Lucene search
K

26 matches found

RedHat Linux
RedHat Linux
added 2024/04/30 9:57 a.m.3 views

kernel: Linux kernel: Privilege escalation via out-of-bounds write in RDMA/siw

A flaw was identified in the Linux kernel RDMA siw implementation where an undefined opcode value could be used during immediate work request flushing while in an error state. The send queue element opcode was not correctly set, which could lead to an out-of-bounds access when mapping between the...

5.8AI score0.00206EPSS
Exploits0References5
OSV
OSV
added 2024/03/05 11:15 p.m.2 views

CVE-2023-48644

An issue was discovered in the Archibus app 4.0.3 for iOS. There is an XSS vulnerability in the create work request feature of the maintenance module, via the description field. This allows an attacker to perform an action on behalf of the user, exfiltrate data, and so on...

6.1CVSS5.8AI score0.00312EPSS
Exploits0References2
CNNVD
CNNVD
added 2024/03/05 12:0 a.m.3 views

ARCHIBUS Cross-Site Scripting Vulnerability

ARCHIBUS is a software platform from ARCHIBUS focused on helping organizations effectively manage their real estate, facilities and infrastructure to improve efficiency, reduce costs and support strategic planning. A cross-site scripting vulnerability exists in ARCHIBUS version 4.0.3 iOS, which...

6.1CVSS6.2AI score0.00312EPSS
Exploits0References2
Cvelist
Cvelist
added 2024/03/05 12:0 a.m.13 views

CVE-2023-48644

An issue was discovered in the Archibus app 4.0.3 for iOS. There is an XSS vulnerability in the create work request feature of the maintenance module, via the description field. This allows an attacker to perform an action on behalf of the user, exfiltrate data, and so on...

6AI score0.00312EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2024/03/05 12:0 a.m.10 views

PT-2024-13616 · Archibus · Archibus

Name of the Vulnerable Software and Affected Versions: Archibus app version 4.0.3 for iOS Description: An issue was discovered in the create work request feature of the maintenance module, via the description field. This allows an attacker to perform an action on behalf of the user, exfiltrate...

6.1CVSS6.4AI score0.00312EPSS
Exploits0References6
CVE
CVE
added 2024/03/05 12:0 a.m.67 views

CVE-2023-48644

The CVE-2023-48644 entry affects Archibus app version 4.0.3 on iOS, with a cross-site scripting (XSS) vulnerability in the description field of the maintenance module’s Create Work Request feature. The underlying issue allows an attacker to perform actions on behalf of the user and exfiltrate dat...

6.1CVSS6AI score0.00312EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder