Lucene search
K

17 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2025-4321

Malicious code in bioql PyPI...

4.3CVSS8.7AI score0.00145EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2025/05/23 8:23 a.m.5 views

CVE-2024-1237

The Elementor Header & Footer Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the flyoutlayout attribute in all versions up to, and including, 1.6.24 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with...

6.4CVSS5AI score0.00514EPSS
Exploits0References1
NVD
NVD
added 2025/04/11 9:15 a.m.28 views

CVE-2025-32525

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in MapGeo Interactive Geo Maps interactive-geo-maps allows Reflected XSS.This issue affects Interactive Geo Maps: from n/a through = 1.6.24...

7.1CVSS0.00374EPSS
Exploits0References1
Patchstack
Patchstack
added 2025/04/09 4:46 p.m.15 views

WordPress Interactive Geo Maps plugin <= 1.6.24 - Reflected Cross Site Scripting (XSS) vulnerability

Reflected Cross Site Scripting XSS vulnerability discovered by Le Ngoc Anh in WordPress Plugin Interactive Geo Maps versions = 1.6.24...

7.1CVSS7AI score0.00374EPSS
Exploits0Affected Software1
NVD
NVD
added 2025/02/24 3:15 p.m.9 views

CVE-2025-27342

Cross-Site Request Forgery CSRF vulnerability in josesan WooCommerce Recargo de Equivalencia woo-recargo-de-equivalencia allows Cross Site Request Forgery.This issue affects WooCommerce Recargo de Equivalencia: from n/a through = 1.6.24...

4.3CVSS0.00145EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/02/24 12:0 a.m.5 views

WordPress plugin WooCommerce Recargo de Equivalencia 跨站请求伪造漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site request forger...

4.3CVSS8.2AI score0.00145EPSS
Exploits0References2
OSV
OSV
added 2024/03/13 4:15 p.m.4 views

CVE-2024-1237

The Elementor Header & Footer Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the flyoutlayout attribute in all versions up to, and including, 1.6.24 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with...

5.4CVSS5.9AI score0.00514EPSS
Exploits0References3
CNNVD
CNNVD
added 2024/03/13 12:0 a.m.2 views

WordPress Plugin Elementor Header & Footer Builder Security Vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers running PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability exists in...

6.4CVSS5.9AI score0.00514EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2024/03/12 12:0 a.m.7 views

PT-2024-17572 · WordPress · Elementor Header & Footer Builder

Name of the Vulnerable Software and Affected Versions: Elementor Header & Footer Builder plugin for WordPress versions up to, and including, 1.6.24 Description: The issue is related to Stored Cross-Site Scripting via the flyout layout attribute due to insufficient input sanitization and output...

6.4CVSS6.4AI score0.00514EPSS
Exploits0References8
Patchstack
Patchstack
added 2024/03/12 12:0 a.m.18 views

WordPress Elementor – Header, Footer & Blocks Template Plugin <= 1.6.24 is vulnerable to Cross Site Scripting (XSS)

Software Elementor – Header, Footer & Blocks Template Type Plugin Vulnerable versions = 1.6.24 Fixed in 1.6.25 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-1237 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID d8efb70c30ae...

6.4CVSS6AI score0.00514EPSS
Exploits0References3Affected Software1
SUSE CVE
SUSE CVE
added 2023/02/15 5:28 a.m.6 views

SUSE CVE-2014-3635

Off-by-one error in D-Bus 1.3.0 through 1.6.x before 1.6.24 and 1.8.x before 1.8.8, when running on a 64-bit system and the maxmessageunixfds limit is set to an odd number, allows local users to cause a denial of service dbus-daemon crash or possibly execute arbitrary code by sending one more fil...

4.4CVSS7.9AI score0.00486EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2023/02/15 4:7 a.m.2 views

SUSE CVE-2019-18602

OpenAFS before 1.6.24 and 1.8.x before 1.8.5 is prone to an information disclosure vulnerability because uninitialized scalars are sent over the network to a peer...

7.5CVSS7.1AI score0.01532EPSS
Exploits0References3
UbuntuCve
UbuntuCve
added 2019/10/29 7:15 p.m.18 views

CVE-2019-18602

OpenAFS before 1.6.24 and 1.8.x before 1.8.5 is prone to an information disclosure vulnerability because uninitialized scalars are sent over the network to a peer...

7.5CVSS7.1AI score0.01532EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2015/09/15 12:0 a.m.34 views

F5 Networks BIG-IP : D-Bus vulnerability (SOL17256)

The busconnectionscheckreply function in config-parser.c in D-Bus before 1.6.24 and 1.8.x before 1.8.8 allows local users to cause a denial of service CPU consumption via a large number of method calls. C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were...

2.1CVSS5.6AI score0.00388EPSS
Exploits0References2
Prion
Prion
added 2014/09/22 3:55 p.m.37 views

Design/Logic Flaw

The busconnectionscheckreply function in config-parser.c in D-Bus before 1.6.24 and 1.8.x before 1.8.8 allows local users to cause a denial of service CPU consumption via a large number of method calls...

2.1CVSS6.4AI score0.00388EPSS
Exploits0References11Affected Software3
Debian CVE
Debian CVE
added 2014/09/22 3:0 p.m.25 views

CVE-2014-3638

The busconnectionscheckreply function in config-parser.c in D-Bus before 1.6.24 and 1.8.x before 1.8.8 allows local users to cause a denial of service CPU consumption via a large number of method calls...

2.1CVSS4AI score0.00388EPSS
Exploits0
CVE
CVE
added 2002/03/15 5:0 a.m.53 views

CVE-2001-1154

CVE-2001-1154 affects Cyrus mail servers (versions 2.0.15, 2.0.16, and 1.6.24) running on BSDi 4.2 with IMAP enabled. The issue allows remote attackers to cause a denial-of-service condition (hang) by leveraging PHP IMAP clients. The available documents confirm the affected software stack and the...

5CVSS7.1AI score0.01614EPSS
Exploits0References3Affected Software1
Rows per page
Query Builder