Lucene search
K

18 matches found

vulnersOsv
vulnersOsv
added 2026/03/11 12:21 a.m.6 views

@bigegg/parse-server-schema-config (>=1.0.5 <=1.0.10), @kontaa/subgraph (>=1.0.1 <=1.2.3) +27 more potentially affected by CVE-2026-30972 via parse-server (>=2.0.8 <=7.5.4)

parse-server NPM version =2.0.8, =1.0.5, =1.0.1, =1.2.1, =2.4.46, =2.4.8, =1.0.0, =1.0.0, =1.0.1, =0.1.1, =0.0.2, =1.0.0, =0.1.0, =0.1.7, =0.0.1, =0.0.29 - parse-cli-server2 =0.0.30 and more Source cves: CVE-2026-30972 Source advisory: OSV:GHSA-775H-3XRC-C228...

7.5CVSS5.8AI score0.00342EPSS
Exploits0
OSV
OSV
added 2025/08/14 6:52 p.m.1 views

MAL-2025-30972 Malicious code in pywebqq (npm)

The package pywebqq was found to contain malicious code...

7.2AI score
Exploits0
RedhatCVE
RedhatCVE
added 2025/06/29 12:6 p.m.8 views

CVE-2025-30972

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in iamapinan Woocommerce Line Notify woo-line-notify allows Stored XSS.This issue affects Woocommerce Line Notify: from n/a through = 1.1.7...

7.1CVSS5.9AI score0.00215EPSS
Exploits0References1
Circl
Circl
added 2025/06/27 1:50 p.m.4 views

CVE-2025-30972

creationtimestamp| type| source ---|---|--- 2025-06-27 13:50:47+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/19711...

7.1CVSS4.8AI score0.00215EPSS
Exploits0References1
NVD
NVD
added 2025/06/27 12:15 p.m.5 views

CVE-2025-30972

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in iamapinan Woocommerce Line Notify woo-line-notify allows Stored XSS.This issue affects Woocommerce Line Notify: from n/a through = 1.1.7...

7.1CVSS0.00215EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/06/27 11:52 a.m.11 views

CVE-2025-30972 WordPress Woocommerce Line Notify plugin <= 1.1.7 - Cross Site Scripting (XSS) Vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in iamapinan Woocommerce Line Notify woo-line-notify allows Stored XSS.This issue affects Woocommerce Line Notify: from n/a through = 1.1.7...

7.1CVSS0.00215EPSS
Exploits0References1
CVE
CVE
added 2025/06/27 11:52 a.m.20 views

CVE-2025-30972

CVE-2025-30972 affects the WordPress plugin WooCommerce Line Notify . The issue is a Stored XSS caused by improper neutralization of input during web page generation. Affected versions are listed as from n/a through 1.1.7 . The connected documents confirm the vulnerability title, affected product...

7.1CVSS5.9AI score0.00215EPSS
Exploits0References1
Patchstack
Patchstack
added 2025/06/18 12:28 p.m.8 views

WordPress Woocommerce Line Notify plugin <= 1.1.7 - Cross Site Scripting (XSS) Vulnerability

Cross Site Scripting XSS Vulnerability discovered by LVT-tholv2k in WordPress Plugin Woocommerce Line Notify versions = 1.1.7...

7.1CVSS6AI score0.00215EPSS
Exploits0Affected Software1
RedhatCVE
RedhatCVE
added 2025/05/22 7:2 p.m.5 views

CVE-2021-30972

This issue was addressed with improved checks. This issue is fixed in Security Update 2022-001 Catalina, macOS Big Sur 11.6.3. A malicious application may be able to bypass certain Privacy preferences...

5.5CVSS5.8AI score0.00316EPSS
Exploits0References1
Circl
Circl
added 2022/05/17 6:27 p.m.7 views

CVE-2022-30972

creationtimestamp| type| source ---|---|--- 2022-05-17 18:27:56+00:00| seen| https://t.me/cibsecurity/42825 2025-11-03 17:08:45+00:00| seen| https://bsky.app/profile/2rZiKKbOU3nTafniR2qMMSE0gwZ.activitypub.awakari.com.ap.brid.gy/post/3m4qj3kinrq62...

8.8CVSS8.1AI score0.00625EPSS
Exploits0References2
NVD
NVD
added 2022/05/17 3:15 p.m.20 views

CVE-2022-30972

A cross-site request forgery CSRF vulnerability in Jenkins Storable Configs Plugin 1.0 and earlier allows attackers to have Jenkins parse a local XML file e.g., archived artifacts that uses external entities for extraction of secrets from the Jenkins controller or server-side request forgery...

8.8CVSS0.00625EPSS
Exploits0References1
Cvelist
Cvelist
added 2022/05/17 2:6 p.m.24 views

CVE-2022-30972

A cross-site request forgery CSRF vulnerability in Jenkins Storable Configs Plugin 1.0 and earlier allows attackers to have Jenkins parse a local XML file e.g., archived artifacts that uses external entities for extraction of secrets from the Jenkins controller or server-side request forgery...

8.9AI score0.00625EPSS
Exploits0References1
CVE
CVE
added 2022/05/17 2:6 p.m.101 views

CVE-2022-30972

CVE-2022-30972 affects Jenkins Storable Configs Plugin 1.0 and earlier. The vulnerability arises because the XML parser is not configured to prevent XML external entity (XXE) attacks, allowing an attacker to have Jenkins parse a local XML file (e.g., archived artifacts) that uses external entitie...

8.8CVSS8.5AI score0.00625EPSS
Exploits0References1Affected Software1
OpenVAS
OpenVAS
added 2022/01/31 12:0 a.m.29 views

Apple Mac OS X Security Update (HT213055)

Apple Mac OS X is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

10CVSS6.8AI score0.11638EPSS
Exploits0References3
OpenVAS
OpenVAS
added 2022/01/31 12:0 a.m.31 views

Apple Mac OS X Security Update (HT213056)

Apple Mac OS X is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.3CVSS6.6AI score0.01688EPSS
Exploits0References1
Apple
Apple
added 2022/01/26 12:0 a.m.43 views

About the security content of Security Update 2022-001 Catalina

About the security content of Security Update 2022-001 Catalina This document describes the security content of Security Update 2022-001 Catalina. About Apple security updates For our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has...

9.3CVSS8.3AI score0.01688EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2021/08/24 6:51 p.m.76 views

CVE-2021-30972

CVE-2021-30972 is a TCC privacy-bypass issue affecting macOS Big Sur 11.x and macOS Catalina. It could allow a malicious local app to bypass certain Privacy preferences. It was fixed in Security Update 2022-001 for Catalina and Big Sur 11.6.3, per Apple advisories and the HTC/NESSUS entries refer...

5.5CVSS5.6AI score0.00316EPSS
Exploits0References3Affected Software2
Cvelist
Cvelist
added 2021/08/24 6:51 p.m.24 views

CVE-2021-30972

This issue was addressed with improved checks. This issue is fixed in Security Update 2022-001 Catalina, macOS Big Sur 11.6.3. A malicious application may be able to bypass certain Privacy preferences...

6.3AI score0.00316EPSS
Exploits0References3
Rows per page
Query Builder