Lucene search
K

84 matches found

OSV
OSV
added 2026/05/10 8:16 p.m.6 views

MINI-8VQV-636M-2224

Bulletin has no description...

7.5CVSS5.7AI score0.00784EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2026/05/06 12:0 a.m.9 views

RHCOS 4 : OpenShift Container Platform 4.4.20 jenkins-2-plugins (RHSA-2020:3625)

The remote Red Hat Enterprise Linux CoreOS 4 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2020:3625 advisory. - jenkins-credentials-binding-plugin: information disclosure in build log when build contains no build steps CVE-2020-2181 -...

6.5CVSS5.7AI score0.01087EPSS
Exploits0References15
Tenable Nessus
Tenable Nessus
added 2026/02/12 12:0 a.m.8 views

AlmaLinux 9 : keylime (ALSA-2026:2224)

The remote AlmaLinux 9 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2026:2224 advisory. keylime: Keylime: Authentication bypass allows unauthorized administrative operations due to missing client-side TLS authentication CVE-2026-1709 Tenable has...

9.8CVSS5.9AI score0.05431EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2026/02/09 12:0 a.m.4 views

Oracle Linux 9 : keylime (ELSA-2026-2224)

The remote Oracle Linux 9 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2026-2224 advisory. 7.12.1-11.4 - CVE-2026-1709: Registrar authentication bypass Resolves: RHEL-145390 Tenable has extracted the preceding description block directly from the Oracl...

9.8CVSS5.9AI score0.05431EPSS
Exploits0References2
EUVD
EUVD
added 2026/01/13 4:1 p.m.8 views

EUVD-2026-2224

An insufficient input validation vulnerability in NETGEAR Orbi devices' DHCPv6 functionality allows network adjacent attackers authenticated over WiFi or on LAN to execute OS command injections on the router. DHCPv6 is not enabled by default...

7.5CVSS6.6AI score0.01064EPSS
Exploits0References14
NVD
NVD
added 2025/03/25 6:15 a.m.21 views

CVE-2025-2224

The Directorist: AI-Powered Business Directory Plugin with Classified Ads Listings plugin for WordPress is vulnerable to unauthorized access and modification of data due to a missing capability check on the 'parsequery' function in all versions up to, and including, 8.2. This makes it possible fo...

5.3CVSS0.00388EPSS
Exploits0References5
Cvelist
Cvelist
added 2025/03/25 5:22 a.m.20 views

CVE-2025-2224 Directorist <= 8.2 - Missing Authorization to Unauthenticated Arbitrary Post Publishing

The Directorist: AI-Powered Business Directory Plugin with Classified Ads Listings plugin for WordPress is vulnerable to unauthorized access and modification of data due to a missing capability check on the 'parsequery' function in all versions up to, and including, 8.2. This makes it possible fo...

5.3CVSS0.00388EPSS
Exploits0References5
CVE
CVE
added 2025/03/25 5:22 a.m.79 views

CVE-2025-2224

CVE-2025-2224 affects Directorist: AI-Powered Business Directory Plugin with Classified Ads Listings for WordPress. The vulnerability arises from a missing capability check in the parse_query function, allowing unauthenticated attackers to update the post_status of any post to 'publish' across al...

5.3CVSS6.8AI score0.00388EPSS
Exploits0References5
Circl
Circl
added 2025/01/08 4:20 p.m.8 views

CVE-2023-2224

creationtimestamp| type| source ---|---|--- 2025-01-08 16:20:37+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/727...

4.8CVSS6.5AI score0.00909EPSS
Exploits3References1
NVD
NVD
added 2024/04/09 1:15 p.m.8 views

CVE-2024-2224

Improper Limitation of a Pathname to a Restricted Directory ‘Path Traversal’ vulnerability in the UpdateServer component of Bitdefender GravityZone allows an attacker to execute arbitrary code on vulnerable instances. This issue affects the following products that include the vulnerable component...

9.8CVSS8.3AI score0.00731EPSS
Exploits0References1
CVE
CVE
added 2024/04/09 1:1 p.m.87 views

CVE-2024-2224

CVE-2024-2224 affects Bitdefender GravityZone UpdateServer and related products: Linux endpoint 7.0.5.200089, Windows endpoint 7.9.9.380, GravityZone Control Center On Premises 6.36.1. The issue is an Improper Limitation of a Pathname to a Restricted Directory (Path Traversal) in the UpdateServer...

9.8CVSS8.3AI score0.00731EPSS
Exploits0References1Affected Software2
Vulnrichment
Vulnrichment
added 2024/04/09 1:1 p.m.14 views

CVE-2024-2224 Privilege Escalation via the GravityZone productManager UpdateServer.KitsManager API (VA-11466)

Improper Limitation of a Pathname to a Restricted Directory ‘Path Traversal’ vulnerability in the UpdateServer component of Bitdefender GravityZone allows an attacker to execute arbitrary code on vulnerable instances. This issue affects the following products that include the vulnerable component...

8.1CVSS7.8AI score0.00731EPSS
Exploits0References1
Packet Storm
Packet Storm
added 2023/07/25 12:0 a.m.450 views

WordPress Seo By 10Web Cross Site Scripting

Tittle: WordPress Plugin Seo By 10Web 4. Save to trigger the XSS. Classification: Type XSS OWASP top 10 A7: Cross-Site Scripting XSS CWE-79 wpScan: https://wpscan.com/vulnerability/a76b6d22-1e00-428a-8a04-12162bd0d992...

4.8CVSS7.1AI score0.00909EPSS
Exploits3
Tenable Nessus
Tenable Nessus
added 2023/06/22 12:0 a.m.42 views

openSUSE 15: curl / libcurl-devel / libcurl-devel-32bit / libcurl4 / etc (SUSE-SU-2023:2224-2)

The remote openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2023:2224-2 advisory. This update for curl adds the following feature: Update to version 8.0.1 jscPED-2580 - CVE-2023-28319: use-after-free in SSH sha256 fingerprint check...

7.5CVSS6.7AI score0.02658EPSS
Exploits4References13
OpenVAS
OpenVAS
added 2023/06/12 12:0 a.m.20 views

Huawei EulerOS: Security Advisory for libtar (EulerOS-SA-2023-2224)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS9AI score0.01431EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2023/06/05 1:39 p.m.13 views

CVE-2023-2224 Seo By 10Web < 1.2.7 - Admin+ Stored XSS

The SEO by 10Web WordPress plugin before 1.2.7 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...

4.7AI score0.00909EPSS
Exploits3References2
CVE
CVE
added 2023/06/05 1:39 p.m.98 views

CVE-2023-2224

The SEO by 10Web WordPress plugin before 1.2.7 is vulnerable to Stored XSS due to insufficient sanitisation/escaping of settings. High-privilege users (admin) could exploit this—even when unfiltered_html is disallowed in multisite environments. Affected versions:

4.8CVSS4.8AI score0.00909EPSS
Exploits3References2Affected Software1
Cvelist
Cvelist
added 2023/06/05 1:39 p.m.30 views

CVE-2023-2224 Seo By 10Web < 1.2.7 - Admin+ Stored XSS

The SEO by 10Web WordPress plugin before 1.2.7 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...

4.9AI score0.00909EPSS
Exploits3References2
Patchstack
Patchstack
added 2023/05/15 12:0 a.m.21 views

WordPress Seo By 10Web Plugin < 1.2.7 is vulnerable to Cross Site Scripting (XSS)

Software Seo By 10Web Type Plugin Vulnerable versions 1.2.7 Fixed in 1.2.7 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-2224 Patch priority Low CVSS severity Low 5.9 Developer Claim ownership PSID 7380d78d51b0 Credits Taurus Omar Required privileg...

4.8CVSS5.7AI score0.00909EPSS
Exploits3References3Affected Software1
OpenVAS
OpenVAS
added 2023/03/08 12:0 a.m.13 views

Debian: Security Advisory (DLA-561-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS7.6AI score0.02797EPSS
Exploits0References3
Rows per page
Query Builder