Lucene search
+L

583 matches found

Tenable Nessus
Tenable Nessus
added 2025/09/10 12:0 a.m.5 views

Linux Distros Unpatched Vulnerability : CVE-2021-32478

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The redirect URI in the LTI authorization endpoint required extra sanitizing to prevent reflected XSS and open redirect risks. Moodle versions 3.10 to 3.10.3, 3...

6.1CVSS6.8AI score0.01157EPSS
Exploits0References2
Patchstack
Patchstack
added 2025/09/06 12:13 a.m.10 views

WordPress SKT Addons for Elementor plugin <= 3.7 - Authenticated (Contributor+) Stored Cross-Site Scripting via Multiple Widgets vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting via Multiple Widgets vulnerability discovered by zer0gh0st in WordPress Plugin SKT Addons for Elementor versions = 3.7...

6.4CVSS5.5AI score0.00216EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2025/08/21 12:7 p.m.15 views

WordPress Portfolio Manager Pro Plugin 3.8 - PHP Object Injection Vulnerability

PHP Object Injection Vulnerability discovered by João Pedro S Alcântara Kinorth in WordPress Plugin Portfolio Manager Pro versions 3.8...

5.9CVSS6.9AI score0.00452EPSS
Exploits0Affected Software1
ATTACKERKB
ATTACKERKB
added 2025/08/20 8:3 a.m.6 views

CVE-2025-49409

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in brewlabs SensorPress allows Stored XSS. This issue affects SensorPress: from n/a through 1.0...

9.8CVSS5.2AI score0.00452EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2025/08/20 8:3 a.m.6 views

CVE-2025-49410

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Imran Emu TC Testimonials allows Stored XSS. This issue affects TC Testimonials: from n/a through 1.1.1...

10CVSS5.2AI score0.00452EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2025/08/20 8:3 a.m.2 views

CVE-2025-48159 WordPress Youtube Vimeo Video Player and Slider WP Plugin <= 3.8 - Cross Site Scripting (XSS) Vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in LambertGroup Youtube Vimeo Video Player and Slider WP Plugin allows Reflected XSS. This issue affects Youtube Vimeo Video Player and Slider WP Plugin: from n/a through 3.8...

7.1CVSS6.5AI score0.00213EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/08/20 8:3 a.m.10 views

CVE-2025-53563 WordPress Youtube Vimeo Video Player and Slider <= 3.8 - Cross Site Scripting (XSS) Vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in LambertGroup Youtube Vimeo Video Player and Slider videoplayeryoutubevimeo allows Reflected XSS.This issue affects Youtube Vimeo Video Player and Slider: from n/a through = 3.8...

7.1CVSS0.00226EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/08/20 8:3 a.m.2 views

CVE-2025-53563 WordPress Youtube Vimeo Video Player and Slider <= 3.8 - Cross Site Scripting (XSS) Vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in LambertGroup Youtube Vimeo Video Player and Slider allows Reflected XSS. This issue affects Youtube Vimeo Video Player and Slider: from n/a through 3.8...

7.1CVSS6.5AI score0.00226EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/08/20 12:0 a.m.3 views

WordPress plugin Youtube Vimeo Video Player and Slider 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

7.1CVSS6.1AI score0.00226EPSS
Exploits0References2
OSV
OSV
added 2025/08/11 1:51 p.m.5 views

BIT-LIBPYTHON-2020-8492

Python 2.7 through 2.7.17, 3.5 through 3.5.9, 3.6 through 3.6.10, 3.7 through 3.7.6, and 3.8 through 3.8.1 allows an HTTP server to conduct Regular Expression Denial of Service ReDoS attacks against a client because of urllib.request.AbstractBasicAuthHandler catastrophic backtracking...

7.1CVSS7AI score0.06681EPSS
Exploits1References17
OSV
OSV
added 2025/08/11 1:51 p.m.7 views

BIT-LIBPYTHON-2020-8315

In Python CPython 3.6 through 3.6.10, 3.7 through 3.7.6, and 3.8 through 3.8.1, an insecure dependency load upon launch on Windows 7 may result in an attacker's copy of api-ms-win-core-path-l1-1-0.dll being loaded and used instead of the system's copy. Windows 8 and later are unaffected...

5.5CVSS7.1AI score0.01345EPSS
Exploits0References2
IBM Security Bulletins
IBM Security Bulletins
added 2025/08/11 6:9 a.m.9 views

Security Bulletin: Kafka client library upgraded to kafka-clients-3.9.1

Summary Kafka client library upgraded to kafka-clients-3.9.1. Vulnerability Details CVEID:CVE-2024-31141 DESCRIPTION: Files or Directories Accessible to External Parties, Improper Privilege Management vulnerability in Apache Kafka Clients. Apache Kafka Clients accept configuration data for...

6.5CVSS6.7AI score0.01129EPSS
Exploits0Affected Software1
GithubExploit
GithubExploit
added 2025/08/08 9:48 a.m.103 views

Exploit for Code Injection in Xwiki

PoC for CVE-2025-24893 — XWiki Remote Code Execution Safe PoC...

9.8CVSS8.9AI score0.99898EPSS
Exploits51
OpenVAS
OpenVAS
added 2025/06/12 12:0 a.m.3 views

Mageia: Security Advisory (MGASA-2025-0178)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

4.7CVSS7.5AI score0.0066EPSS
Exploits1References5
OpenVAS
OpenVAS
added 2025/06/02 12:0 a.m.6 views

Fedora: Security Advisory (FEDORA-2025-99055e8fe5)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

4.7CVSS5AI score0.0066EPSS
Exploits1References3
RedhatCVE
RedhatCVE
added 2025/05/23 2:18 a.m.13 views

CVE-2023-51484

Improper Authentication vulnerability in wp-buy Login as User or Customer User Switching allows Privilege Escalation.This issue affects Login as User or Customer User Switching: from n/a through 3.8...

9.8CVSS8.6AI score0.00703EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 1:21 a.m.7 views

CVE-2022-21487

Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization component: Core. The supported version that is affected is Prior to 6.1.34. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise...

3.8CVSS5.4AI score0.00372EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 10:22 p.m.6 views

CVE-2022-21295

Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization component: Core. The supported version that is affected is Prior to 6.1.32. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise...

3.8CVSS5.5AI score0.00369EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 6:33 p.m.6 views

CVE-2021-32472

Teachers exporting a forum in CSV format could receive a CSV of forums from all courses in some circumstances. Moodle versions 3.10 to 3.10.3, 3.9 to 3.9.6 and 3.8 to 3.8.8 are affected...

4.3CVSS6.6AI score0.00761EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 4:46 p.m.6 views

CVE-2020-6937

A Denial of Service vulnerability in MuleSoft Mule CE/EE 3.8.x, 3.9.x, and 4.x released before April 7, 2020, could allow remote attackers to submit data which can lead to resource exhaustion...

7.5CVSS7AI score0.01245EPSS
Exploits0References1
Rows per page
Query Builder