Lucene search
K

105 matches found

OSV
OSV
added 2025/11/05 4:13 p.m.1 views

CGA-HRHV-XXXX-HQFH

Bulletin has no description...

4.3CVSS7AI score0.00419EPSS
Exploits0
OSV
OSV
added 2024/10/09 9:9 a.m.21 views

SUSE-SU-2024:3564-1 Security update for the Linux Kernel

The SUSE Linux Enterprise 15 SP6 RT kernel was updated to receive various security bugfixes. The following security bugs were fixed: - CVE-2023-52610: net/sched: actct: fix skb leak and crash on ooo frags bsc1221610. - CVE-2023-52752: smb: client: fix use-after-free bug in cifsdebugdataprocshow...

7.8CVSS8.2AI score0.00992EPSS
Exploits3References373
Packet Storm
Packet Storm
added 2024/09/01 12:0 a.m.224 views

Dolibarr 16 Pre-auth Contact Database Dump

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Dolibarr 16 pre-auth contact database dump', 'Description' = %q Dolibarr version 16 'Vladimir TOUTAIN', 'Nolan LOSSIGNOL-DRILLIEN' , 'License' =...

7.4AI score
Exploits0
Openbugbounty
Openbugbounty
added 2023/11/11 3:7 a.m.7 views

qrad.de Improper Access Control vulnerability OBB-3777093

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

6.9AI score
Exploits0
Openbugbounty
Openbugbounty
added 2023/09/12 4:50 a.m.10 views

riffx.fr Cross Site Scripting vulnerability OBB-3673045

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

6.1AI score
Exploits0
Openbugbounty
Openbugbounty
added 2023/06/14 9:22 a.m.16 views

penzionpltnik.sk Cross Site Scripting vulnerability OBB-3428299

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

6.1AI score
Exploits0
Prion
Prion
added 2023/04/27 8:15 p.m.18 views

Design/Logic Flaw

Docker Desktop before 4.6.0 on Windows allows attackers to delete any file through the hyperv/destroy dockerBackendV2 API via a symlink in the DataFolder parameter, a different vulnerability than CVE-2022-26659...

3.2CVSS6.7AI score0.00425EPSS
Exploits0References2Affected Software1
Packet Storm
Packet Storm
added 2023/03/27 12:0 a.m.152 views

Explorer32++ 1.3.5.531 Buffer Overflow

Exploit Title: Explorer32++ 1.3.5.531 - Buffer overflow Discovery by: Rafael Pedrero Discovery Date: 2022-01-09 Vendor Homepage: http://www.explorerplusplus.com/ Software Link : http://www.explorerplusplus.com/ Tested Version: 1.3.5.531 Tested on: Windows 10 CVSS v3: 7.3 CVSS vector:...

6.8AI score
Exploits0
OSV
OSV
added 2023/01/25 7:35 p.m.33 views

GHSA-7M72-MH5R-6J3R Privilege escalation in project role template binding (PRTB) and -promoted roles

Impact An issue was discovered in Rancher versions from 2.5.0 up to and including 2.5.16 and from 2.6.0 up to and including 2.6.9, where an authorization logic flaw allows privilege escalation via project role template binding PRTB and -promoted roles. This issue is not present in Rancher 2.7...

7.2CVSS7.7AI score0.00677EPSS
Exploits1References4
Rapid7 Blog
Rapid7 Blog
added 2022/08/04 2:43 p.m.253 views

QNAP Poisoned XML Command Injection (Silently Patched)

Background CVE-2020-2509 was added to CISA’s Known Exploited Vulnerabilities Catalog in April 2022, and it was listed as one of the “Additional Routinely Exploited Vulnerabilities in 2021” in CISA’s 2021 Top Routinely Exploited Vulnerabilities alert. However, CVE-2020-2509 has no public exploit,...

7.5CVSS0.34168EPSS
Exploits3
OSV
OSV
added 2022/05/17 2:34 a.m.37 views

GHSA-P3RW-88PP-W4JH ChakraCore RCE Vulnerability

A remote code execution vulnerability exists in Microsoft Edge in the way that the Chakra JavaScript engine renders when handling objects in memory, aka "Scripting Engine Memory Corruption Vulnerability." This CVE ID is unique from CVE-2017-0224, CVE-2017-0228, CVE-2017-0229, CVE-2017-0230,...

7.5CVSS7.5AI score0.31582EPSS
Exploits1References7
Packet Storm
Packet Storm
added 2021/05/20 12:0 a.m.141 views

Spotweb-Develop 1.4.9 Cross Site Scripting

Exploit Title: Cross Site Scripting DOM Based spotweb-develop 1.4.9 Author: @nu11secur1ty Testing and Debugging: nu11secur1ty $ OWASP-ZAP Date: 05.20.2021 Vendor: https://www.nzbserver.com/ Link: https://github.com/spotweb/spotweb CVE: 2021-XXXX Proof: https://streamable.com/hix5o1 + Exploit...

7.4AI score
Exploits0
Talos
Talos
added 2021/01/04 12:0 a.m.37 views

Win-911 mobile server platform privilege escalation vulnerability

Summary An exploitable local privilege elevation vulnerability exists in the file system permissions of the Mobile-911 Server V2.5 install directory. Depending on the vector chosen, an attacker can overwrite the service executable and execute arbitrary code with System privileges or replace other...

9.3CVSS9.2AI score0.00608EPSS
Exploits1
Openbugbounty
Openbugbounty
added 2020/10/16 10:45 a.m.9 views

extreza.ru Cross Site Scripting vulnerability OBB-1414299

Following coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: &nbsp&nbsp&nbsp&nbsp&nbsp&nbspa. verified the vulnerability and confirmed its existence; &nbsp&nbsp&nbsp&nbsp&nbsp&nbspb. notified the website operator about its existence...

6.2AI score
Exploits0
Packet Storm
Packet Storm
added 2020/08/15 12:0 a.m.198 views

Wordpress Easy Media Download 1.1.4 Cross Site Scripting

Exploit Title: Wordpress Easy Media Download v1.1.4 - Persistent Cross-Site Scripting Date: 2020-08-14 Vendor Homepage: https://noorsplugin.com/ Vendor Changelog: https://wordpress.org/plugins/easy-media-download/developers Exploit Author: Melbin K Mathew @melbinkm Author Advisory:...

7AI score
Exploits0
Prion
Prion
added 2020/06/17 11:15 a.m.7 views

Out-of-bounds

The Treck TCP/IP stack before 6.0.1.66 has an ICMPv4 Out-of-bounds Read...

5CVSS7.1AI score0.10934EPSS
Exploits1References9Affected Software1
Openbugbounty
Openbugbounty
added 2020/05/30 1:4 p.m.9 views

ihonest.ly Improper Access Control vulnerability

Open Bug Bounty ID: OBB-1178467 Following coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: &nbsp&nbsp&nbsp&nbsp&nbsp&nbspa. verified the vulnerability and confirmed its existence; &nbsp&nbsp&nbsp&nbsp&nbsp&nbspb. notified the website...

0.8AI score
Exploits0
Openbugbounty
Openbugbounty
added 2020/05/01 6:16 a.m.12 views

voices.iit.edu Cross Site Scripting vulnerability

Open Bug Bounty ID: OBB-1153906 Security Researcher r4v550n Helped patch 2 vulnerabilities Received 0 Coordinated Disclosure badges , found a security vulnerability affecting voices.iit.edu website and its users. Following coordinated and responsible vulnerability disclosure guidelines of the ISO...

Exploits0
Prion
Prion
added 2020/04/15 3:15 p.m.14 views

Information disclosure

An information disclosure vulnerability exists when Media Foundation improperly handles objects in memory, aka 'Media Foundation Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2020-0937, CVE-2020-0939, CVE-2020-0945, CVE-2020-0946...

4.3CVSS5.2AI score0.0845EPSS
Exploits0References1Affected Software2
Tenable Nessus
Tenable Nessus
added 2020/03/20 12:0 a.m.39 views

Fedora 31 : chromium (2020-f6271d7afa)

Update to 80.0.3987.132. Lots of security fixes here. VAAPI re-enabled by default except on NVIDIA. List of CVEs fixed since last update : - CVE-2019-20446 - CVE-2020-6381 - CVE-2020-6382 - CVE-2020-6383 - CVE-2020-6384 - CVE-2020-6385 - CVE-2020-6386 - CVE-2020-6387 - CVE-2020-6388 - CVE-2020-63...

8.8CVSS7.5AI score0.78808EPSS
Exploits28References42
Rows per page
Query Builder