Microsoft OWA Exchange Server 2003 - 'redir.asp' Open Redirection
Open redirect vulnerability in exchweb/bin/redir.asp in Microsoft Outlook Web Access (OWA) for Exchange Server 2003 SP2 (aka build 6.5.7638) allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the URL...
6.5AI Score
0.033EPSS
Microsoft Exchange Server SSRF Vulnerability
This vulnerability is part of an attack chain that could allow remote code execution on Microsoft Exchange Server. The initial attack requires the ability to make an untrusted connection to Exchange server port 443. Other portions of the chain can be triggered if an attacker already has access or.....
9.1CVSS
8.3AI Score
0.975EPSS
Fortinet FortiWeb - OS command injection in Web GUI (FG-IR-22-163)
The version of FortiWeb installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the FG-IR-22-163 advisory. An improper neutralization of special elements used in an os command ('OS Command Injection') [CWE-78] in FortiWeb 7.0.0...
8.8CVSS
8.1AI Score
0.001EPSS
[SECURITY] Fedora 39 Update: cyrus-imapd-3.8.3-1.fc39
The Cyrus IMAP (Internet Message Access Protocol) server provides access to personal mail, system-wide bulletin boards, news-feeds, calendar and contacts through the IMAP, JMAP, NNTP, CalDAV and CardDAV protocols. The Cyrus IMAP server is a scalable enterprise groupware system designed for use...
6.5CVSS
6.5AI Score
0.0005EPSS
In the Linux kernel, the following vulnerability has been resolved: bpf, sockmap: Don't let sock_map_{close,destroy,unhash} call itself sock_map proto callbacks should never call themselves by design. Protect against bugs like [1] and break out of the recursive loop to avoid a stack overflow in...
7.6AI Score
0.0004EPSS
NextChat is a cross-platform ChatGPT/Gemini UI. There is a Server-Side Request Forgery (SSRF) vulnerability due to a lack of validation of the endpoint GET parameter on the WebDav API endpoint. This SSRF can be used to perform arbitrary HTTPS request from the vulnerable instance (MKCOL, PUT and...
7.4CVSS
EPSS
[SECURITY] Fedora 40 Update: webkitgtk-2.44.2-2.fc40
WebKitGTK is the port of the WebKit web rendering engine to the GTK...
6.9AI Score
0.0004EPSS
GLPI is a free asset and IT management software package. Starting in version 10.0.7 and prior to version 10.0.10, an unverified object instantiation allows one to upload malicious PHP files to unwanted directories. Depending on web server configuration and available system libraries, malicious PHP....
10CVSS
7.2AI Score
0.001EPSS
Mattermost version 8.1.6 and earlier fails to sanitize channel mention data in posts, which allows an attacker to inject markup in the web...
6.1CVSS
7AI Score
0.0005EPSS
TimThumb Cache Directory 'src' Parameter Arbitrary PHP File Upload
The version of TimThumb hosted on the remote web server allows an unauthenticated, remote attacker to upload arbitrary PHP files as specified by input to the 'src' parameter and retrieved from third- party sites to its cache directory. It's likely that these files can then be executed by...
9.9AI Score
0.067EPSS
MileSight DeviceHub - CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site...
6.1CVSS
7AI Score
0.0004EPSS
MileSight DeviceHub - CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site...
6.1CVSS
6.3AI Score
0.0004EPSS
NextChat is a cross-platform ChatGPT/Gemini UI. There is a Server-Side Request Forgery (SSRF) vulnerability due to a lack of validation of the endpoint GET parameter on the WebDav API endpoint. This SSRF can be used to perform arbitrary HTTPS request from the vulnerable instance (MKCOL, PUT and...
7.4CVSS
7.6AI Score
EPSS
MoinMoin Multiple cross-site scripting (XSS) vulnerabilities
Multiple cross-site scripting (XSS) vulnerabilities in macro/AdvancedSearch.py in moin (and MoinMoin) 1.6.3 and 1.7.0 allow remote attackers to inject arbitrary web script or HTML via unspecified...
6.1AI Score
0.01EPSS
Missing Access Check in TYPO3 CMS
Extbase request handling fails to implement a proper access check for requested controller/ action combinations, which makes it possible for an attacker to execute arbitrary Extbase actions by crafting a special request. To successfully exploit this vulnerability, an attacker must have access to...
7.9AI Score
XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. org.xwiki.platform:xwiki-platform-web starting in version 3.1-milestone-1 and prior to 13.4-rc-1, org.xwiki.platform:xwiki-platform-web-templates prior to versions 14.10.2 and 15.5-rc-1, and...
9CVSS
8.1AI Score
0.002EPSS
Grafana Spoofing originalUrl of snapshots
To create a snapshot (and insert an arbitrary URL) the built-in role Viewer is sufficient. When a dashboard is shared as a local snapshot, the following three fields are offered in the web UI for a user to fill out: • Snapshotname • Expire • Timeout(seconds) After the user confirms creation of the....
6.7CVSS
3.9AI Score
0.001EPSS
5.4CVSS
6.4AI Score
0.0005EPSS
Mattermost Cross-site Scripting vulnerability
Mattermost version 8.1.6 and earlier fails to sanitize channel mention data in posts, which allows an attacker to inject markup in the web...
6.1CVSS
6.2AI Score
0.0005EPSS
Mattermost version 8.1.6 and earlier fails to sanitize channel mention data in posts, which allows an attacker to inject markup in the web...
6.1CVSS
6.2AI Score
0.0005EPSS
A vulnerability in the web services interface of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to retrieve memory contents on an affected device, which could lead to the disclosure of confidential.....
7.5CVSS
7.1AI Score
0.027EPSS
[SECURITY] Fedora 40 Update: qt5-qtgamepad-5.15.14-1.fc40
Qt Gamepad provides a way to display web content in a QML application without necessarily including a full web browser stack by using native APIs where it makes...
6.6AI Score
0.0004EPSS
A vulnerability in the web services interface of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to retrieve memory contents on an affected device, which could lead to the disclosure of confidential.....
7.5CVSS
7.7AI Score
0.027EPSS
[SECURITY] Fedora 39 Update: chromium-126.0.6478.55-1.fc39
Chromium is an open-source web browser, powered by WebKit...
8.8CVSS
7.5AI Score
0.001EPSS
RHEL 8 : RHV Manager (ovirt-engine) security update [ovirt-4.4.9] (Moderate) (RHSA-2021:4626)
The remote Redhat Enterprise Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2021:4626 advisory. The ovirt-engine package provides the manager for virtualization environments. This manager enables admins to define hosts and networks,...
7.5CVSS
9.2AI Score
0.012EPSS
Monitorr 1.7.6m - Unauthenticated Remote Code Execution
Monitorr 1.7.6m is susceptible to a remote code execution vulnerability. Improper input validation and lack of authorization leads to arbitrary file uploads in the web application. An unauthorized attacker with web access to could upload and execute a specially crafted file, leading to remote code....
9.8CVSS
9.7AI Score
0.968EPSS
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Web-Settler Landing Page Builder – Free Landing Page Templates allows Path Traversal.This issue affects Landing Page Builder – Free Landing Page Templates: from n/a through...
6.8CVSS
6.7AI Score
0.0004EPSS
Check Point SecureRemote (SecuRemote) Information Disclosure Vulnerability - Active Check
The remote host seems to be a Check Point FireWall-1 running SecureRemote (SecuRemote). The SecuRemote service contains a vulnerability that allows attackers to gain information about the hosts, networks, and users configured on the...
6.7AI Score
0.02EPSS
Oracle E-Business Suite - Blind SSRF
Oracle E-Business Suite, Application Management Pack component (User Monitoring subcomponent), is susceptible to blind server-side request forgery. An attacker with network access via HTTP can gain read access to a subset of data, connect to internal services like HTTP-enabled databases, or...
5.3CVSS
4.9AI Score
0.005EPSS
Meshery is an open source, cloud native manager that enables the design and management of Kubernetes-based infrastructure and applications. A SQL injection vulnerability in Meshery prior to version 0.7.22 may lead to arbitrary file write by using a SQL injection stacked queries payload, and the...
5.9CVSS
7.5AI Score
0.0004EPSS
[SECURITY] Fedora 40 Update: qt5-qtwebview-5.15.14-1.fc40
Qt WebView provides a way to display web content in a QML application without necessarily including a full web browser stack by using native APIs where it makes...
6.6AI Score
0.0004EPSS
Server-Side Request Forgery in langchain
A Server-Side Request Forgery (SSRF) vulnerability exists in the Web Research Retriever component of langchain-ai/langchain version 0.1.5. The vulnerability arises because the Web Research Retriever does not restrict requests to remote internet addresses, allowing it to reach local addresses. This....
4.8CVSS
7.5AI Score
0.0004EPSS
GeoServer OGC Filter - SQL Injection
GeoServer is an open source software server written in Java that allows users to share and edit geospatial data. GeoServer includes support for the OGC Filter expression language and the OGC Common Query Language (CQL) as part of the Web Feature Service (WFS) and Web Map Service (WMS) protocols....
9.8CVSS
9.4AI Score
0.58EPSS
An Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in SUSE Rancher allows users in some higher-privileged groups to to inject code that is executed within another user's browser, allowing the attacker to steal sensitive information, manipulate...
8.4CVSS
7.1AI Score
0.001EPSS
Malicious code in galileo-web-sdk (npm)
-= Per source details. Do not edit below this line.=- Source: ghsa-malware (a1ea1d3425cddab091828432f9dffef7f8bc36f5fbf9bcd0e01dffe737417e92) Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
7AI Score
Server-Side Request Forgery in langchain
A Server-Side Request Forgery (SSRF) vulnerability exists in the Web Research Retriever component of langchain-ai/langchain version 0.1.5. The vulnerability arises because the Web Research Retriever does not restrict requests to remote internet addresses, allowing it to reach local addresses. This....
4.8CVSS
5.6AI Score
0.0004EPSS
RHEL 6 : python-twisted (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. python-twisted: Improper neutralization of CRLF characters in URIs and HTTP methods (CVE-2019-12387) Note that...
6.1CVSS
6.4AI Score
0.002EPSS
[SECURITY] Fedora 40 Update: chromium-126.0.6478.55-1.fc40
Chromium is an open-source web browser, powered by WebKit...
8.8CVSS
7.5AI Score
0.001EPSS
ASP.NET and .NET are vulnerable to Denial of Service. The vulnerability is due to the Kestrel web server detecting a malicious client but failing to disconnect, resulting in Denial of...
7.5CVSS
6.8AI Score
0.007EPSS
namshi/jose - Verification bypass
Several widely-used JSON Web Token (JWT) libraries, including node-jsonwebtoken, pyjwt, namshi/jose, php-jwt, and jsjwt, are affected by critical vulnerabilities that could allow attackers to bypass the verification step when using asymmetric keys (RS256, RS384, RS512, ES256, ES384,...
7.3AI Score
Episodex Guestbook Unauthorized Access and HTML Injection Vulnerability
The remote version of Episodex Guestbook contains an input validation flaw leading to the execution on attacker supplied HTML and script code. In addition an unauthenticated remote attacker can directly access administrator...
6.7AI Score
0.006EPSS
0.8AI Score
AVEVA InduSoft Web Studio / InTouch Machine Edition Command 81 mbstowcs() Stack Overflow
The AVEVA InduSoft Web Studio (IWS) or InTouch Machine Edition (ITME) running on the remote host is affected by a remote code execution vulnerability due to a stack overflow condition when handling command 81 in the TCPIP server listening on the default port 1234. An unauthenticated, remote...
9.8CVSS
3.3AI Score
0.014EPSS
RHEL 7 : OpenShift Container Platform 3.11 (RHSA-2020:2217)
The remote Redhat Enterprise Linux 7 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2020:2217 advisory. Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private ...
6.9CVSS
7.4AI Score
0.061EPSS
dicourse-calendar is a plugin for the Discourse messaging platform which adds the ability to create a dynamic calendar in the first post of a topic. Improper escaping of event titles could lead to Cross-site Scripting (XSS) within the 'email preview' UI when a site has CSP disabled. Having CSP...
8CVSS
6.2AI Score
0.001EPSS
Modicon PLC Web Password Status Disclosure SNMP Request Password Status Remote Disclosure
The Modicon Quantum, Premium and Momentum brands of PLC's have a private SNMP MIB that is available on the Internet. The Web Password Status has been obtained via an SNMP Get Request. The Web Password Status is either enabled or disabled. A Web Password Status of disabled identifies a...
1.6AI Score
Exploit for Improper Control of Interaction Frequency in Asus Gt-Axe11000 Firmware
easy-exploits The current repository contains exploits of...
7AI Score
Exploit for OS Command Injection in Tenda Hg9 Firmware
CVE-2022-30023 Authenticated Command Injection on Tenda HG9...
8.8CVSS
9.7AI Score
0.002EPSS
Meshery is an open source, cloud native manager that enables the design and management of Kubernetes-based infrastructure and applications. A SQL injection vulnerability in Meshery prior to version 0.7.22 may lead to arbitrary file write by using a SQL injection stacked queries payload, and the...
5.9CVSS
7.5AI Score
0.0004EPSS
Netis MW5360 Remote Command Execution Exploit
The Netis MW5360 router has a command injection vulnerability via the password parameter on the login page. The vulnerability stems from improper handling of the "password" parameter within the router's web interface. The router's login page authorization can be bypassed by simply deleting the...
9.8CVSS
7.8AI Score
0.005EPSS