Lucene search
K

1086 matches found

RedhatCVE
RedhatCVE
added 2025/10/31 10:7 p.m.5 views

CVE-2023-7325

Anheng Mingyu Operation and Maintenance Audit and Risk Control System up to 2023-08-10 contains a server-side request forgery SSRF vulnerability in the xmlrpc.sock handler. The product accepts specially crafted XML-RPC requests that can be used to instruct the server to connect to internal unix...

9.3CVSS7.1AI score0.0037EPSS
Exploits0References1
CVE
CVE
added 2025/10/30 9:17 p.m.15 views

CVE-2023-7325

CVE-2023-7325 affects Anheng Mingyu Operation and Maintenance Audit and Risk Control System up to 2023-08-10. The vulnerability is a server-side request forgery (SSRF) in the xmlrpc.sock handler that accepts crafted XML-RPC requests to reach internal unix socket RPC endpoints and execute privileg...

9.3CVSS6.8AI score0.0037EPSS
In wildExploits0References3
Cvelist
Cvelist
added 2025/10/30 9:17 p.m.11 views

CVE-2023-7325 Mingyu Operations and Maintenance Audit and Risk Control System xmlrpc.sock SSRF

Anheng Mingyu Operation and Maintenance Audit and Risk Control System up to 2023-08-10 contains a server-side request forgery SSRF vulnerability in the xmlrpc.sock handler. The product accepts specially crafted XML-RPC requests that can be used to instruct the server to connect to internal unix...

9.3CVSS0.0037EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2025/10/30 12:0 a.m.9 views

PT-2025-44460

Name of the Vulnerable Software and Affected Versions Anheng Mingyu Operation and Maintenance Audit and Risk Control System versions prior to 2023-08-10 Description The software contains a server-side request forgery SSRF issue in the xmlrpc.sock handler. The system is susceptible to specially...

9.3CVSS6.9AI score0.0037EPSS
Exploits0References6
OSV
OSV
added 2025/10/28 2:41 p.m.9 views

SUSE-SU-2025:3839-1 Security update 5.1.1 for Multi-Linux Manager Server

This update fixes the following issues: Multi-Linux-Manager-Server-SLE-release: - Update for the release packages for fixing the EOL - Fixed migration issue bsc1243486 server-attestation-image was updated from version 5.1.7 to 5.1.10: - CVE-2025-53192: Do not use apache-commons-ognl but its...

8.8CVSS5.8AI score0.0052EPSS
Exploits0References23
Tenable Nessus
Tenable Nessus
added 2025/10/28 12:0 a.m.3 views

Amazon Linux 2023 : xmlrpc-c, xmlrpc-c-apps, xmlrpc-c-c++ (ALAS2023-2025-1229)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2025-1229 advisory. libexpat through 2.5.0 allows a denial of service resource consumption because many full reparsings are required in the case of a large token for which multiple buffer fills are needed...

7.5CVSS7.2AI score0.02006EPSS
Exploits3References12
Amazon
Amazon
added 2025/10/27 12:0 a.m.5 views

Important: xmlrpc-c

Issue Overview: libexpat through 2.5.0 allows a denial of service resource consumption because many full reparsings are required in the case of a large token for which multiple buffer fills are needed. Considering the tradeoff between the stability of Amazon Linux and the impact of CVE-2023-52425...

7.5CVSS7.4AI score0.02006EPSS
Exploits3
RedhatCVE
RedhatCVE
added 2025/10/25 6:17 a.m.9 views

CVE-2025-9978

The Jeg Kit for Elementor WordPress plugin before 2.7.0 does not sanitize SVG file contents when uploaded via xmlrpc.php, leading to a cross site scripting vulnerability...

6.8CVSS6.2AI score0.00275EPSS
Exploits0References1
NVD
NVD
added 2025/10/24 6:15 a.m.5 views

CVE-2025-9978

The Jeg Kit for Elementor WordPress plugin before 2.7.0 does not sanitize SVG file contents when uploaded via xmlrpc.php, leading to a cross site scripting vulnerability...

6.8CVSS0.00275EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/10/24 6:0 a.m.6 views

CVE-2025-9978 Jeg Elementor Kit < 2.7.0 - Author+ Stored XSS

The Jeg Kit for Elementor WordPress plugin before 2.7.0 does not sanitize SVG file contents when uploaded via xmlrpc.php, leading to a cross site scripting vulnerability...

5.8AI score0.00275EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/10/07 6:9 a.m.16 views

CVE-2025-9703

The Ultimate Addons for Elementor Formerly Elementor Header & Footer Builder WordPress plugin before 2.5.0 does not sanitize SVG file contents when uploaded through the xmlrpc.php endpoint using base64 encode, leading to a Cross-Site Scripting vulnerability...

4.3CVSS6.2AI score0.00165EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2007-4116

Malware in sbrugna...

6.5CVSS6.4AI score0.02437EPSS
Exploits0References7
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2014-2957

Malware in sbrugna...

10CVSS6.4AI score0.04373EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/07 12:30 a.m.7 views

EUVD-2014-2075

Malware in sbrugna...

9.8CVSS9.3AI score0.04145EPSS
Exploits5References7
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2014-2073

Malware in sbrugna...

3.5CVSS9.4AI score0.03389EPSS
Exploits4References9
EUVD
EUVD
added 2025/10/07 12:30 a.m.9 views

EUVD-2010-0005

Malware in sbrugna...

6.8CVSS6AI score0.02181EPSS
Exploits0References28
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2014-8004

Malware in sbrugna...

6.5CVSS6.6AI score0.0152EPSS
Exploits0References4
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2010-0428

Malware in sbrugna...

5CVSS6AI score0.11528EPSS
Exploits2References20
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2005-2114

Malware in sbrugna...

7.5CVSS6.4AI score0.01247EPSS
Exploits2References5
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2014-3616

Malware in sbrugna...

5CVSS9.3AI score0.27018EPSS
Exploits1References35
Rows per page
Query Builder