Lucene search
K

1815 matches found

ATTACKERKB
ATTACKERKB
added 2026/07/02 11:15 a.m.10 views

CVE-2026-42382

Unauthenticated Local File Inclusion in Audrey = 1.5 versions...

8.1CVSS5.8AI score0.00303EPSS
Exploits0References2
CVE
CVE
added 2026/07/02 11:15 a.m.12 views

CVE-2026-42382

CVE-2026-42382 concerns WordPress Audrey theme versions <= 1.5 with an Unauthenticated Local File Inclusion (LFI) vulnerability. The connected patches and CVE records identify the affected product (Audrey theme

8.1CVSS5.8AI score0.00303EPSS
Exploits0References1
Patchstack
Patchstack
added 2026/06/29 1:25 p.m.4 views

WordPress Audrey theme <= 1.5 - Local File Inclusion vulnerability

Local File Inclusion vulnerability discovered by Tran Nguyen Bao Khanh VCI - VNPT Cyber Immunity in WordPress Theme Audrey versions = 1.5...

8.1CVSS5.8AI score0.00303EPSS
Exploits0Affected Software1
NVD
NVD
added 2026/06/17 2:17 p.m.10 views

CVE-2026-39576

Unauthenticated PHP Object Injection in SingleMalt = 1.5 versions...

8.1CVSS0.00395EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/17 1:47 p.m.10 views

EUVD-2025-210246

Deserialization of Untrusted Data vulnerability in EMV Creatify allows Object Injection. This issue affects Creatify: from n/a through 1.5...

9.8CVSS5.2AI score0.00313EPSS
Exploits0References1
NVD
NVD
added 2026/06/17 1:20 p.m.8 views

CVE-2026-40760

Unauthenticated PHP Object Injection in Behold = 1.5 versions...

8.1CVSS0.0025EPSS
Exploits0References1
NVD
NVD
added 2026/06/17 1:20 p.m.11 views

CVE-2026-39549

Unauthenticated Local File Inclusion in Aperitif = 1.5 versions...

8.1CVSS0.00423EPSS
Exploits0References1
NVD
NVD
added 2026/06/17 1:20 p.m.13 views

CVE-2026-39573

Unauthenticated PHP Object Injection in Mildhill = 1.5 versions...

8.1CVSS0.00395EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/17 12:47 p.m.19 views

CVE-2025-69170 WordPress Eventicity theme <= 1.5 - Local File Inclusion vulnerability

Unauthenticated Local File Inclusion in Eventicity = 1.5 versions...

8.1CVSS0.00348EPSS
Exploits0References1
CVE
CVE
added 2026/06/17 9:50 a.m.11 views

CVE-2026-39573

CVE-2026-39573 : Unauthenticated PHP Object Injection in WordPress Mildhill theme &lt;= 1.5. Affected component: Mildhill theme (WordPress). Root cause: PHP Object Injection vulnerability. Impact: high across confidentiality, integrity, and availability (CVSSv3.1: AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/...

8.1CVSS5.3AI score0.00395EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/17 9:50 a.m.31 views

CVE-2026-39573 WordPress Mildhill theme <= 1.5 - PHP Object Injection vulnerability

Unauthenticated PHP Object Injection in Mildhill = 1.5 versions...

8.1CVSS0.00395EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/16 8:57 p.m.20 views

CVE-2026-40760 WordPress Behold theme <= 1.5 - PHP Object Injection vulnerability

Unauthenticated PHP Object Injection in Behold = 1.5 versions...

8.1CVSS0.0025EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/16 10:18 a.m.10 views

EUVD-2026-37063

A stack-based buffer overflow vulnerability has been found in the NPort W2150A-W4/W2250A-W4 Series version 1.5 and earlier. This vulnerability stems from insufficient input validation of user-supplied input in the "Server location" parameter on the Basic settings page. An attacker could exploit...

8.6CVSS6.5AI score0.00472EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/06/16 12:0 a.m.16 views

PT-2026-49654

Name of the Vulnerable Software and Affected Versions NPort W2150A-W4/W2250A-W4 Series versions prior to 1.5.1 Description A stack-based buffer overflow occurs due to insufficient input validation of user-supplied input in the Server location parameter on the Basic settings page. An authenticated...

8.6CVSS6.6AI score0.00472EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/06/16 12:0 a.m.16 views

PT-2026-50117

Unauthenticated PHP Object Injection in Behold = 1.5 versions...

8.1CVSS5.4AI score0.0025EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/06/16 12:0 a.m.20 views

PT-2026-49653

A format string vulnerability has been found in the "alias" parameter of the Serial Param configuration page in the NPort W2150A-W4/W2250A-W4 Series version 1.5 and prior. This vulnerability stems from insufficient input validation and improper handling of externally supplied format strings. An...

6.9CVSS5.3AI score0.0031EPSS
Exploits0References3
EUVD
EUVD
added 2026/06/12 1:50 p.m.10 views

EUVD-2026-36429

Improper restriction of excessive authentication attempts vulnerability in Başbelen Group Food Cafe Businesses Industry and Trade Ltd. Co. Pause+ Mobile App allows Authentication Bypass. This issue affects Pause+ Mobile App: from v1.0.6 before v1.5...

9.8CVSS5.2AI score0.00346EPSS
Exploits0References1
CVE
CVE
added 2026/06/12 1:50 p.m.15 views

CVE-2026-6853

CVE-2026-6853 describes an authentication bypass in Başbelen Group Pause+ Mobile App caused by improper restriction of excessive authentication attempts. Affected versions are Pause+ Mobile App prior to 1.5 (v1.0.6 up to, but not including, 1.5). The CVSS 3.1 base score is 9.8 (CRITICAL), with NE...

9.8CVSS5.3AI score0.00346EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/06/12 12:0 a.m.19 views

PT-2026-48885

Name of the Vulnerable Software and Affected Versions Pause+ Mobile App versions 1.0.6 through 1.4.x Description Improper restriction of excessive authentication attempts allows for authentication bypass. Recommendations Update to version 1.5...

9.8CVSS5.2AI score0.00346EPSS
Exploits0References5
Snyk
Snyk
added 2026/06/10 12:0 a.m.8 views

Use of RSA Algorithm without OAEP

Overview Affected versions of this package are vulnerable to Use of RSA Algorithm without OAEP via the Wss4jSecurityInterceptor class, in the Wss4jSecurityInterceptor.java file due to defaulting allowRSA15KeyTransportAlgorithm to true when building the validation RequestData. This overrides Apach...

6.3CVSS5.4AI score0.00129EPSS
Exploits0References2
Rows per page
Query Builder