Lucene search
K

115 matches found

Tenable Nessus
Tenable Nessus
added 2026/06/05 12:0 a.m.10 views

RockyLinux 8 : expat (RLSA-2026:22721)

The remote RockyLinux 8 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2026:22721 advisory. libexpat: denial of service via crafted XML input CVE-2026-45186 Tenable has extracted the preceding description block directly from the RockyLinux security...

7.5CVSS5.5AI score0.00428EPSS
Exploits1References3
EUVD
EUVD
added 2026/02/25 9:31 p.m.4 views

EUVD-2026-8725

VMware Aria Operations contains a privilege escalation vulnerability. A malicious actor with privileges in vCenter to access Aria Operations may leverage this vulnerability to obtain administrative access in VMware Aria Operations. To remediate CVE-2026-22721, apply the patches listed in the 'Fix...

6.2CVSS5.4AI score0.00686EPSS
Exploits0References3
NVD
NVD
added 2026/02/25 9:16 p.m.13 views

CVE-2026-22721

VMware Aria Operations contains a privilege escalation vulnerability. A malicious actor with privileges in vCenter to access Aria Operations may leverage this vulnerability to obtain administrative access in VMware Aria Operations. To remediate CVE-2026-22721, apply the patches listed in the 'Fix...

7.2CVSS0.00686EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/02/25 8:0 p.m.19 views

CVE-2026-22721 VMware Aria Operations privilege escalation vulnerability

VMware Aria Operations contains a privilege escalation vulnerability. A malicious actor with privileges in vCenter to access Aria Operations may leverage this vulnerability to obtain administrative access in VMware Aria Operations. To remediate CVE-2026-22721, apply the patches listed in the 'Fix...

6.2CVSS0.00686EPSS
Exploits0References2
Circl
Circl
added 2026/02/24 5:42 p.m.5 views

CVE-2026-22721

creationtimestamp| type| source ---|---|--- 2026-02-24 17:42:38+00:00| seen| https://cyber.gc.ca/en/alerts-advisories/vmware-security-advisory-av26-162 2026-02-27 01:02:20+00:00| seen| https://bsky.app/profile/securitylab-jp.bsky.social/post/3mfsj6uh6vs23 2026-03-01 00:05:24+00:00| seen|...

7.2CVSS7.5AI score0.00686EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2026/02/24 12:0 a.m.10 views

PT-2026-21685

Name of the Vulnerable Software and Affected Versions VMware Aria Operations affected versions not specified Description VMware Aria Operations contains a stored cross-site scripting issue. An attacker with the ability to create custom benchmarks may inject script to perform administrative action...

9CVSS4.8AI score0.00411EPSS
Exploits0References15
Positive Technologies
Positive Technologies
added 2026/02/24 12:0 a.m.12 views

PT-2026-21686

Name of the Vulnerable Software and Affected Versions VMware Aria Operations affected versions not specified Description A malicious actor with privileges in vCenter to access VMware Aria Operations may leverage a privilege escalation issue to obtain administrative access in VMware Aria Operation...

7.2CVSS5.2AI score0.00686EPSS
Exploits0References21
Tenable Nessus
Tenable Nessus
added 2026/01/20 12:0 a.m.10 views

MiracleLinux 7 : httpd24-httpd-2.4.34-23.el7.5 (AXSA:2022-3871:03)

The remote MiracleLinux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2022-3871:03 advisory. httpd: modsed: Read/write beyond bounds CVE-2022-23943 httpd: Request splitting via HTTP/2 method injection and modproxy CVE-2021-33193 httpd: NULL...

9.8CVSS8.5AI score0.99999EPSS
Exploits8References17
RedhatCVE
RedhatCVE
added 2025/05/23 4:46 a.m.20 views

CVE-2023-22721

Auth. Stored Cross-Site Scripting XSS in Oi Yandex.Maps for WordPress = 3.2.7 versions...

6.5CVSS5.8AI score0.00383EPSS
Exploits0References1
Circl
Circl
added 2025/01/21 5:29 p.m.15 views

CVE-2025-22721

creationtimestamp| type| source ---|---|--- 2025-01-21 17:29:40+00:00| seen| https://infosec.exchange/users/cve/statuses/113867527306183773 2025-01-21 18:16:06+00:00| seen| https://bsky.app/profile/cve-notifications.bsky.social/post/3lgbhjgxfwk2s 2025-01-21 19:02:04+00:00|...

4.3CVSS7.8AI score0.00243EPSS
Exploits0References3
Cvelist
Cvelist
added 2025/01/21 5:21 p.m.29 views

CVE-2025-22721 WordPress ApplyOnline plugin <= 2.6.7.1 - Broken Access Control vulnerability

Missing Authorization vulnerability in Farhan Noor ApplyOnline apply-online allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects ApplyOnline: from n/a through = 2.6.7.1...

4.3CVSS0.00243EPSS
Exploits0References1
CVE
CVE
added 2025/01/21 5:21 p.m.48 views

CVE-2025-22721

CVE-2025-22721 (ApplyOnline – Application Form Builder and Manager): Missing Authorization vulnerability due to incorrectly configured access control in ApplyOnline. Affected: ApplyOnline – Application Form Builder and Manager, versions n/a through 2.6.7.1. CVSS 3.1 base score 4.3 (Medium). Root ...

4.3CVSS7.2AI score0.00243EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/01/21 5:21 p.m.9 views

CVE-2025-22721 WordPress ApplyOnline plugin <= 2.6.7.1 - Broken Access Control vulnerability

Missing Authorization vulnerability in Farhan Noor ApplyOnline apply-online allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects ApplyOnline: from n/a through = 2.6.7.1...

4.3CVSS8.6AI score0.00243EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2024/05/11 12:0 a.m.87 views

RHEL 7 : httpd (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - httpd: modproxy: X-Forwarded-For dropped by hop-by-hop mechanism CVE-2022-31813 - Apache HTTP Server...

9.1AI score0.90407EPSS
Exploits3References21
Vulnrichment
Vulnrichment
added 2024/04/11 12:0 a.m.16 views

CVE-2024-22721

Cross Site Request Forgery CSRF vulnerability in Form Tools 3.1.1 allows attackers to manipulate sensitive user data via crafted link...

6.9AI score0.00188EPSS
Exploits1References1
Cvelist
Cvelist
added 2024/04/11 12:0 a.m.16 views

CVE-2024-22721

Cross Site Request Forgery CSRF vulnerability in Form Tools 3.1.1 allows attackers to manipulate sensitive user data via crafted link...

6.8AI score0.00188EPSS
Exploits1References1
CVE
CVE
added 2024/04/11 12:0 a.m.55 views

CVE-2024-22721

Form Tools 3.1.1 suffers a Cross Site Request Forgery (CSRF) vulnerability that lets an attacker manipulate sensitive user data through a crafted link. Root cause: CSRF flaw in the application’s handling of requests. Impact: unauthorized modification of user data. Exploitation details are not ful...

6.3CVSS6.8AI score0.00188EPSS
Exploits1References1Affected Software1
NVD
NVD
added 2024/04/02 8:15 p.m.18 views

CVE-2024-30343

Foxit PDF Reader Annotation Use-After-Free Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious...

7.8CVSS8.1AI score0.00793EPSS
Exploits0References2
CVE
CVE
added 2024/04/02 8:12 p.m.84 views

CVE-2024-30343

CVE-2024-30343 is a Foxit PDF Reader Annotation Use-After-Free Remote Code Execution. The flaw arises from not validating the existence of an object before performing operations on Annotation objects, enabling code execution in the current process when a user opens a malicious file/page or visits...

7.8CVSS8.2AI score0.00793EPSS
Exploits0References2Affected Software2
Vulnrichment
Vulnrichment
added 2024/04/02 8:12 p.m.21 views

CVE-2024-30343 Foxit PDF Reader Annotation Use-After-Free Remote Code Execution Vulnerability

Foxit PDF Reader Annotation Use-After-Free Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious...

7.8CVSS7.3AI score0.00793EPSS
Exploits0References2
Rows per page
Query Builder