Lucene search
K

13 matches found

SUSE CVE
SUSE CVE
added 2025/11/14 12:33 a.m.2 views

SUSE CVE-2025-13120

A vulnerability has been found in mruby up to 3.4.0. This vulnerability affects the function sortcmp of the file src/array.c. Such manipulation leads to use after free. An attack has to be approached locally. The exploit has been disclosed to the public and may be used. The name of the patch is...

5.5CVSS4.9AI score0.00142EPSS
Exploits0References3
OSV
OSV
added 2025/11/13 4:15 p.m.4 views

DEBIAN-CVE-2025-13120

A vulnerability has been found in mruby up to 3.4.0. This vulnerability affects the function sortcmp of the file src/array.c. Such manipulation leads to use after free. An attack has to be approached locally. The exploit has been disclosed to the public and may be used. The name of the patch is...

5.5CVSS4.7AI score0.00142EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/11/13 3:32 p.m.14 views

CVE-2025-13120 mruby array.c sort_cmp use after free

A vulnerability has been found in mruby up to 3.4.0. This vulnerability affects the function sortcmp of the file src/array.c. Such manipulation leads to use after free. An attack has to be approached locally. The exploit has been disclosed to the public and may be used. The name of the patch is...

5.3CVSS0.00142EPSS
Exploits0References8
OpenVAS
OpenVAS
added 2025/02/27 12:0 a.m.9 views

WordPress ProfilePress Plugin < 4.15.20 Multiple XSS Vulnerabilities

The WordPress plugin SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:properfraction:profilepress"; if description...

4.8CVSS6.8AI score0.0033EPSS
Exploits3References3
RedhatCVE
RedhatCVE
added 2025/02/15 6:24 a.m.14 views

CVE-2024-13120

The Paid Membership Plugin, Ecommerce, User Registration Form, Login Form, User Profile & Restrict Content WordPress plugin before 4.15.20 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even wh...

4.8CVSS7.8AI score0.0029EPSS
Exploits1References1
NVD
NVD
added 2025/02/13 6:15 a.m.29 views

CVE-2024-13120

The Paid Membership Plugin, Ecommerce, User Registration Form, Login Form, User Profile & Restrict Content WordPress plugin before 4.15.20 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even wh...

4.8CVSS0.0029EPSS
Exploits1References1
CVE
CVE
added 2025/02/13 6:0 a.m.83 views

CVE-2024-13120

The CVE-2024-13120 entry concerns the ProfilePress WordPress plugin (Paid Membership Plugin, Ecommerce, User Registration Form, Login Form, User Profile & Restrict Content – ProfilePress) prior to version 4.15.20. Technical details in connected records show the issue is a stored XSS caused by not...

4.8CVSS5.7AI score0.0029EPSS
Exploits1References1Affected Software1
Vulnrichment
Vulnrichment
added 2025/02/13 6:0 a.m.10 views

CVE-2024-13120 ProfilePress < 4.15.20 - Admin+ Stored XSS

The Paid Membership Plugin, Ecommerce, User Registration Form, Login Form, User Profile & Restrict Content WordPress plugin before 4.15.20 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even wh...

5.7AI score0.0029EPSS
Exploits1References1
Cvelist
Cvelist
added 2025/02/13 6:0 a.m.20 views

CVE-2024-13120 ProfilePress < 4.15.20 - Admin+ Stored XSS

The Paid Membership Plugin, Ecommerce, User Registration Form, Login Form, User Profile & Restrict Content WordPress plugin before 4.15.20 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even wh...

0.0029EPSS
Exploits1References1
CVE
CVE
added 2019/10/07 9:57 p.m.51 views

CVE-2019-13120

CVE-2019-13120 affects Amazon FreeRTOS up to v1.4.8. The vulnerability arises from insufficient length checking in prvProcessReceivedPublish, which can cause untargetable leakage of arbitrary memory on a device when an attacker sends a malformed MQTT publish to an Amazon IoT Thing interacting wit...

7.5CVSS7.4AI score0.0119EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2019/03/05 8:0 p.m.23 views

CVE-2017-13120

This CVE-2017-13120 entry is rejected and does not represent an active vulnerability.

7.4AI score
Exploits0
Cvelist
Cvelist
added 2019/03/05 8:0 p.m.9 views

CVE-2017-13120

...

Exploits0
Saint
Saint
added 2006/04/25 12:0 a.m.41 views

Internet Explorer DHTML object vulnerability

Added: 04/25/2006 CVE: CVE-2005-0553 BID: 13120 OSVDB: 15465 Background Dynamic HTML DHTML allows the creation of interactive web pages. Problem Race conditions in various DHTML methods could allow command execution when a specially crafted web page is loaded in Internet Explorer. Resolution Appl...

5.1CVSS7.5AI score0.50604EPSS
Exploits5
Rows per page
Query Builder