Lucene search
K

40 matches found

NVD
NVD
added 3 days ago6 views

CVE-2026-13558

A security flaw has been discovered in CodeAstro Complaint Management System 1.0. This issue affects some unknown processing of the file /report/addreport of the component Report Handler. Performing a manipulation of the argument Report Title results in cross site scripting. Remote exploitation o...

5.1CVSS0.00328EPSS
Exploits0References6
Cvelist
Cvelist
added 3 days ago32 views

CVE-2026-13558 CodeAstro Complaint Management System Report addreport cross site scripting

A security flaw has been discovered in CodeAstro Complaint Management System 1.0. This issue affects some unknown processing of the file /report/addreport of the component Report Handler. Performing a manipulation of the argument Report Title results in cross site scripting. Remote exploitation o...

5.1CVSS0.00328EPSS
Exploits0References6
Circl
Circl
added 2025/11/25 8:6 a.m.8 views

CVE-2025-13558

creationtimestamp| type| source ---|---|--- 2025-11-25 08:06:33+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3m6gv32rpj62q...

5.4CVSS5.8AI score0.00221EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 8:10 a.m.5 views

CVE-2019-13558

In WebAccess versions 8.4.1 and prior, an exploit executed over the network may cause improper control of generation of code, which may allow remote code execution, data exfiltration, or cause a system crash...

9.8CVSS7.6AI score0.02863EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/03/22 1:59 p.m.15 views

CVE-2024-13558

The NP Quote Request for WooCommerce plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 1.9.179 due to missing validation on a user controlled key. This makes it possible for unauthenticated attackers to read the content of quote requests...

7.5CVSS7AI score0.00346EPSS
Exploits0References1
Circl
Circl
added 2025/03/20 3:43 p.m.5 views

CVE-2024-13558

creationtimestamp| type| source ---|---|--- 2025-03-20 15:43:46+00:00| seen| https://t.me/cvedetector/20736...

7.5CVSS8.5AI score0.00346EPSS
Exploits0References1
NVD
NVD
added 2025/03/20 12:15 p.m.12 views

CVE-2024-13558

The NP Quote Request for WooCommerce plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 1.9.179 due to missing validation on a user controlled key. This makes it possible for unauthenticated attackers to read the content of quote requests...

7.5CVSS0.00346EPSS
Exploits0References3
Cvelist
Cvelist
added 2025/03/20 11:11 a.m.16 views

CVE-2024-13558 NP Quote Request for WooCommerce <= 1.9.179 - Insecure Direct Object Reference to Unauthenticated Sensitive Information Disclosure

The NP Quote Request for WooCommerce plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 1.9.179 due to missing validation on a user controlled key. This makes it possible for unauthenticated attackers to read the content of quote requests...

7.5CVSS0.00346EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2025/03/20 11:11 a.m.5 views

CVE-2024-13558 NP Quote Request for WooCommerce <= 1.9.179 - Insecure Direct Object Reference to Unauthenticated Sensitive Information Disclosure

The NP Quote Request for WooCommerce plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 1.9.179 due to missing validation on a user controlled key. This makes it possible for unauthenticated attackers to read the content of quote requests...

7.5CVSS7.4AI score0.00346EPSS
Exploits0References3
CVE
CVE
added 2025/03/20 11:11 a.m.59 views

CVE-2024-13558

CVE-2024-13558 affects the NP Quote Request for WooCommerce plugin (WordPress). The vulnerability is an Insecure Direct Object Reference caused by missing validation on a user-controlled key, affecting all versions up to 1.9.179. It allows unauthenticated attackers to read the content of quote re...

7.5CVSS7.4AI score0.00346EPSS
Exploits0References3Affected Software1
Tenable Nessus
Tenable Nessus
added 2024/09/10 12:0 a.m.10 views

NewStart CGSL MAIN 6.02 : webkit2gtk3 Multiple Vulnerabilities (NS-SA-2024-0053)

The remote NewStart CGSL host, running version MAIN 6.02, has webkit2gtk3 packages installed that are affected by multiple vulnerabilities: - A use-after-free issue was found in the AudioSourceProviderGStreamer class of WebKitGTK and WPE WebKit in versions prior to 2.30.5. Processing maliciously...

9.8CVSS7.2AI score0.16342EPSS
Exploits11References115
SUSE CVE
SUSE CVE
added 2023/02/15 3:58 a.m.2 views

SUSE CVE-2020-13558

A code execution vulnerability exists in the AudioSourceProviderGStreamer functionality of Webkit WebKitGTK 2.30.1. A specially crafted web page can lead to a use after free...

8.8CVSS7.6AI score0.01792EPSS
Exploits1References7
RedHat Linux
RedHat Linux
added 2021/11/09 6:30 p.m.112 views

Moderate: Red Hat Security Advisory: GNOME security, bug fix, and enhancement update

An update for GNOME is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the...

9.8CVSS7.3AI score0.14542EPSS
Exploits8References70
AlmaLinux
AlmaLinux
added 2021/11/09 9:15 a.m.68 views

Moderate: GNOME security, bug fix, and enhancement update

GNOME is the default desktop environment of AlmaLinux. The following packages have been upgraded to a later upstream version: gdm 40.0, webkit2gtk3 2.32.3. BZ1909300 Security Fixes: webkitgtk: Use-after-free in AudioSourceProviderGStreamer leading to arbitrary code execution CVE-2020-13558 LibRaw...

9.8CVSS9.1AI score0.14542EPSS
Exploits8References30
OSV
OSV
added 2021/11/09 9:15 a.m.51 views

RLSA-2021:4381 Moderate: GNOME security, bug fix, and enhancement update

GNOME is the default desktop environment of Rocky Linux. The following packages have been upgraded to a later upstream version: gdm 40.0, webkit2gtk3 2.32.3. BZ1909300 Security Fixes: webkitgtk: Use-after-free in AudioSourceProviderGStreamer leading to arbitrary code execution CVE-2020-13558...

9.8CVSS9.1AI score0.14542EPSS
Exploits8References69
Tenable Nessus
Tenable Nessus
added 2021/06/21 12:0 a.m.235 views

SUSE SLED12: libjavascriptcoregtk-4_0-18 / libwebkit2gtk-4_0-37 / etc (SUSE-SU-2021:1990-1)

The remote SUSE Linux SLED12 / SLES12 / SLESSAP12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2021:1990-1 advisory. - Update to version 2.32.1: - Improve handling of Media Capture devices. - Improve WebAudio playback. - Improve video...

9.8CVSS7.1AI score0.14542EPSS
Exploits3References41
OpenVAS
OpenVAS
added 2021/06/18 12:0 a.m.19 views

SUSE: Security Advisory (SUSE-SU-2021:1990-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS7.9AI score0.14542EPSS
Exploits3References11
OpenVAS
OpenVAS
added 2021/06/09 12:0 a.m.21 views

SUSE: Security Advisory (SUSE-SU-2021:0536-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.8CVSS8.8AI score0.01792EPSS
Exploits1References2
OpenVAS
OpenVAS
added 2021/04/19 12:0 a.m.11 views

SUSE: Security Advisory (SUSE-SU-2021:0583-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.8CVSS8.9AI score0.01792EPSS
Exploits1References4
OpenVAS
OpenVAS
added 2021/04/16 12:0 a.m.13 views

openSUSE: Security Advisory for webkit2gtk3 (openSUSE-SU-2021:0376-1)

The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

8.8CVSS8.8AI score0.01792EPSS
Exploits1References2
Rows per page
Query Builder