CWE-273 CVEs and Security Vulnerabilities

Use the Query Builder to create your own search query, or check out the documentation to learn the search syntax.

CVEs in KEV CVEs with EPSS >= 80% Crit. Microsoft High Apache SQL Injection (CWE-89) Linux Kernel High (CVSS 3.1) Apache Struts RCE (Remote Code Execution) XSS (CWE-79) Critical (CVSS 4.0) CVEs to check

CVE	Vendors	Products	Updated	CVSS v3.1
CVE-2018-16466	1 Nextcloud	1 Nextcloud Server	2024-11-21	N/A
Improper revalidation of permissions in Nextcloud Server prior to 14.0.0, 13.0.6 and 12.0.11 lead to not accepting access restrictions by acess tokens.
CVE-2012-1187	1 Bitlbee	1 Bitlbee	2024-11-21	9.8 Critical
Bitlbee does not drop extra group privileges correctly in unix.c
CVE-2011-3350	1 Marmaro	1 Masqmail	2024-11-21	9.8 Critical
masqmail 0.2.21 through 0.2.30 improperly calls seteuid() in src/log.c and src/masqmail.c that results in improper privilege dropping.
CVE-2011-2921	1 Ktsuss Project	1 Ktsuss	2024-11-21	9.8 Critical
ktsuss versions 1.4 and prior has the uid set to root and does not drop privileges prior to executing user specified commands, which can result in command execution with root privileges.

« first previous Page 3 of 3.