CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

10 matches found

Circl•added 2025/05/29 8:5 p.m.•8 views

CVE-2025-48336

creationtimestamp| type| source ---|---|--- 2025-05-29 20:05:22+00:00| seen| https://bsky.app/profile/2rZiKKbOU3nTafniR2qMMSE0gwZ.activitypub.awakari.com.ap.brid.gy/post/3lqdjbzzqipt2 2025-05-29 21:07:22+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3lqdmrjwie627...

9.8CVSS7AI score0.00369EPSS

Exploits0References2

Cvelist•added 2025/05/29 6:54 p.m.•20 views

CVE-2025-48336 WordPress Course Builder < 3.6.6 - PHP Object Injection Vulnerability

Deserialization of Untrusted Data vulnerability in ThimPress Course Builder course-builder allows Object Injection.This issue affects Course Builder: from n/a through 3.6.6...

9.8CVSS0.00369EPSS

Exploits0References1

Patchstack•added 2025/05/29 12:0 a.m.•9 views

WordPress Course Builder Theme < 3.6.6 is vulnerable to PHP Object Injection

Software Course Builder Type Theme Vulnerable versions 3.6.6 Fixed in 3.6.6 OWASP Top 10 A3: Injection Classification PHP Object Injection CVE CVE-2025-48336 Patch priority High CVSS severity High 9.8 Developer Claim ownership PSID 330f3e0387ca Credits Annn Required privilege Unauthenticated...

9.8CVSS9.6AI score0.00369EPSS

Exploits0References1Affected Software1

RedhatCVE•added 2025/05/23 7:30 a.m.•6 views

CVE-2024-48336

The install function of ProviderInstaller.java in Magisk App before canary version 27007 does not verify the GMS app before loading it, which allows a local untrusted app with no additional privileges to silently execute arbitrary code in the Magisk app and escalate privileges to root via a craft...

8.4CVSS7.6AI score0.16591EPSS

Exploits1References1

Circl•added 2024/11/04 8:17 p.m.•2 views

CVE-2024-48336

creationtimestamp| type| source ---|---|--- 2024-11-04 20:17:53+00:00| seen| https://t.me/cvedetector/9770 2024-11-05 03:02:16+00:00| published-proof-of-concept| https://t.me/GithubRedTeam/8949 2024-11-05 20:57:54+00:00| published-proof-of-concept| https://t.me/HackerArsenal/688...

8.4CVSS4.8AI score0.16591EPSS

Exploits1References3

CVE•added 2023/11/30 10:36 a.m.•74 views

CVE-2023-48336

CVE-2023-48336 (Easy Social Icons) affects WordPress plugin Easy Social Icons (versions

6.5CVSS6.7AI score0.00181EPSS

Exploits0References1Affected Software1

Cvelist•added 2023/11/30 10:36 a.m.•22 views

CVE-2023-48336 WordPress Easy Social Icons Plugin <= 3.2.4 is vulnerable to Cross Site Scripting (XSS)

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in cybernetikz Easy Social Icons allows Stored XSS.This issue affects Easy Social Icons: from n/a through 3.2.4...

6.5CVSS6.6AI score0.00181EPSS

Exploits0References1

Circl•added 2023/06/26 8:55 p.m.•2 views

CVE-2022-48336

creationtimestamp| type| source ---|---|--- 2023-06-26 20:55:05+00:00| seen| https://t.me/cibsecurity/65521...

9.8CVSS8.7AI score0.00189EPSS

Exploits1References1

ATTACKERKB•added 2023/06/26 5:15 p.m.•3 views

CVE-2022-48336

Widevine Trusted Application TA 5.0.0 through 7.1.1 has a PRDiagParseAndStoreData integer overflow and resultant buffer overflow...

9.8CVSS7.8AI score0.00189EPSS

Exploits1References2

CVE•added 2023/06/26 12:0 a.m.•47 views

CVE-2022-48336

The vulnerability CVE-2022-48336 affects the Widevine Trusted Application (TA) versions 5.0.0 through 7.1.1. The issue is an integer overflow in the PRDiagParseAndStoreData function, which leads to a buffer overflow. Connected sources confirm the affected component and the root cause, with no pub...

9.8CVSS9.6AI score0.00189EPSS

Exploits1References1Affected Software1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by