Lucene search
+L

115 matches found

OSV
OSV
added 2026/07/01 3:39 p.m.3 views

ECHO-FADD-120A-1274

Bulletin has no description...

4.3CVSS5.7AI score0.0023EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2026/06/05 7:34 p.m.13 views

CVE-2026-1274

IBM Guardium Data Protection 12.0, 12.1, and 12.2 is vulnerable to a Bypass Business Logic vulnerability in the access management control panel...

4.9CVSS5.5AI score0.003EPSS
Exploits0References1
CVE
CVE
added 2026/04/22 11:30 p.m.26 views

CVE-2026-1274

IBM Guardium Data Protection 12.0, 12.1, and 12.2 are affected by CVE-2026-1274, a Bypass Business Logic vulnerability in the access management control panel (CWE-840). The IBM bulletin lists the affected versions and provides version-specific fixes via Fix Central bundles for 12.0, 12.1, and 12....

4.9CVSS5.8AI score0.003EPSS
Exploits0References1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2026/04/22 4:42 p.m.5 views

Security Bulletin: IBM Guardium Data Protection is affected by multiple vulnerabilities (CVE-2026-1272, CVE-2020-16971, CVE-2026-1274)

Summary IBM Guardium Data Protection has addressed these vulnerabilities in an update. Vulnerability Details CVEID:CVE-2026-1272 DESCRIPTION: IBM Guardium Data Protection is vulnerable to Security Misconfiguration vulnerability in the user access control panel. CWE:CWE-613: Insufficient Session...

9.1CVSS7.1AI score0.0359EPSS
Exploits0Affected Software1
EUVD
EUVD
added 2026/01/07 6:35 a.m.5 views

EUVD-2026-1274

The Bit Form – Contact Form Plugin plugin for WordPress is vulnerable to unauthorized workflow execution due to missing authorization in the triggerWorkFlow function in all versions up to, and including, 2.21.6. This is due to a logic flaw in the nonce verification where the security check only...

6.5CVSS5.3AI score0.0035EPSS
Exploits0References5
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2015-1274

Malware in sbrugna...

7.2CVSS6AI score0.00562EPSS
Exploits1References5
RedhatCVE
RedhatCVE
added 2025/05/23 10:6 a.m.14 views

CVE-2024-1274

The My Calendar WordPress plugin before 3.4.24 does not sanitise and escape some parameters, which could allow users with a role as low as Subscriber to perform Cross-Site Scripting attacks depending on the permissions set by the admin...

5.4CVSS6.1AI score0.00425EPSS
Exploits2References1
RedhatCVE
RedhatCVE
added 2025/05/22 4:14 p.m.14 views

CVE-2020-1274

An elevation of privilege vulnerability exists when the Windows kernel fails to properly handle objects in memory, aka 'Windows Kernel Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-0986, CVE-2020-1237, CVE-2020-1246, CVE-2020-1262, CVE-2020-1264, CVE-2020-1266,...

9.3CVSS7.7AI score0.15932EPSS
Exploits0
Circl
Circl
added 2025/04/16 1:56 p.m.8 views

CVE-2025-1274

creationtimestamp| type| source ---|---|--- 2025-04-16 13:56:03+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/12047...

7.8CVSS4.8AI score0.00204EPSS
Exploits0References1
NVD
NVD
added 2025/04/15 9:15 p.m.24 views

CVE-2025-1274

A maliciously crafted RCS file, when parsed through Autodesk Revit, can force an Out-of-Bounds Write vulnerability. A malicious actor may leverage this vulnerability to cause a crash, cause data corruption, or execute arbitrary code in the context of the current process...

7.8CVSS0.00204EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2025/04/15 8:58 p.m.6 views

CVE-2025-1274 RCS File Parsing Out-of-Bounds Write Vulnerability

A maliciously crafted RCS file, when parsed through Autodesk Revit, can force an Out-of-Bounds Write vulnerability. A malicious actor may leverage this vulnerability to cause a crash, cause data corruption, or execute arbitrary code in the context of the current process...

7.8CVSS7.7AI score0.00204EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2025/03/17 12:0 a.m.10 views

Huawei EulerOS: Security Advisory for openssh (EulerOS-SA-2025-1274)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7CVSS7AI score0.27935EPSS
Exploits1References2
OSV
OSV
added 2024/04/02 6:15 a.m.1 views

CVE-2024-1274

The My Calendar WordPress plugin before 3.4.24 does not sanitise and escape some parameters, which could allow users with a role as low as Subscriber to perform Cross-Site Scripting attacks depending on the permissions set by the admin...

5.4CVSS5.8AI score0.00425EPSS
Exploits2References1
CVE
CVE
added 2024/04/02 5:15 a.m.106 views

CVE-2024-1274

The CVE-2024-1274 issue affects the My Calendar WordPress plugin prior to version 3.4.24. The vulnerability arises because the plugin does not sanitize or escape certain parameters, enabling Cross-Site Scripting (XSS) by users with a low-privilege role (Subscriber) depending on admin permissions....

5.4CVSS5.2AI score0.00425EPSS
Exploits2References1Affected Software1
Circl
Circl
added 2023/04/17 4:41 p.m.5 views

CVE-2023-1274

creationtimestamp| type| source ---|---|--- 2023-04-17 16:41:56+00:00| seen| https://t.me/cibsecurity/62281 2025-03-03 19:30:41+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/6251...

6.5CVSS7.2AI score0.009EPSS
Exploits2References2
NVD
NVD
added 2023/04/17 1:15 p.m.18 views

CVE-2023-1274

The Pricing Tables For WPBakery Page Builder formerly Visual Composer WordPress plugin before 3.0 does not validate some shortcode attributes before using them to generate paths passed to include function/s, allowing any authenticated users such as subscriber to perform LFI attacks...

6.5CVSS6.4AI score0.009EPSS
Exploits2References1
Vulnrichment
Vulnrichment
added 2023/04/17 12:17 p.m.5 views

CVE-2023-1274 Pricing Tables For WPBakery Page Builder < 3.0 - Subscriber+ LFI

The Pricing Tables For WPBakery Page Builder formerly Visual Composer WordPress plugin before 3.0 does not validate some shortcode attributes before using them to generate paths passed to include function/s, allowing any authenticated users such as subscriber to perform LFI attacks...

6.3AI score0.009EPSS
Exploits2References1
CVE
CVE
added 2023/04/17 12:17 p.m.231 views

CVE-2023-1274

CVE-2023-1274 affects the WordPress plugin Pricing Tables For WPBakery Page Builder (formerly Visual Composer) up to version 3.0. The issue is caused by insufficient validation of shortcode attributes, which are used to generate file paths passed to include functions. This allows authenticated us...

6.5CVSS6.6AI score0.009EPSS
Exploits2References1Affected Software1
Patchstack
Patchstack
added 2023/04/13 12:0 a.m.13 views

WordPress Pricing Tables For WPBakery Page Builder Plugin < 3.0 is vulnerable to Local File Inclusion

Software Pricing Tables For WPBakery Page Builder Type Plugin Vulnerable versions 3.0 Fixed in 3.0 OWASP Top 10 A1: Injection Classification Local File Inclusion CVE CVE-2023-1274 Patch priority High CVSS severity High 7.7 Developer Claim ownership PSID d6cfa024a462 Credits Lana Codes Required...

6.5CVSS6.8AI score0.009EPSS
Exploits2References3Affected Software1
CVE
CVE
added 2023/03/29 12:0 a.m.282 views

CVE-2022-1274

CVE-2022-1274 is referenced in Red Hat advisories RHSA-2023-1043/1044 as a fix for Red Hat Single Sign-On 7.6.2 on RHEL 7/8/9. The vulnerability is linked to Keycloak’s execute-actions-email flow, with the cited issue being a missing email notification template allowlist that can enable an XSS-li...

5.4CVSS5.2AI score0.00692EPSS
Exploits0References3Affected Software2
Rows per page
Query Builder