Количество 312 573
Количество 312 573
GHSA-3w88-gmx5-rx4v
Nortek Linear eMerge E3-Series devices through 0.32-09c place admin credentials in /test.txt that allow an attacker to open a building's doors. (This occurs in situations where the CVE-2019-7271 default credentials have been changed.)
GHSA-3w88-854j-p487
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Hussam Hussien Popup Image allows Stored XSS.This issue affects Popup Image: from n/a through 1.0.1.
GHSA-3w87-pggf-mwm8
An elevation of privilege vulnerability exists when the Windows Universal Plug and Play (UPnP) service improperly handles objects in memory, aka 'Windows UPnP Service Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-0783.
GHSA-3w87-fgr4-8m86
Denial of Service issue in FFmpeg 4.2 due to resource management errors via fftools/cmdutils.c.
GHSA-3w87-5jwj-39vh
USU Oracle Optimization before 5.17.5 lacks Polkit authentication, which allows smartcollector users to achieve root access via pkexec. NOTE: this is not an Oracle Corporation product.
GHSA-3w86-j9mv-8fpr
images/captcha.php in Raven Web Services RavenNuke 2.30, when register_globals and display_errors are enabled, allows remote attackers to determine the existence of local files by sending requests with full pathnames in the aFonts array parameter, and then observing the error messages, which differ between existing and nonexistent pathnames.
GHSA-3w86-8cj7-m4r5
A stack-based buffer overflow in /cgi-bin/activate.cgi while base64 decoding ticket parameter on Draytek Vigor3900, Vigor2960, and Vigor300B devices before 1.5.1 allows remote attackers to achieve code execution via a remote HTTP request (issue 3 of 3).
GHSA-3w85-rr8r-762j
Azure Stack Hub Elevation of Privilege Vulnerability
GHSA-3w85-93xm-x7vx
mccms v2.6.3 is vulnerable to Cross Site Request Forgery (CSRF).
GHSA-3w85-5p9g-h334
Apache ActiveMQ Artemis User Without Create Address Permissions can Modify Address Routing-Type
GHSA-3w84-x2pj-xq9r
Cross-site scripting (XSS) vulnerability in image/view.php in CANDID allows remote attackers to inject arbitrary web script or HTML via the image_id parameter.
GHSA-3w84-6c49-fr7m
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in LambertGroup CountDown Pro WP Plugin allows SQL Injection. This issue affects CountDown Pro WP Plugin: from n/a through 2.7.
GHSA-3w84-4mjc-rjw7
IO FinNet tss-lib vulnerable to timing attack from non-constant time scalar multiplication
GHSA-3w84-2h42-qpcw
In multiple locations, there is a possible way to bypass KASLR due to an unusual root cause. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.
GHSA-3w83-5mjq-8xj8
Denial of service (DoS) vulnerability in the office service. Successful exploitation of this vulnerability may affect availability.
GHSA-3w7x-x254-3q76
Information disclosure while processing information on firmware image during core initialization.
GHSA-3w7x-q6xx-cqg3
A vulnerability, which was classified as problematic, was found in MAGESH-K21 Online-College-Event-Hall-Reservation-System 1.0. Affected is an unknown function of the file /admin/receipt.php. The manipulation of the argument id leads to cross site scripting. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. VDB-256962 is the identifier assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.
GHSA-3w7x-89vw-qj79
** DISPUTED ** SQL injection vulnerability in search.php in X-Cart Gold and Pro 4.0.18, and X-Cart 4.1.0 beta 1, allows remote attackers to execute arbitrary SQL commands via the "Search for pattern" field, when the settings specify only "Search in Detailed description" and "Search also in ISBN." NOTE: the vendor disputed this issue in a comment on the original researcher's blog, saying "the bug does not impose any security threat and remote attackers can't add, modify, or delete information in the back-end database by sending specially-crafted SQL statements to the search.php script using various search parameters." As of 20060605, the original blog entry is unavailable, although ISS also reports the same dispute. CVE has not been able to investigate this issue further, although the researcher sometimes makes inaccurate claims.
GHSA-3w7x-45wj-hgjm
Directory traversal vulnerability in index.php in OneOrZero AIMS 2.6.0 Members Edition allows remote authenticated users to read arbitrary files via directory traversal sequences in the controller parameter in a show_report action.
GHSA-3w7r-v4fr-r43w
Incomplete system memory cleanup in SEV firmware could allow a privileged attacker to corrupt guest private memory, potentially resulting in a loss of data integrity.
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
GHSA-3w88-gmx5-rx4v Nortek Linear eMerge E3-Series devices through 0.32-09c place admin credentials in /test.txt that allow an attacker to open a building's doors. (This occurs in situations where the CVE-2019-7271 default credentials have been changed.) | CVSS3: 8.2 | 81% Высокий | больше 3 лет назад | |
GHSA-3w88-854j-p487 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Hussam Hussien Popup Image allows Stored XSS.This issue affects Popup Image: from n/a through 1.0.1. | CVSS3: 6.5 | 0% Низкий | около 1 года назад | |
GHSA-3w87-pggf-mwm8 An elevation of privilege vulnerability exists when the Windows Universal Plug and Play (UPnP) service improperly handles objects in memory, aka 'Windows UPnP Service Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-0783. | 1% Низкий | больше 3 лет назад | ||
GHSA-3w87-fgr4-8m86 Denial of Service issue in FFmpeg 4.2 due to resource management errors via fftools/cmdutils.c. | 1% Низкий | больше 3 лет назад | ||
GHSA-3w87-5jwj-39vh USU Oracle Optimization before 5.17.5 lacks Polkit authentication, which allows smartcollector users to achieve root access via pkexec. NOTE: this is not an Oracle Corporation product. | CVSS3: 7.8 | 0% Низкий | почти 4 года назад | |
GHSA-3w86-j9mv-8fpr images/captcha.php in Raven Web Services RavenNuke 2.30, when register_globals and display_errors are enabled, allows remote attackers to determine the existence of local files by sending requests with full pathnames in the aFonts array parameter, and then observing the error messages, which differ between existing and nonexistent pathnames. | 7% Низкий | почти 4 года назад | ||
GHSA-3w86-8cj7-m4r5 A stack-based buffer overflow in /cgi-bin/activate.cgi while base64 decoding ticket parameter on Draytek Vigor3900, Vigor2960, and Vigor300B devices before 1.5.1 allows remote attackers to achieve code execution via a remote HTTP request (issue 3 of 3). | CVSS3: 9.8 | 6% Низкий | больше 3 лет назад | |
GHSA-3w85-rr8r-762j Azure Stack Hub Elevation of Privilege Vulnerability | CVSS3: 8.2 | 1% Низкий | больше 1 года назад | |
GHSA-3w85-93xm-x7vx mccms v2.6.3 is vulnerable to Cross Site Request Forgery (CSRF). | CVSS3: 8.8 | 0% Низкий | почти 3 года назад | |
GHSA-3w85-5p9g-h334 Apache ActiveMQ Artemis User Without Create Address Permissions can Modify Address Routing-Type | CVSS3: 4.3 | 0% Низкий | 10 месяцев назад | |
GHSA-3w84-x2pj-xq9r Cross-site scripting (XSS) vulnerability in image/view.php in CANDID allows remote attackers to inject arbitrary web script or HTML via the image_id parameter. | 2% Низкий | больше 3 лет назад | ||
GHSA-3w84-6c49-fr7m Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in LambertGroup CountDown Pro WP Plugin allows SQL Injection. This issue affects CountDown Pro WP Plugin: from n/a through 2.7. | CVSS3: 8.5 | 0% Низкий | 9 месяцев назад | |
GHSA-3w84-4mjc-rjw7 IO FinNet tss-lib vulnerable to timing attack from non-constant time scalar multiplication | CVSS3: 9.1 | 0% Низкий | почти 3 года назад | |
GHSA-3w84-2h42-qpcw In multiple locations, there is a possible way to bypass KASLR due to an unusual root cause. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. | CVSS3: 4.4 | 0% Низкий | около 1 года назад | |
GHSA-3w83-5mjq-8xj8 Denial of service (DoS) vulnerability in the office service. Successful exploitation of this vulnerability may affect availability. | CVSS3: 5.5 | 0% Низкий | 4 месяца назад | |
GHSA-3w7x-x254-3q76 Information disclosure while processing information on firmware image during core initialization. | CVSS3: 6.1 | 0% Низкий | около 1 года назад | |
GHSA-3w7x-q6xx-cqg3 A vulnerability, which was classified as problematic, was found in MAGESH-K21 Online-College-Event-Hall-Reservation-System 1.0. Affected is an unknown function of the file /admin/receipt.php. The manipulation of the argument id leads to cross site scripting. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. VDB-256962 is the identifier assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. | CVSS3: 3.5 | 0% Низкий | почти 2 года назад | |
GHSA-3w7x-89vw-qj79 ** DISPUTED ** SQL injection vulnerability in search.php in X-Cart Gold and Pro 4.0.18, and X-Cart 4.1.0 beta 1, allows remote attackers to execute arbitrary SQL commands via the "Search for pattern" field, when the settings specify only "Search in Detailed description" and "Search also in ISBN." NOTE: the vendor disputed this issue in a comment on the original researcher's blog, saying "the bug does not impose any security threat and remote attackers can't add, modify, or delete information in the back-end database by sending specially-crafted SQL statements to the search.php script using various search parameters." As of 20060605, the original blog entry is unavailable, although ISS also reports the same dispute. CVE has not been able to investigate this issue further, although the researcher sometimes makes inaccurate claims. | CVSS3: 9.8 | 1% Низкий | почти 4 года назад | |
GHSA-3w7x-45wj-hgjm Directory traversal vulnerability in index.php in OneOrZero AIMS 2.6.0 Members Edition allows remote authenticated users to read arbitrary files via directory traversal sequences in the controller parameter in a show_report action. | 3% Низкий | больше 3 лет назад | ||
GHSA-3w7r-v4fr-r43w Incomplete system memory cleanup in SEV firmware could allow a privileged attacker to corrupt guest private memory, potentially resulting in a loss of data integrity. | CVSS3: 4.4 | 0% Низкий | больше 1 года назад |
Уязвимостей на страницу