Lucene search
K

124 matches found

NVD
NVD
added 2022/04/25 4:16 p.m.23 views

CVE-2022-0876

The Social comments by WpDevArt WordPress plugin before 2.5.0 does not sanitise and escape its settings, allowing high privilege users such as admin to perform cross-Site Scripting attacks even when unfilteredhtml is disallowed...

4.8CVSS0.00588EPSS
Exploits2References1
OSV
OSV
added 2022/04/25 4:16 p.m.6 views

CVE-2022-0876

The Social comments by WpDevArt WordPress plugin before 2.5.0 does not sanitise and escape its settings, allowing high privilege users such as admin to perform cross-Site Scripting attacks even when unfilteredhtml is disallowed...

4.8CVSS5.8AI score0.00588EPSS
Exploits2References1
CVE
CVE
added 2022/04/25 3:51 p.m.79 views

CVE-2022-0876

The CVE-2022-0876 issue affects the WordPress plugin “Social comments by WpDevArt” prior to version 2.5.0. The root cause is failure to sanitize and escape settings, enabling stored Cross-Site Scripting by high-privilege users (e.g., admins) even when unfiltered_html is disallowed. Impact describ...

4.8CVSS4.8AI score0.00588EPSS
Exploits2References1Affected Software1
Cvelist
Cvelist
added 2022/04/25 3:51 p.m.29 views

CVE-2022-0876 Social comments by WpDevArt < 2.5.0 - Admin+ Stored Cross-Site Scripting

The Social comments by WpDevArt WordPress plugin before 2.5.0 does not sanitise and escape its settings, allowing high privilege users such as admin to perform cross-Site Scripting attacks even when unfilteredhtml is disallowed...

5.2AI score0.00588EPSS
Exploits2References1
OpenVAS
OpenVAS
added 2021/10/06 12:0 a.m.26 views

Python < 2.7.14, 3.3.x < 3.3.7, 3.4.x < 3.4.7, 3.5.x < 3.5.4, 3.6.x < 3.6.2 Expat 2.2.1 (bpo-30694) - Windows

'Expat SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:python:python"; ifdescription scriptoid"1.3.6.1.4.1.25623.1.0.118248";...

9.8CVSS8.4AI score0.13802EPSS
Exploits4References2
OpenVAS
OpenVAS
added 2021/10/06 12:0 a.m.27 views

Python < 2.7.14, 3.3.x < 3.3.7, 3.4.x < 3.4.7, 3.5.x < 3.5.4, 3.6.x < 3.6.2 Expat 2.2.1 (bpo-30694) - Mac OS X

'Expat SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:python:python"; ifdescription scriptoid"1.3.6.1.4.1.25623.1.0.118249";...

9.8CVSS8.4AI score0.13802EPSS
Exploits4References2
OpenVAS
OpenVAS
added 2021/10/06 12:0 a.m.27 views

Python < 2.7.14, 3.3.x < 3.3.7, 3.4.x < 3.4.7, 3.5.x < 3.5.4, 3.6.x < 3.6.2 Expat 2.2.1 (bpo-30694) - Linux

'Expat SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:python:python"; ifdescription scriptoid"1.3.6.1.4.1.25623.1.0.118250";...

9.8CVSS8.4AI score0.13802EPSS
Exploits4References2
OpenVAS
OpenVAS
added 2021/06/09 12:0 a.m.21 views

SUSE: Security Advisory (SUSE-SU-2012:0773-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

5CVSS8.9AI score0.05724EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2021/06/09 12:0 a.m.26 views

SUSE: Security Advisory (SUSE-SU-2012:0772-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

5CVSS8.9AI score0.05724EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2021/04/19 12:0 a.m.23 views

SUSE: Security Advisory (SUSE-SU-2020:0497-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS9.2AI score0.13802EPSS
Exploits4References6
Tenable Nessus
Tenable Nessus
added 2021/03/17 12:0 a.m.35 views

RHEL 7 : nss and nss-softokn (RHSA-2021:0876)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2021:0876 advisory. Network Security Services NSS is a set of libraries designed to support the cross-platform development of security-enabled client and server...

10CVSS7.6AI score0.03552EPSS
Exploits2References11
CVE
CVE
added 2020/03/12 3:48 p.m.82 views

CVE-2020-0876

CVE-2020-0876 is a Windows Win32k information disclosure vulnerability. The win32k component improperly provides kernel information, enabling potential disclosure of sensitive data. Affected product: Windows (Win32k). Root cause: improper handling of kernel information in Win32k. Impact: informat...

7.5CVSS7.7AI score0.058EPSS
Exploits0References1Affected Software2
Tenable Nessus
Tenable Nessus
added 2020/02/27 12:0 a.m.29 views

SUSE SLED12 / SLES12 Security Update : python3 (SUSE-SU-2020:0497-1)

This update for python3 fixes the following issues : Update to 3.4.10 jscSLE-9427, bsc1159208 from 3.4.6 : Security issues fixed : Update expat copy from 2.1.1 to 2.2.0 to fix the following issues: CVE-2012-0876, CVE-2016-0718, CVE-2016-4472, CVE-2017-9233, CVE-2016-9063 CVE-2017-1000158: Fix an...

9.8CVSS7.6AI score0.13802EPSS
Exploits4References16
NVD
NVD
added 2019/04/09 9:29 p.m.36 views

CVE-2019-0876

An information disclosure vulnerability exists when affected Open Enclave SDK versions improperly handle objects in memory, aka 'Open Enclave SDK Information Disclosure Vulnerability'...

5.5CVSS5.1AI score0.0156EPSS
Exploits0References2
OSV
OSV
added 2019/04/09 9:29 p.m.26 views

CVE-2019-0876

An information disclosure vulnerability exists when affected Open Enclave SDK versions improperly handle objects in memory, aka 'Open Enclave SDK Information Disclosure Vulnerability'...

5.5CVSS6.2AI score0.0156EPSS
Exploits0References2
CVE
CVE
added 2019/04/09 8:20 p.m.63 views

CVE-2019-0876

CVE-2019-0876 is an information-disclosure vulnerability in Open Enclave SDK caused by improper handling of objects in memory. Exploitation requires local access and attacker-host enclave progression; the vulnerability could enable disclosure of sensitive information stored in memory. Remediation...

5.5CVSS5AI score0.0156EPSS
Exploits0References2Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2018/06/17 10:33 p.m.31 views

Security Bulletin: Multiple denial of service vulnerabilities with Expat may affect IBM HTTP Server shipped with IBM Service Delivery Manager (CVE-2012-0876, CVE-2012-1148, CVE-2016-4472 and CVE-2016-0718)

Summary IBM HTTP Server is shipped as components of IBM Service Delivery Manager. Information about a security vulnerability affecting IBM HTTP Server has been published in a security bulletin. Vulnerability Details CVEID: CVE-2012-0876 DESCRIPTION: Expat is vulnerable to a denial of service,...

9.8CVSS9.7AI score0.13802EPSS
Exploits3Affected Software1
Tenable Nessus
Tenable Nessus
added 2018/05/07 12:0 a.m.41 views

Slackware 14.0 / 14.1 / 14.2 / current : python (SSA:2018-124-01)

New python packages are available for Slackware 14.0, 14.1, 14.2, and -current to fix security issues. C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from Slackware Security Advisory 2018-124-01. The text itself is copyright C Slackware Linu...

9.8CVSS7.9AI score0.13802EPSS
Exploits5References9
Prion
Prion
added 2018/03/14 5:29 p.m.22 views

Memory corruption

Microsoft Edge in Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows Server 2016 allows remote code execution, due to how the scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique from CVE-2018-0876, CVE-2018-0893, CVE-2018-092...

7.6CVSS7.3AI score0.55876EPSS
Exploits4References3Affected Software1
Prion
Prion
added 2018/03/14 5:29 p.m.23 views

Memory corruption

Microsoft Edge in Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows Server 2016 allows remote code execution, due to how the scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique from CVE-2018-0876, CVE-2018-0889, CVE-2018-092...

7.6CVSS7.3AI score0.55876EPSS
Exploits4References3
Rows per page
Query Builder