Lucene search
K

17 matches found

EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2021-24034

Malware in sbrugna...

6.5CVSS6.5AI score0.01244EPSS
Exploits1References3
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2021-24035

Malware in sbrugna...

5.4CVSS5.5AI score0.00585EPSS
Exploits1References3
RedhatCVE
RedhatCVE
added 2025/05/22 8:5 p.m.8 views

CVE-2021-37470

In NCH WebDictate v2.13, persistent Cross Site Scripting XSS exists in the Recipient Name field. An authenticated user can add or modify the affected field to inject arbitrary JavaScript...

5.4CVSS6AI score0.00585EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/22 8:5 p.m.5 views

CVE-2021-37469

In NCH WebDictate v2.13 and earlier, authenticated users can abuse logprop?file=/.. path traversal to read files on the filesystem...

6.5CVSS6.6AI score0.01244EPSS
Exploits1References1
CNVD
CNVD
added 2021/07/26 12:0 a.m.19 views

NCH WebDictate Directory Traversal Vulnerability

A security vulnerability exists in NCH WebDictate, a web-based dictation recording, editing and management software, which stems from the product's logprop?file=/... path fails to filter incoming special characters, which can be exploited to read critical files...

6.5CVSS3AI score0.01244EPSS
Exploits1References1
CNVD
CNVD
added 2021/07/26 12:0 a.m.13 views

NCH WebDictate Cross-Site Scripting Vulnerability

A cross-site scripting vulnerability exists in NCH WebDictate, a web-based dictation recording, editing, and management software, which stems from a failure of the product's Recipient Name field to properly validate user data, which could be exploited to add or modify affected fields...

5.4CVSS1.7AI score0.00585EPSS
Exploits1References1
OSV
OSV
added 2021/07/25 9:15 p.m.1 views

CVE-2021-37469

In NCH WebDictate v2.13 and earlier, authenticated users can abuse logprop?file=/.. path traversal to read files on the filesystem...

6.5CVSS5.8AI score0.01244EPSS
Exploits1References2
NVD
NVD
added 2021/07/25 9:15 p.m.14 views

CVE-2021-37469

In NCH WebDictate v2.13 and earlier, authenticated users can abuse logprop?file=/.. path traversal to read files on the filesystem...

6.5CVSS0.01244EPSS
Exploits1References2
OSV
OSV
added 2021/07/25 9:15 p.m.4 views

CVE-2021-37470

In NCH WebDictate v2.13, persistent Cross Site Scripting XSS exists in the Recipient Name field. An authenticated user can add or modify the affected field to inject arbitrary JavaScript...

5.4CVSS6.2AI score0.00585EPSS
Exploits1References2
Prion
Prion
added 2021/07/25 9:15 p.m.15 views

Path traversal

In NCH WebDictate v2.13 and earlier, authenticated users can abuse logprop?file=/.. path traversal to read files on the filesystem...

4CVSS6.3AI score0.01244EPSS
Exploits1References2Affected Software1
Prion
Prion
added 2021/07/25 9:15 p.m.12 views

Cross site scripting

In NCH WebDictate v2.13, persistent Cross Site Scripting XSS exists in the Recipient Name field. An authenticated user can add or modify the affected field to inject arbitrary JavaScript...

3.5CVSS5.2AI score0.00585EPSS
Exploits1References2Affected Software1
CVE
CVE
added 2021/07/25 8:8 p.m.69 views

CVE-2021-37469

CVE-2021-37469 describes a directory traversal in NCH WebDictate v2.13 and earlier. The root cause is a flawed logprop?file=/… path handling that allows authenticated users to traverse the filesystem and read files. The vulnerability affects the WebDictate component handling file paths and is sup...

6.5CVSS6.2AI score0.01244EPSS
Exploits1References2Affected Software1
Cvelist
Cvelist
added 2021/07/25 8:8 p.m.12 views

CVE-2021-37469

In NCH WebDictate v2.13 and earlier, authenticated users can abuse logprop?file=/.. path traversal to read files on the filesystem...

6.5AI score0.01244EPSS
Exploits1References2
Cvelist
Cvelist
added 2021/07/25 8:8 p.m.17 views

CVE-2021-37470

In NCH WebDictate v2.13, persistent Cross Site Scripting XSS exists in the Recipient Name field. An authenticated user can add or modify the affected field to inject arbitrary JavaScript...

5.5AI score0.00585EPSS
Exploits1References2
CVE
CVE
added 2021/07/25 8:8 p.m.65 views

CVE-2021-37470

CVE-2021-37470 : In NCH WebDictate v2.13, a persistent Cross-Site Scripting (XSS) flaw exists in the Recipient Name field. An authenticated user can modify this field to inject arbitrary JavaScript, enabling script execution associated with the user’s session. Documented references confirm the vu...

5.4CVSS5.2AI score0.00585EPSS
Exploits1References2Affected Software1
CNNVD
CNNVD
added 2021/07/25 12:0 a.m.4 views

NCH WebDictate 路径遍历漏洞

A security vulnerability exists in NCH WebDictate, a web-based dictation recording, editing and management software, which stems from the product's logprop?file=/... path fails to filter incoming special characters, which can be exploited to read critical files...

6.5CVSS5.6AI score0.01244EPSS
Exploits1References3
CNNVD
CNNVD
added 2021/07/25 12:0 a.m.5 views

NCH WebDictate 跨站脚本漏洞

A cross-site scripting vulnerability exists in NCH WebDictate, a web-based dictation recording, editing, and management software, which stems from a failure of the product's Recipient Name field to properly validate user data, which could be exploited to add or modify affected fields...

5.4CVSS5.2AI score0.00585EPSS
Exploits1References3
Rows per page
Query Builder