Lucene search
K

31 matches found

Tenable Nessus
Tenable Nessus
added 5 days ago5 views

Linux Distros Unpatched Vulnerability : CVE-2026-25707

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A relative path traversal bug problem when processing repository metadata in libzypp before 17.38.10 could be used by remote attackers supplying repositories to...

8.8CVSS6AI score0.006EPSS
Exploits0References3
Circl
Circl
added 6 days ago7 views

CVE-2026-25707

creationtimestamp| type| source ---|---|--- 2026-06-29 11:15:55+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mpgeejxf3d2y 2026-06-29 12:41:59+00:00| seen| https://bsky.app/profile/kriptabiz.bsky.social/post/3mpgj6gnudt2t 2026-06-29 20:47:44+00:00| seen|...

8.8CVSS5.8AI score0.006EPSS
Exploits0References4
OSV
OSV
added 6 days ago4 views

DEBIAN-CVE-2026-25707

A relative path traversal bug problem when processing repository metadata in libzypp before 17.38.10 could be used by remote attackers supplying repositories to overwrite files on the system, leading to denial of service or privilege escalation...

8.8CVSS5.8AI score0.006EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2026/06/26 12:0 a.m.6 views

SUSE SLED15: libsolv-devel / libsolv-tools / libsolv-tools-base / libzypp / etc (SUSE-SU-2026:2531-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:2531-1 advisory. This update for libsolv, libzypp, zypper fixes the following issues - CVE-2026-9149: Heap buffer overflow in...

8.8CVSS6.3AI score0.006EPSS
Exploits0References36
SUSE CVE
SUSE CVE
added 2026/05/29 1:22 a.m.16 views

SUSE CVE-2026-25707

A relative path traversal bug problem when processing repository metadata in libzypp before 17.38.10 could be used by remote attackers supplying repositories to overwrite files on the system, leading to denial of service or privilege escalation...

7.4CVSS5.8AI score0.006EPSS
Exploits0References12
Circl
Circl
added 2026/04/12 4:16 a.m.5 views

CVE-2019-25707

creationtimestamp| type| source ---|---|--- 2026-04-12 04:16:33+00:00| seen| https://www.incibe.es/incibe-cert/alerta-temprana/vulnerabilidades/cve-2019-25707 2026-04-12 14:50:09+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mjclxs2ktc2g...

7.1CVSS5.7AI score0.00269EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2025/03/05 12:0 a.m.7 views

Linux Distros Unpatched Vulnerability : CVE-2020-25707

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. Reason: This candidate is a duplicate of CVE-2020-2891 CVE-2020-25707 Note that Nessus relies on the presence...

7.1CVSS6.9AI score0.01195EPSS
Exploits0References1
OSV
OSV
added 2024/10/04 6:15 p.m.2 views

CVE-2024-25707

There is a reflected cross site scripting in Esri Portal for ArcGIS 11.1 and below on Windows and Linux x64 allows a remote authenticated attacker with administrative access to supply a crafted string which could potentially execute arbitrary JavaScript code in the their own browser Self XSS. A...

4.8CVSS5.6AI score
Exploits0References1
NVD
NVD
added 2024/10/04 6:15 p.m.35 views

CVE-2024-25707

There is a reflected cross site scripting in Esri Portal for ArcGIS 11.1 and below on Windows and Linux x64 allows a remote authenticated attacker with administrative access to supply a crafted string which could potentially execute arbitrary JavaScript code in the their own browser Self XSS. A...

4.8CVSS0.00329EPSS
Exploits0References1
CVE
CVE
added 2024/10/04 5:16 p.m.64 views

CVE-2024-25707

CVE-2024-25707 is a reflected cross-site scripting vulnerability in Esri Portal for ArcGIS 11.1 and earlier. The issue allows an authenticated user with administrative privileges to supply a crafted string that could cause arbitrary JavaScript execution in their own browser (Self XSS). The vulner...

4.8CVSS5.5AI score0.00329EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2024/10/04 5:16 p.m.16 views

CVE-2024-25707 BUG-000160241 - Reflected XSS in Portal for ArcGIS

There is a reflected cross site scripting in Esri Portal for ArcGIS 11.1 and below on Windows and Linux x64 allows a remote authenticated attacker with administrative access to supply a crafted string which could potentially execute arbitrary JavaScript code in the their own browser Self XSS. A...

4.8CVSS6.5AI score0.00329EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/10/04 5:16 p.m.27 views

CVE-2024-25707 BUG-000160241 - Reflected XSS in Portal for ArcGIS

There is a reflected cross site scripting in Esri Portal for ArcGIS 11.1 and below on Windows and Linux x64 allows a remote authenticated attacker with administrative access to supply a crafted string which could potentially execute arbitrary JavaScript code in the their own browser Self XSS. A...

4.8CVSS0.00329EPSS
Exploits0References1
Circl
Circl
added 2023/05/23 4:25 p.m.6 views

CVE-2023-25707

creationtimestamp| type| source ---|---|--- 2023-05-23 16:25:17+00:00| seen| https://t.me/cibsecurity/64620...

8.8CVSS8.6AI score0.00232EPSS
Exploits0References1
NVD
NVD
added 2023/05/23 1:15 p.m.16 views

CVE-2023-25707

Cross-Site Request Forgery CSRF vulnerability in E4J s.R.L. VikBooking Hotel Booking Engine & PMS plugin = 1.5.12 versions...

8.8CVSS7.1AI score0.00232EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2023/05/23 12:36 p.m.7 views

CVE-2023-25707 WordPress VikBooking Hotel Booking Engine & PMS Plugin <= 1.5.12 is vulnerable to Cross Site Request Forgery (CSRF)

Cross-Site Request Forgery CSRF vulnerability in E4J s.R.L. VikBooking Hotel Booking Engine & PMS plugin = 1.5.12 versions...

6.3CVSS7AI score0.00232EPSS
Exploits0References1
CVE
CVE
added 2023/05/23 12:36 p.m.50 views

CVE-2023-25707

CVE-2023-25707: Cross-Site Request Forgery in the VikBooking Hotel Booking Engine & PMS WordPress plugin (versions

8.8CVSS7.5AI score0.00232EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2023/05/23 12:36 p.m.19 views

CVE-2023-25707 WordPress VikBooking Hotel Booking Engine & PMS Plugin <= 1.5.12 is vulnerable to Cross Site Request Forgery (CSRF)

Cross-Site Request Forgery CSRF vulnerability in E4J s.R.L. VikBooking Hotel Booking Engine & PMS plugin = 1.5.12 versions...

6.3CVSS9AI score0.00232EPSS
Exploits0References1
Patchstack
Patchstack
added 2023/02/15 12:0 a.m.9 views

WordPress VikBooking Hotel Booking Engine & PMS Plugin <= 1.5.12 is vulnerable to Cross Site Request Forgery (CSRF)

Software VikBooking Hotel Booking Engine & PMS Type Plugin Vulnerable versions = 1.5.12 Fixed in 1.6.0 OWASP Top 10 A5: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2023-25707 Patch priority Low CVSS severity Low 6.3 Developer Claim ownership PSID 425db90a957f...

8.8CVSS6.6AI score0.00232EPSS
Exploits0References2Affected Software1
OpenVAS
OpenVAS
added 2021/08/04 12:0 a.m.29 views

SUSE: Security Advisory (SUSE-SU-2021:14772-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

6CVSS6.9AI score0.00463EPSS
Exploits0References11
OpenVAS
OpenVAS
added 2021/07/13 12:0 a.m.30 views

openSUSE: Security Advisory for qemu (openSUSE-SU-2021:1942-1)

The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

7.5CVSS6.7AI score0.05447EPSS
Exploits3References2
Rows per page
Query Builder