Lucene search
K

18 matches found

Circl
Circl
added 2025/11/30 3:4 a.m.9 views

CVE-2025-13615

creationtimestamp| type| source ---|---|--- 2025-11-30 03:04:30+00:00| seen| https://infosec.exchange/users/offseq/statuses/115636428433116034 2025-11-30 15:33:47+00:00| published-proof-of-concept| https://t.me/GithubRedTeam/61214 2025-12-01 08:03:07+00:00| seen|...

9.8CVSS4.8AI score0.00324EPSS
Exploits1References3
Vulnrichment
Vulnrichment
added 2025/11/30 1:53 a.m.5 views

CVE-2025-13615 StreamTube Core <= 4.78 - Unauthenticated Arbitrary User Password Change

The StreamTube Core plugin for WordPress is vulnerable to Arbitrary User Password Change in versions up to, and including, 4.78. This is due to the plugin providing user-controlled access to objects, letting a user bypass authorization and access system resources. This makes it possible for...

9.8CVSS5.8AI score0.00324EPSS
Exploits1References2
RedhatCVE
RedhatCVE
added 2025/03/15 4:43 a.m.17 views

CVE-2024-13615

The Social Share Buttons, Social Sharing Icons, Click to Tweet — Social Media Plugin by Social Snap WordPress plugin through 1.3.6 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the...

3.5CVSS5.6AI score0.00246EPSS
Exploits1References1
Circl
Circl
added 2025/03/11 9:16 a.m.3 views

CVE-2024-13615

creationtimestamp| type| source ---|---|--- 2025-03-11 09:16:02+00:00| seen| https://t.me/cvedetector/20052...

3.5CVSS8.7AI score0.00246EPSS
Exploits1References1
NVD
NVD
added 2025/03/11 6:15 a.m.6 views

CVE-2024-13615

The Social Share Buttons, Social Sharing Icons, Click to Tweet — Social Media Plugin by Social Snap WordPress plugin through 1.3.6 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the...

3.5CVSS0.00246EPSS
Exploits1References1
Cvelist
Cvelist
added 2025/03/11 6:0 a.m.9 views

CVE-2024-13615 Social Media Plugin by Social Snap <= 1.3.6 - Admin+ Stored XSS

The Social Share Buttons, Social Sharing Icons, Click to Tweet — Social Media Plugin by Social Snap WordPress plugin through 1.3.6 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the...

0.00246EPSS
Exploits1References1
Vulnrichment
Vulnrichment
added 2025/03/11 6:0 a.m.7 views

CVE-2024-13615 Social Media Plugin by Social Snap <= 1.3.6 - Admin+ Stored XSS

The Social Share Buttons, Social Sharing Icons, Click to Tweet — Social Media Plugin by Social Snap WordPress plugin through 1.3.6 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the...

3.4AI score0.00246EPSS
Exploits1References1
SUSE CVE
SUSE CVE
added 2023/02/15 4:10 a.m.1 views

SUSE CVE-2019-13615

libebml before 1.3.6, as used in the MKV module in VideoLAN VLC Media Player binaries before 3.0.3, has a heap-based buffer over-read in EbmlElement::FindNextElement...

5.5CVSS5.7AI score0.02492EPSS
Exploits1References4
CVE
CVE
added 2020/05/26 10:8 p.m.77 views

CVE-2020-13615

CVE-2020-13615 affects Qore up to version 0.9.4.2; the root cause is missing hostname verification for X.509 certificates in lib/QoreSocket.cpp. This constitutes a trust-management vulnerability in TLS connections. Remediation/mitigation: upgrade to Qore 0.9.4.2 or later (as indicated by Red Hat/...

5.9CVSS5.7AI score0.00596EPSS
Exploits0References2Affected Software1
ThreatPost
ThreatPost
added 2019/07/23 2:39 p.m.106 views

Update: VLC Media Player Plagued By Unpatched Critical RCE Flaw

UPDATE After a German security agency reported a critical vulnerability existed in VLC open-source media player that could enable remote code execution and other malicious actions, the developers of VLC said that the media player is not vulnerable. The VLC media player, developed by the VideoLAN...

4.3CVSS0.2AI score0.02492EPSS
Exploits1References11
Circl
Circl
added 2019/07/22 9:16 a.m.6 views

CVE-2019-13615

creationtimestamp| type| source ---|---|--- 2019-07-22 09:16:59+00:00| seen| https://t.me/informationsecuritychannel/29545 2019-10-29 14:03:43+00:00| seen| https://t.me/sysodmins/5620 2026-05-26 05:00:00+00:00| seen| https://www.cisa.gov/news-events/ics-advisories/icsa-26-146-05...

5.5CVSS6AI score0.02492EPSS
Exploits1References3
NVD
NVD
added 2019/07/16 5:15 p.m.14 views

CVE-2019-13615

libebml before 1.3.6, as used in the MKV module in VideoLAN VLC Media Player binaries before 3.0.3, has a heap-based buffer over-read in EbmlElement::FindNextElement...

5.5CVSS5.5AI score0.02492EPSS
Exploits1References6
OSV
OSV
added 2019/07/16 5:15 p.m.16 views

CVE-2019-13615

libebml before 1.3.6, as used in the MKV module in VideoLAN VLC Media Player binaries before 3.0.3, has a heap-based buffer over-read in EbmlElement::FindNextElement...

5.5CVSS6.8AI score
Exploits0References6
OSV
OSV
added 2019/07/16 5:15 p.m.2 views

DEBIAN-CVE-2019-13615

libebml before 1.3.6, as used in the MKV module in VideoLAN VLC Media Player binaries before 3.0.3, has a heap-based buffer over-read in EbmlElement::FindNextElement...

5.5CVSS5.8AI score0.02492EPSS
Exploits1References1
CVE
CVE
added 2019/07/16 4:6 p.m.243 views

CVE-2019-13615

CVE-2019-13615 affects VideoLAN VLC Media Player through libebml &lt; 1.3.6 in the MKV demux module (used by VLC binaries

5.5CVSS5.3AI score0.02492EPSS
Exploits1References6Affected Software1
AlpineLinux
AlpineLinux
added 2019/07/16 4:6 p.m.29 views

CVE-2019-13615

libebml before 1.3.6, as used in the MKV module in VideoLAN VLC Media Player binaries before 3.0.3, has a heap-based buffer over-read in EbmlElement::FindNextElement...

5.5CVSS5.5AI score0.02492EPSS
Exploits1
UbuntuCve
UbuntuCve
added 2019/07/16 12:0 a.m.20 views

CVE-2019-13615

libebml before 1.3.6, as used in the MKV module in VideoLAN VLC Media Player binaries before 3.0.3, has a heap-based buffer over-read in EbmlElement::FindNextElement...

5.5CVSS6.2AI score0.02492EPSS
Exploits1References2
CVE
CVE
added 2018/07/09 6:0 a.m.38 views

CVE-2018-13615

The CVE-2018-13615 entry concerns a smart contract vulnerability in MJCToken (Ethereum). The mintToken function reportedly contains an integer overflow that allows the contract owner to set any user’s balance to an arbitrary value. Connected documents corroborate the core issue (overflow in mintT...

7.5CVSS7.7AI score0.01024EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder