Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.34 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful...
4.9CVSS
6AI Score
0.0004EPSS
Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that are affected are 8.0.30 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of...
4.9CVSS
7.3AI Score
0.001EPSS
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.35 and prior and 8.2.0 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL...
6.5CVSS
6.4AI Score
0.0004EPSS
Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that are affected are 8.0.32 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of...
4.9CVSS
6AI Score
0.0004EPSS
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Partition). Supported versions that are affected are 8.0.32 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful...
4.9CVSS
5.2AI Score
0.001EPSS
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.32 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful...
4.9CVSS
5.2AI Score
0.001EPSS
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.32 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful...
6.5CVSS
6.4AI Score
0.001EPSS
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.32 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful...
4.9CVSS
5.2AI Score
0.001EPSS
Heap-buffer-overflow in zim_ReflectionEnumBackedCase_getBackingValue
OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=49068 Crash type: Heap-buffer-overflow READ 4 Crash state: zim_ReflectionEnumBackedCase_getBackingValue execute_internal...
-0.3AI Score
Exploit for OS Command Injection in Php
CVE-2024-4577: Critical Vulnerability in PHP's CGI...
9.8CVSS
9.8AI Score
0.967EPSS
Exploit for PHP External Variable Modification in Juniper Junos
CVE-2023-36844 , CVE-2023-36845 , CVE-2023-36846 ,...
5.3CVSS
8.4AI Score
0.714EPSS
9.8CVSS
7.6AI Score
0.966EPSS
Exploit for Uncontrolled Resource Consumption in Quic-Go Project Quic-Go
QUIC-attacks (CVE-2022-30591) The current repository serves...
7.5AI Score
9.8CVSS
10AI Score
0.967EPSS
9.8CVSS
7.9AI Score
0.966EPSS
Exploit for OS Command Injection in Php
CVE-2024-4577 Vulnerability Checker This script is designed...
9.8CVSS
9.6AI Score
0.967EPSS
Exploit for Out-of-bounds Write in Polkit Project Polkit
CVE-2021-4034 CVE-2021-4034 centos8可用版本...
7.8CVSS
8.6AI Score
0.001EPSS
Exploit for OS Command Injection in Php
TG Join Us https://t.me/WanLiChangChengWanLiChang...
9.8CVSS
9.7AI Score
0.967EPSS
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.2.0 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful...
6.5CVSS
6.4AI Score
0.0004EPSS
SQL injection in School Management System 1.0 allows remote attackers to modify or delete data, causing persistent changes to the application's content or behavior by using malicious SQL...
9.8CVSS
8AI Score
0.001EPSS
Exploit for Off-by-one Error in Sudo Project Sudo
PE_CVE-CVE-2021-3156 Exploit for Ubuntu 20.04 using...
7.8CVSS
8.6AI Score
0.97EPSS
** UNSUPPORTED WHEN ASSIGNED ** A vulnerability was found in Magnesium-PHP up to 0.3.0. It has been classified as problematic. Affected is the function formatEmailString of the file src/Magnesium/Message/Base.php. The manipulation of the argument email/name leads to injection. Upgrading to version....
9.8CVSS
7.8AI Score
0.001EPSS
Album Gallery – WordPress Gallery < 1.5.8 - Missing Authorization
Description The Album Gallery – WordPress Gallery plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the ajax_album_gallery and _ag_save_settings functions in versions up to, and including, 1.5.7. This makes it possible for authenticated...
4.3CVSS
6.4AI Score
0.0004EPSS
Malicious code in arproxy-plugin-mysql-casual_log (RubyGems)
-= Per source details. Do not edit below this...
7.1AI Score
Malicious code in watch-puss-in-boots-the-last-wish-2023-full-online-free-on-streaming-at-home (npm)
-= Per source details. Do not edit below this...
7.1AI Score
Malicious code in 1.7m-views-in-boots-the-last-wish-2023-full-online-free-on-streaming-at-home (npm)
-= Per source details. Do not edit below this...
7.1AI Score
Malicious code in 7.7m-views-in-boots-the-last-wish-2023-full-online-free-on-streaming-at-home (npm)
-= Per source details. Do not edit below this...
7.1AI Score
Malicious code in 5.7m-views-in-boots-the-last-wish-2023-full-online-free-on-streaming-at-home (npm)
-= Per source details. Do not edit below this...
7.1AI Score
Malicious code in 4.7m-views-in-boots-the-last-wish-2023-full-online-free-on-streaming-at-home (npm)
-= Per source details. Do not edit below this...
7.1AI Score
in-toto is a framework to protect supply chain integrity. The in-toto configuration is read from various directories and allows users to configure the behavior of the framework. The files are from directories following the XDG base directory specification. In versions 1.4.0 and prior, among the...
5.5CVSS
7.4AI Score
0.0004EPSS
-= Per source details. Do not edit below this...
7.1AI Score
Malicious code in 6.7m-views-in-boots-the-last-wish-2023-full-online-free-on-streaming-at-home (npm)
-= Per source details. Do not edit below this...
7.1AI Score
Malicious code in 2.7m-views-in-boots-the-last-wish-2023-full-online-free-on-streaming-at-home (npm)
-= Per source details. Do not edit below this...
7.1AI Score
Malicious code in 3.7m-views-in-boots-the-last-wish-2023-full-online-free-on-streaming-at-home (npm)
-= Per source details. Do not edit below this...
7.1AI Score
7.1AI Score
Intel 2024.1 IPU - BIOS March 2024 Security Updates
Intel has informed HP of potential security vulnerabilities identified in some Intel® Processors and/or BIOS Firmware for some Intel® Processors which may allow escalation of privilege, denial of service, or information disclosure. Intel is releasing firmware updates to mitigate this potential...
7.2CVSS
7.8AI Score
0.001EPSS
Exploit for Improper Check for Unusual or Exceptional Conditions in Polkit Project Polkit
Description As part of my cybersecurity thesis I wanted to...
7.8CVSS
8.3AI Score
0.012EPSS
A vulnerability, which was classified as problematic, was found in sproctor php-calendar. This affects an unknown part of the file index.php. The manipulation of the argument $_SERVER['PHP_SELF'] leads to cross site scripting. It is possible to initiate the attack remotely. The name of the patch...
6.1CVSS
6.2AI Score
0.001EPSS
kanboard -- Project Takeover via IDOR in ProjectPermissionController
[email protected] reports: Kanboard is project management software that focuses on the Kanban methodology. The vuln is in app/Controller/ProjectPermissionController.php function addUser(). The users permission to add users to a project only get checked on the URL...
8.2CVSS
8AI Score
0.0004EPSS
CVE-2021-21702 affecting package php 7.4.14-3
CVE-2021-21702 affecting package php 7.4.14-3. This CVE either no longer is or was never...
7.5CVSS
8.2AI Score
0.012EPSS
CVE-2022-31625 affecting package php 7.4.14-3
CVE-2022-31625 affecting package php 7.4.14-3. This CVE either no longer is or was never...
8.1CVSS
9.8AI Score
0.004EPSS
CVE-2021-21708 affecting package php 7.4.14-3
CVE-2021-21708 affecting package php 7.4.14-3. This CVE either no longer is or was never...
9.8CVSS
9.9AI Score
0.003EPSS
8.2AI Score
CVE-2021-21704 affecting package php 7.4.14-3
CVE-2021-21704 affecting package php 7.4.14-3. This CVE either no longer is or was never...
5.9CVSS
7AI Score
0.004EPSS
CVE-2007-3205 affecting package php 7.4.14-3
CVE-2007-3205 affecting package php 7.4.14-3. This CVE either no longer is or was never...
6.9AI Score
0.065EPSS
CVE-2022-31629 affecting package php 7.4.14-3
CVE-2022-31629 affecting package php 7.4.14-3. This CVE either no longer is or was never...
6.5CVSS
9.9AI Score
0.006EPSS
CVE-2017-9120 affecting package php 7.4.14-3
CVE-2017-9120 affecting package php 7.4.14-3. This CVE either no longer is or was never...
9.8CVSS
7.5AI Score
0.009EPSS
CVE-2017-8923 affecting package php 7.4.14-3
CVE-2017-8923 affecting package php 7.4.14-3. This CVE either no longer is or was never...
9.8CVSS
7.5AI Score
0.005EPSS
PDF.js < 4.2.67 - Arbitrary JavaScript Execution
Description PDF.js is vulnerable to Arbitrary JavaScript Execution in versions prior to 4.2.67. This is due to a missing type check when handling fonts. This makes it possible for authenticated attackers, with contributor-level or above permissions, to execute arbitrary JavaScript if they can...
6.5AI Score
0.0004EPSS
Exploit for Improper Check for Unusual or Exceptional Conditions in Polkit Project Polkit
PolicyKit CVE-2021-3560 Exploit (Authentication Agent)...
7.8CVSS
7.3AI Score
0.012EPSS