Lucene search
K

33 matches found

Tenable Nessus
Tenable Nessus
added 2026/01/19 12:0 a.m.5 views

MiracleLinux 8 : gfbgraph-0.2.4-1.el8.ML.1 (AXSA:2022-3332:02)

The remote MiracleLinux 8 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2022-3332:02 advisory. gfbgraph: missing TLS certificate verification CVE-2021-39358 Tenable has extracted the preceding description block directly from the MiracleLinux security...

5.9CVSS5.6AI score0.00708EPSS
Exploits0References2
EUVD
EUVD
added 2025/11/10 4:5 a.m.1 views

EUVD-2025-39358

Malicious code in tuti-telur51-breki npm...

6.6AI score
Exploits0
OSV
OSV
added 2025/08/14 6:52 p.m.0 views

MAL-2025-39358 Malicious code in wisp-xanadu-nqk291-project (npm)

The package wisp-xanadu-nqk291-project was found to contain malicious code...

7.2AI score
Exploits0
RedhatCVE
RedhatCVE
added 2025/06/08 11:58 a.m.5 views

CVE-2025-39358

Deserialization of Untrusted Data vulnerability in teastudio.pl WP Posts Carousel wp-posts-carousel allows Object Injection.This issue affects WP Posts Carousel: from n/a through = 1.3.12...

8.8CVSS5.9AI score0.00372EPSS
Exploits0References1
Circl
Circl
added 2025/06/06 1:3 p.m.3 views

CVE-2025-39358

creationtimestamp| type| source ---|---|--- 2025-06-06 13:03:17+00:00| seen| Telegram/i7ycyjcFtJ3ktfeH7GOJEagrL0owek2QcrSXVF3atIap0...

8.8CVSS4.8AI score0.00372EPSS
Exploits0
CVE
CVE
added 2025/06/06 11:47 a.m.38 views

CVE-2025-39358

CVE-2025-39358 affects WordPress plugin WP Posts Carousel (versions up to and including 1.3.12). The vulnerability is Deserialization of Untrusted Data leading to PHP Object Injection, reported for authenticated contexts (Contributor+). Patchstack and CVE records indicate the issue is fixed in ve...

8.8CVSS5.9AI score0.00372EPSS
Exploits0References1
Patchstack
Patchstack
added 2025/05/29 12:38 p.m.7 views

WordPress WP Posts Carousel <= 1.3.12 - PHP Object Injection Vulnerability

PHP Object Injection Vulnerability discovered by astra.r3verii Patchstack Alliance in WordPress Plugin WP Posts Carousel versions = 1.3.12...

8.8CVSS7AI score0.00372EPSS
Exploits0Affected Software1
RedhatCVE
RedhatCVE
added 2025/05/22 10:6 p.m.11 views

CVE-2022-39358

Metabase is data visualization software. Prior to versions 0.44.5, 1.44.5, 0.43.7, 1.43.7, 0.42.6, and 1.42.6, it was possible to circumvent locked parameters when requesting data for a question in an embedded dashboard by constructing a malicious request to the backend. This issue is patched in...

6.5CVSS6.7AI score0.00439EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2025/03/05 12:0 a.m.10 views

Linux Distros Unpatched Vulnerability : CVE-2021-39358

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In GNOME libgfbgraph through 0.2.4, gfbgraph-photo.c does not enable TLS certificate verification on the SoupSessionSync objects it creates, leaving users...

5.9CVSS5.8AI score0.00708EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2025/01/14 2:21 p.m.8 views

CVE-2024-39358

A buffer overflow vulnerability exists in the adm.cgi setwzap functionality of Wavlink AC3000 M33A8.V5030.210505. A specially crafted HTTP request can lead to stack-based buffer overflow. An attacker can make an authenticated HTTP request to trigger this vulnerability...

9.1CVSS7.1AI score0.01805EPSS
Exploits1References1
Talos
Talos
added 2025/01/14 12:0 a.m.9 views

Wavlink AC3000 adm.cgi set_wzdap() buffer overflow vulnerability

Talos Vulnerability Report TALOS-2024-2027 Wavlink AC3000 adm.cgi setwzdap buffer overflow vulnerability January 14, 2025 CVE Number CVE-2024-39358 SUMMARY A buffer overflow vulnerability exists in the adm.cgi setwzap functionality of Wavlink AC3000 M33A8.V5030.210505. A specially crafted HTTP...

9.1CVSS7.8AI score0.01805EPSS
Exploits1
CNVD
CNVD
added 2024/09/18 12:0 a.m.7 views

Unspecified vulnerability in Linux kernel (CNVD-2024-39358)

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. Linux kernel suffers from a security vulnerability that stems from a null pointer dereference. No details of the vulnerability are provided at this time...

4.7CVSS6.5AI score0.00209EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2023/11/06 12:0 a.m.25 views

Rocky Linux 8 : gfbgraph (RLSA-2022:1801)

The remote Rocky Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2022:1801 advisory. - In GNOME libgfbgraph through 0.2.4, gfbgraph-photo.c does not enable TLS certificate verification on the SoupSessionSync objects it creates, leaving users...

5.9CVSS6.3AI score0.00708EPSS
Exploits0References3
OpenVAS
OpenVAS
added 2023/11/05 12:0 a.m.25 views

Fedora: Security Advisory (FEDORA-2023-248dff7cbe)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS6.5AI score0.87575EPSS
Exploits24References21
OpenVAS
OpenVAS
added 2023/10/16 12:0 a.m.20 views

Fedora: Security Advisory for cacti (FEDORA-2023-6335ea9c0c)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS7.5AI score0.87575EPSS
Exploits24References2
OpenVAS
OpenVAS
added 2023/10/16 12:0 a.m.20 views

Fedora: Security Advisory for cacti (FEDORA-2023-06a2a6e03c)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS7.5AI score0.87575EPSS
Exploits24References2
OpenVAS
OpenVAS
added 2023/10/16 12:0 a.m.68 views

Fedora: Security Advisory for cacti-spine (FEDORA-2023-06a2a6e03c)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS7.5AI score0.87575EPSS
Exploits24References2
Cvelist
Cvelist
added 2022/10/26 12:0 a.m.29 views

CVE-2022-39358 Metabase vulnerable to circumvention of Locked parameter in Signed Embedding

Metabase is data visualization software. Prior to versions 0.44.5, 1.44.5, 0.43.7, 1.43.7, 0.42.6, and 1.42.6, it was possible to circumvent locked parameters when requesting data for a question in an embedded dashboard by constructing a malicious request to the backend. This issue is patched in...

6.5CVSS6.5AI score0.00439EPSS
Exploits0References1
CVE
CVE
added 2022/10/26 12:0 a.m.78 views

CVE-2022-39358

Metabase is vulnerable to a parameter-control bypass in embedded dashboards: a remote attacker can craft a malicious request to the backend to circumvent locked parameters when requesting data for a question. The issue affects Metabase versions prior to 0.44.5, 1.44.5, 0.43.7, 1.43.7, 0.42.6, and...

6.5CVSS6.3AI score0.00439EPSS
Exploits0References1Affected Software1
OSV
OSV
added 2022/09/23 11:4 a.m.3 views

OESA-2022-1937 gfbgraph security update

GLib/GObject wrapper for the Facebook Graph API that integrates with GNOME Online Accounts. Security Fixes: In GNOME libgfbgraph through 0.2.4, gfbgraph-photo.c does not enable TLS certificate verification on the SoupSessionSync objects it creates, leaving users vulnerable to network MITM attacks...

5.9CVSS6.9AI score0.00708EPSS
Exploits0References2
Rows per page
Query Builder