Lucene search
K

22 matches found

EUVD
EUVD
added 2026/04/29 10:40 a.m.6 views

EUVD-2026-26214

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in StellarWP Image Widget image-widget allows Stored XSS.This issue affects Image Widget: from n/a through = 4.4.11...

5.9CVSS5.2AI score0.00143EPSS
Exploits0References1
OSV
OSV
added 2026/01/16 11:57 a.m.5 views

OESA-2026-1059 wireshark security update

Security Fixes: MEGACO dissector infinite loop in Wireshark 4.6.0 to 4.6.1 and 4.4.0 to 4.4.11 allows denial of serviceCVE-2025-13946...

5.5CVSS6.7AI score0.00126EPSS
Exploits1References2
OSV
OSV
added 2026/01/08 3:23 p.m.8 views

CVE-2026-22245 Mastodon has SSRF Protection bypass

Mastodon is a free, open-source social network server based on ActivityPub. By nature, Mastodon performs a lot of outbound requests to user-provided domains. Mastodon, however, has some protection mechanism to disallow requests to local IP addresses unless specified in ALLOWEDPRIVATEADDRESSES to...

7.1CVSS6.2AI score0.00247EPSS
Exploits0References6
SUSE CVE
SUSE CVE
added 2025/12/05 12:43 a.m.3 views

SUSE CVE-2025-13946

MEGACO dissector infinite loop in Wireshark 4.6.0 to 4.6.1 and 4.4.0 to 4.4.11 allows denial of service...

5.5CVSS6.8AI score0.00126EPSS
Exploits1References8
OpenVAS
OpenVAS
added 2025/12/04 12:0 a.m.4 views

Wireshark Security Update (wnpa-sec-2025-08) - Mac OS X

Wireshark is prone to a denial of service DoS vulnerability. SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:wireshark:wireshark"...

5.5CVSS6.5AI score0.00126EPSS
Exploits1References1
OpenVAS
OpenVAS
added 2025/12/04 12:0 a.m.3 views

Wireshark Security Update (wnpa-sec-2025-08) - Windows

Wireshark is prone to a denial of service DoS vulnerability. SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:wireshark:wireshark"...

5.5CVSS6.5AI score0.00126EPSS
Exploits1References1
CVE
CVE
added 2025/12/03 8:4 a.m.23 views

CVE-2025-13946

Wireshark contains a vulnerability in the MEGACO dissector (CVE-2025-13946): the MEGACO dissector can enter an infinite loop in Wireshark versions 4.6.0–4.6.1 and 4.4.0–4.4.11, enabling denial of service. Public advisories confirm a fix is available in Wireshark 4.4.13 (and related updates across...

5.5CVSS6.4AI score0.00126EPSS
Exploits1References2Affected Software1
OpenVAS
OpenVAS
added 2025/11/24 12:0 a.m.6 views

Wireshark Security Update (wnpa-sec-2025-06) - Windows

Wireshark is prone to a denial of service DoS vulnerability. SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:wireshark:wireshark"...

7.8CVSS6.5AI score0.00103EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2025-3761

Malicious code in bioql PyPI...

5.3CVSS8.9AI score0.00492EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2025/02/25 12:0 a.m.10 views

Joomla! 4.x < 4.4.11 SQL injection

According to its self-reported version, the instance of Joomla! running on the remote web server is 4.x prior to 4.4.11 or 5.x prior to 5.2.4. It is, therefore, affected by a SQL injection vulnerability in the backend task list of comscheduler due to improperly built order clauses. Note that the...

6.7CVSS8.2AI score0.00415EPSS
Exploits0References2
Patchstack
Patchstack
added 2025/01/24 11:47 a.m.2 views

WordPress Paytium plugin <= 4.4.11 - Full Path Disclosure (FPD) vulnerability

Full Path Disclosure FPD vulnerability discovered by Fariq Fadillah Gusti Insani in WordPress Plugin Paytium versions = 4.4.11...

5.3CVSS7AI score0.00492EPSS
Exploits0Affected Software1
Positive Technologies
Positive Technologies
added 2025/01/24 12:0 a.m.4 views

PT-2025-5400 · Paytium · Paytium

Name of the Vulnerable Software and Affected Versions: Paytium versions through 4.4.11 Description: The issue allows retrieval of embedded sensitive data due to the generation of error messages containing sensitive information. Recommendations: For versions through 4.4.11, update to a version tha...

5.3CVSS6.9AI score0.00492EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2024/12/31 12:0 a.m.5 views

PT-2024-34811 · Paytium · Paytium

Name of the Vulnerable Software and Affected Versions: Paytium versions prior to 4.4.11 Description: A Missing Authorization vulnerability exists in Paytium by David de Boer. This issue allows for unauthorized access. Recommendations: For versions prior to 4.4.11, update to version 4.4.11 or late...

4.3CVSS7.2AI score0.0031EPSS
Exploits0References6
OSV
OSV
added 2024/09/18 4:8 a.m.21 views

RHBA-2020:2785 Red Hat Bug Fix Advisory: OpenShift Container Platform 4.4.11 packages update

Bulletin has no description...

7.5CVSS6.5AI score0.02836EPSS
Exploits1References12
OpenVAS
OpenVAS
added 2022/04/13 12:0 a.m.16 views

MongoDB DoS Vulnerability (SERVER-58203, SERVER-59299, SERVER-60218) - Linux

MongoDB is prone to a denial of service DoS vulnerability. SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:mongodb:mongodb"; if...

7.5CVSS7.5AI score0.0197EPSS
Exploits0References3
Debian CVE
Debian CVE
added 2022/04/12 2:15 p.m.46 views

CVE-2021-32040

Removed by vendor...

7.5CVSS7.7AI score0.0197EPSS
Exploits0
Prion
Prion
added 2021/09/18 4:15 p.m.18 views

Design/Logic Flaw

Teleport before 4.4.11, 5.x before 5.2.4, 6.x before 6.2.12, and 7.x before 7.1.1 allows forgery of SSH host certificates in some situations...

7.5CVSS9.4AI score0.01033EPSS
Exploits0References4Affected Software1
RedHat Linux
RedHat Linux
added 2020/07/06 8:16 p.m.5 views

Moderate: Red Hat Bug Fix Advisory: OpenShift Container Platform 4.4.11 packages update

Red Hat OpenShift Container Platform release 4.4.11 is now available with updates to packages and images that fix several bugs. Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This...

7.5CVSS6.6AI score0.02836EPSS
Exploits1References1
NVD
NVD
added 2017/04/12 10:59 p.m.16 views

CVE-2016-2803

Cross-site scripting XSS vulnerability in the dependency graphs in Bugzilla 2.16rc1 through 4.4.11, and 4.5.1 through 5.0.2 allows remote attackers to inject arbitrary web script or HTML...

6.1CVSS6AI score0.01483EPSS
Exploits0References4
CNVD
CNVD
added 2016/05/18 12:0 a.m.5 views

Bugzilla cross-site scripting vulnerability (CNVD-2016-03322)

Bugzilla is the United States Mozilla Foundation developed a set of open-source defect tracking system , it can manage software development defects in the submission new, repair resolve, close close and so on the entire life cycle . A cross-site scripting vulnerability exists in Bugzilla versions...

6.1CVSS6AI score0.01483EPSS
Exploits0References1
Rows per page
Query Builder