Lucene search
K

137 matches found

CVE
CVE
added 2026/04/14 1:56 p.m.10 views

CVE-2026-4344

CVE-2026-4344 describes a Stored XSS vulnerability in the Autodesk Fusion desktop application. A malicious HTML payload in the component name, when shown in a delete confirmation dialog and clicked by a user, can execute script in the user’s context. The CVE notes potential to read local files or...

7.1CVSS6.1AI score0.00204EPSS
Exploits0References3Affected Software1
EUVD
EUVD
added 2026/01/23 2:29 p.m.4 views

EUVD-2026-4344

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in jagdish1o1 Delay Redirects delay-redirects allows DOM-Based XSS.This issue affects Delay Redirects: from n/a through = 1.0.0...

5.9CVSS5.4AI score0.0014EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/01/16 12:0 a.m.6 views

MiracleLinux 4 : qemu-kvm-0.12.1.2-2.415.AXS4.4 (AXSA:2014-016:01)

The remote MiracleLinux 4 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2014-016:01 advisory. KVM for Kernel-based Virtual Machine is a full virtualization solution for Linux on x86 hardware. Using KVM, one can run multiple virtual machines running...

7.2CVSS7.6AI score0.00434EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2026/01/09 11:55 a.m.10 views

CVE-2018-4344

A memory corruption issue was addressed with improved memory handling. This issue affected versions prior to iOS 12, macOS Mojave 10.14, tvOS 12, watchOS 5...

9.3CVSS6.5AI score0.02939EPSS
Exploits0References1
Circl
Circl
added 2025/05/06 10:21 a.m.15 views

CVE-2025-4344

creationtimestamp| type| source ---|---|--- 2025-05-06 10:21:02+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/15082 2025-05-06 10:36:20+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3loiorxphbp2j 2025-05-06 12:31:16+00:00| published-proof-of-concept|...

9.8CVSS8.1AI score0.00981EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2025/05/06 9:31 a.m.7 views

CVE-2025-4344 D-Link DIR-600L formLogin buffer overflow

A vulnerability, which was classified as critical, was found in D-Link DIR-600L up to 2.07B01. This affects the function formLogin. The manipulation of the argument host leads to buffer overflow. It is possible to initiate the attack remotely. This vulnerability only affects products that are no...

9CVSS7.1AI score0.00981EPSS
Exploits0References5
Patchstack
Patchstack
added 2024/06/03 12:0 a.m.8 views

WordPress Shield Security Plugin <= 19.1.10 is vulnerable to Cross Site Request Forgery (CSRF)

Software Shield Security Type Plugin Vulnerable versions = 19.1.10 Fixed in 19.1.11 OWASP Top 10 A5: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2024-4344 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID cbf7668e1a87 Credits Christian Angel...

4.3CVSS6.6AI score0.00219EPSS
Exploits0References3Affected Software1
NVD
NVD
added 2024/06/02 5:15 a.m.15 views

CVE-2024-4344

The Shield Security – Smart Bot Blocking & Intrusion Prevention Security plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 19.1.13. This is due to missing or incorrect nonce validation on the exec function. This makes it possible for...

4.3CVSS4.7AI score0.00219EPSS
Exploits0References3
CVE
CVE
added 2024/06/02 4:30 a.m.25 views

CVE-2024-4344

CVE-2024-4344 concerns the Shield Security – Smart Bot Blocking & Intrusion Prevention Security WordPress plugin. It is vulnerable to Cross-Site Request Forgery in all versions up to and including 19.1.13. The root cause is missing or incorrect nonce validation on the exec function, enabling unau...

4.3CVSS4.6AI score0.00219EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2024/06/02 4:30 a.m.11 views

CVE-2024-4344 Shield Security – Smart Bot Blocking & Intrusion Prevention Security <= 19.1.13 - Cross-Site Request Forgery

The Shield Security – Smart Bot Blocking & Intrusion Prevention Security plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 19.1.13. This is due to missing or incorrect nonce validation on the exec function. This makes it possible for...

4.3CVSS6.4AI score0.00219EPSS
Exploits0References3
Rosalinux
Rosalinux
added 2023/10/21 4:35 p.m.31 views

Advisory ROSA-SA-2023-2257

Software: wireshark 4.0.5 OS: ROSA-CHROME packageevrstring: wireshark-4.0.5-1.src.rpm CVE-ID: CVE-2022-4344 BDU-ID: None CVE-Crit: MEDIUM CVE-DESC.: A memory shortage in the Kafka protocol dissector in Wireshark versions 4.0.0.0-4.0.1 and 3.6.0-3.6.9 allows denial of service via packet injection ...

7.5CVSS8.8AI score0.0462EPSS
Exploits3
CBLMariner
CBLMariner
added 2023/09/28 11:57 a.m.18 views

CVE-2022-4344 affecting package wireshark for versions less than 4.0.8-1

CVE-2022-4344 affecting package wireshark for versions less than 4.0.8-1. An upgraded version of the package is available that resolves this issue...

6.3CVSS5.7AI score0.00569EPSS
Exploits0
NVD
NVD
added 2023/08/15 7:15 p.m.29 views

CVE-2023-4344

Broadcom RAID Controller web interface is vulnerable to insufficient randomness due to improper use of ssl.rnd to setup CIM connection...

9.8CVSS9.5AI score0.00588EPSS
Exploits0References2
CVE
CVE
added 2023/08/15 6:25 p.m.38 views

CVE-2023-4344

Summary: CVE-2023-4344 affects the Broadcom RAID Controller web interface, where the vulnerability stems from insufficient randomness due to improper use of ssl.rnd to set up CIM connections. Affected product/where it’s exposed: Broadcom RAID Controller web interface (Broadcom RAID Controller fam...

9.8CVSS9.6AI score0.00588EPSS
Exploits0References2Affected Software1
OSV
OSV
added 2023/06/07 2:15 a.m.4 views

CVE-2021-4344

The Frontend File Manager plugin for WordPress is vulnerable to Privilege Escalation in versions up to, and including, 18.2. This is due to lacking mishandling the use of user IDs that is accessible by the visitor. This makes it possible for unauthenticated or authenticated attackers to access th...

5.4CVSS5.8AI score0.00467EPSS
Exploits1References2
CVE
CVE
added 2023/06/07 1:51 a.m.42 views

CVE-2021-4344

Summary (CVE-2021-4344): The WordPress plugin Frontend File Manager up to version 18.2 is vulnerable to a privilege escalation due to improper handling of user IDs accessible by visitors. This can allow unauthenticated or authenticated attackers to access information and privileges of other users...

6.4CVSS5.3AI score0.00467EPSS
Exploits1References2Affected Software1
Vulnrichment
Vulnrichment
added 2023/06/07 1:51 a.m.10 views

CVE-2021-4344 Frontend File Manager <= 18.2 - Privilege Escalation

The Frontend File Manager plugin for WordPress is vulnerable to Privilege Escalation in versions up to, and including, 18.2. This is due to lacking mishandling the use of user IDs that is accessible by the visitor. This makes it possible for unauthenticated or authenticated attackers to access th...

6.4CVSS6.1AI score0.00467EPSS
Exploits1References2
Amazon
Amazon
added 2023/06/07 12:0 a.m.6 views

Medium: wireshark

Issue Overview: RPCoRDMA dissector crash in Wireshark 4.0.0 to 4.0.4 and 3.6.0 to 3.6.12 allows denial of service via packet injection or crafted capture file CVE-2023-1992 LISP dissector large loop in Wireshark 4.0.0 to 4.0.4 and 3.6.0 to 3.6.12 allows denial of service via packet injection or...

7.5CVSS6.6AI score0.0462EPSS
Exploits3
F5 Networks
F5 Networks
added 2023/02/21 7:49 p.m.44 views

K15561: Kerberos vulnerability CVE-2014-4344

Security Advisory Description The accctxcont function in the SPNEGO acceptor in lib/gssapi/spnego/spnegomech.c in MIT Kerberos 5 aka krb5 1.5.x through 1.12.x before 1.12.2 allows remote attackers to cause a denial of service NULL pointer dereference and application crash via an empty continuatio...

7.8CVSS7.8AI score0.06614EPSS
Exploits0Affected Software3
SUSE CVE
SUSE CVE
added 2023/02/15 5:3 a.m.2 views

SUSE CVE-2016-4344

Integer overflow in the xmlutf8encode function in ext/xml/xml.c in PHP before 7.0.4 allows remote attackers to cause a denial of service or possibly have unspecified other impact via a long argument to the utf8encode function, leading to a heap-based buffer overflow...

9.8CVSS8.8AI score0.05175EPSS
Exploits1References5
Rows per page
Query Builder