Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

9 matches found

Circl
Circladded 2025/12/27 9:55 p.m.3 views

CVE-2025-15109

creationtimestamp| type| source ---|---|--- 2025-12-27 21:55:09+00:00| seen| https://infosec.exchange/users/vuldb/statuses/115793756779838951 2025-12-27 22:27:48+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mayu4jubad2g...

7.5CVSS7.3AI score0.00041EPSS
Exploits0References2
Cvelist
Cvelistadded 2025/12/27 6:32 p.m.20 views

CVE-2025-15109 jackq XCMS upload.php unrestricted upload

A flaw has been found in jackq XCMS up to 3fab5342cc509945a7ce1b8ec39d19f701b89261. This impacts an unknown function of the file Public/javascripts/admin/plupload-2.1.2/examples/upload.php. This manipulation causes unrestricted upload. It is possible to initiate the attack remotely. The exploit h...

7.5CVSS0.00041EPSS
Exploits0References5
CVE
CVEadded 2025/12/27 6:32 p.m.10 views

CVE-2025-15109

CVE-2025-15109 concerns jackq XCMS up to build 3fab5342cc509945a7ce1b8ec39d19f701b89261, where the file Public/javascripts/admin/plupload-2.1.2/examples/upload.php contains a flaw that allows unrestricted file upload. The vulnerability can be triggered remotely and is supported by multiple source...

7.5CVSS6.3AI score0.00041EPSS
Exploits0References5
Cvelist
Cvelistadded 2022/08/08 6:52 p.m.9 views

CVE-2017-15109

...

Exploits0
Prion
Prionadded 2021/12/14 12:15 p.m.13 views

Out-of-bounds

A vulnerability has been identified in JT2Go All versions V13.2.0.5, Teamcenter Visualization All versions V13.2.0.5. The VCRUNTIME140.dll is vulnerable to an out of bounds read past the end of an allocated buffer when parsing specially crafted CGM files. An attacker could leverage this...

4.3CVSS5.3AI score0.00197EPSS
Exploits0References2Affected Software2
CVE
CVEadded 2021/12/14 12:6 p.m.48 views

CVE-2021-44015

Siemens JT2Go and Teamcenter Visualization are affected. Vulnerability CVE-2021-44015 is an out-of-bounds read in CGM file parsing that can leak information via VCRUNTIME140.dll; root cause is improper validation while parsing specially crafted CGM files. Impact is information disclosure within t...

5.5CVSS5.1AI score0.00197EPSS
Exploits0References2Affected Software2
CVE
CVEadded 2020/08/04 11:0 p.m.72 views

CVE-2020-15109

Summary: CVE-2020-15109 affects Solidus before 2.8.6, 2.9.6, and 2.10.2, enabling a malicious customer to change the current order’s address via crafted checkout data without updating shipment costs, impacting stores with at least two shipping zones and varying zone costs. Root cause: the checkou...

5.3CVSS5.1AI score0.00206EPSS
Exploits1References2Affected Software1
OSV
OSVadded 2019/08/21 12:15 p.m.1 views

CVE-2019-15109

The the-events-calendar plugin before 4.8.2 for WordPress has XSS via the tribepaged URL parameter...

6.1CVSS6.3AI score0.00148EPSS
Exploits0References2
CVE
CVEadded 2019/08/21 11:50 a.m.42 views

CVE-2019-15109

The CVE-2019-15109 entry relates to WordPress plugin The Events Calendar (prior to version 4.8.2) and is caused by an XSS flaw in the tribe_paged URL parameter. Exploitation could enable client-side code execution. Affected software is the Events Calendar plugin for WordPress; vulnerable componen...

6.1CVSS6AI score0.00148EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder