Exploits0
OPENSUSE Linux
OPENSUSE Linux
added 2012/08/13 9:8 a.m.24 views

update for icedtea-web (important)

This update of icedtea-web fixed multiple hewap buffer overflows...

7.5CVSS2AI score0.06172EPSS
Exploits1References1
Oracle linux
Oracle linux
added 2012/07/31 12:0 a.m.42 views

icedtea-web security update

1.2.1-1 - Updated to 1.2.1 - Resolves: CVE-2012-3422 - Resolves: CVE-2012-3423...

7.5CVSS9AI score0.06172EPSS
Exploits1
OpenVAS
OpenVAS
added 2011/07/18 12:0 a.m.18 views

Fedora Update for wordpress FEDORA-2011-8908

Check for the Version of wordpress OpenVAS Vulnerability Test Fedora Update for wordpress FEDORA-2011-8908 Authors: System Generated Check Copyright: Copyright c 2011 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under th...

0.3AI score
Exploits0References2
Rows per page
Query Builder