Lucene search
K

1173 matches found

Patchstack
Patchstack
added 3 days ago4 views

WordPress Logo Slider WP – Responsive Logo Carousel, Logo Gallery & Logo Showcase plugin <= 5.5 - Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting vulnerability discovered by ? in WordPress Plugin Logo Slider versions = 5.5...

6.4CVSS6.1AI score0.00193EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2026/06/15 8:19 p.m.29 views

CVE-2026-49063 WordPress Listdom plugin <= 5.5.0 - Privilege Escalation vulnerability

Unauthenticated Privilege Escalation in Listdom = 5.5.0 versions...

7.3CVSS0.00213EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.5 views

Astra Linux – Vulnerability in Linux-Firmware

Improper input validation in some IntelR Graphics Drivers for Windows before version 26.20.100.7212 and before the Linux kernel version 5.5 may allow a privileged user to potentially enable a denial of service via local access...

5.5CVSS6.2AI score0.00308EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/05/16 3:26 p.m.7 views

CVE-2021-47970

Macaron Notes 5.5 contains a denial of service vulnerability that allows attackers to crash the application by creating notes with excessively long character strings. Attackers can generate a payload containing 350000 repeated characters and paste it into a note field to trigger application crash...

8.7CVSS5.8AI score0.00284EPSS
Exploits0References2Affected Software1
Vulnrichment
Vulnrichment
added 2026/05/16 3:26 p.m.11 views

CVE-2021-47970 Macaron Notes 5.5 Denial of Service via Buffer Overflow

Macaron Notes 5.5 contains a denial of service vulnerability that allows attackers to crash the application by creating notes with excessively long character strings. Attackers can generate a payload containing 350000 repeated characters and paste it into a note field to trigger application crash...

8.7CVSS5.8AI score0.00284EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/04/22 7:45 a.m.2 views

CVE-2026-2714 Institute Management <= 5.5 - Authenticated (Administrator+) Stored Cross-Site Scripting via 'Enquiry Form Title' Setting

The Institute Management plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'Enquiry Form Title' setting in all versions up to, and including, 5.5. This is due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with...

4.4CVSS5.8AI score0.0029EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2026/04/21 12:0 a.m.5 views

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-010713)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-010713 advisory. Improper input validation in some IntelR Graphics Drivers for Windows before version 26.20.100.7212 and before Linux kernel version 5.5 may allow a privileged user t...

5.5CVSS6.7AI score0.00308EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2026/04/21 12:0 a.m.6 views

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-010711)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-010711 advisory. Integer overflow in the firmware for some IntelR Graphics Drivers for Windows before version 26.20.100.7212 and before Linux kernel version 5.5 may allow a privilege...

7.8CVSS6.7AI score0.00359EPSS
Exploits0References3
SUSE Linux
SUSE Linux
added 2026/04/14 10:38 a.m.5 views

Security update for sudo

This update for sudo fixes the following issue: CVE-2026-35535: Fixed potential privilege escalation when running the mailer bsc1261420. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can ru...

7.5CVSS5.8AI score0.00173EPSS
Exploits0References4
CNNVD
CNNVD
added 2026/03/21 12:0 a.m.9 views

Magic Iso Maker 缓冲区错误漏洞

Magic Iso Maker is a disc imaging tool developed by Magic Iso Corporation. Version 5.5 build 281 of Magic Iso Maker has a buffer error vulnerability. This vulnerability stems from a buffer overflow in the Serial Code registration field, which could allow local attackers to cause the application t...

6.9CVSS6.1AI score0.00183EPSS
Exploits1References4
RedhatCVE
RedhatCVE
added 2026/02/25 10:17 p.m.8 views

CVE-2026-22766

Dell Wyse Management Suite, versions prior to WMS 5.5, contain an Unrestricted Upload of File with Dangerous Type vulnerability. A high privileged attacker with remote access could potentially exploit this vulnerability, leading to Remote execution...

7.2CVSS5.5AI score0.00698EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/02/24 7:31 p.m.4 views

CVE-2026-23858

Dell Wyse Management Suite, versions prior to WMS 5.5, contain an Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability. A low privileged attacker with remote access could potentially exploit this vulnerability, leading to Script Injection...

5.4CVSS5.9AI score0.00183EPSS
Exploits0References2
IBM Security Bulletins
IBM Security Bulletins
added 2026/02/23 9:25 a.m.25 views

Security Bulletin: security vulnerabilities are addressed with IBM Business Automation Insights iFixes for January 2026.

Summary Security vulnerabilities are addressed with IBM Business Automation Insights 24.0.0-IF006. These vulnerabilities have been also adressed in 24.0.1-IF006 and 25.0.0-IF003. Vulnerability Details CVEID:CVE-2018-5711 DESCRIPTION: gdgifin.c in the GD Graphics Library aka libgd, as used in PHP...

8.6CVSS8.6AI score0.13204EPSS
Exploits6Affected Software1
OSV
OSV
added 2026/02/17 8:22 p.m.3 views

CVE-2025-27900

IBM DB2 Recovery Expert for LUW 5.5 Interim Fix 002 could allow a remote attacker to conduct phishing attacks, using an open redirect attack. By persuading a victim to visit a specially crafted Web site, a remote attacker could exploit this vulnerability to spoof the URL displayed to redirect a...

6.1CVSS5.6AI score0.00137EPSS
Exploits0References1
CVE
CVE
added 2026/02/04 3:11 a.m.12 views

CVE-2026-1791

CVE-2026-1791 concerns Hillstone Networks products: Operation and Maintenance Security Gateway on Linux with vulnerable versions V5.5ST00001B113 and Hillstone Networks Security Gateway V5.5. The flaw is an unrestricted file upload of a dangerous file type, enabling an attacker to upload a web she...

2.7CVSS5.4AI score0.00311EPSS
Exploits0References1
OPENSUSE Linux
OPENSUSE Linux
added 2026/01/20 12:0 a.m.4 views

libraylib550-5.5-2.1 on GA media (moderate)

libraylib550-5.5-2.1 on GA media Announcement ID: openSUSE-SU-2026:10071-1 Rating: moderate Cross-References: CVE-2025-15533 CVE-2025-15534 Affected Products: openSUSE Tumbleweed An update that solves 2 vulnerabilities can now be installed. Description: These are all security issues fixed in the...

7.8CVSS5.5AI score0.00306EPSS
Exploits2
Tenable Nessus
Tenable Nessus
added 2026/01/16 12:0 a.m.7 views

MiracleLinux 7 : mariadb-5.5.47-1.el7 (AXSA:2016-198:01)

The remote MiracleLinux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2016-198:01 advisory. MariaDB is a community developed branch of MySQL. MariaDB is a multi-user, multi-threaded SQL database server. It is a client/server implementation...

7.2CVSS7.3AI score0.30146EPSS
Exploits6References25
Tenable Nessus
Tenable Nessus
added 2026/01/16 12:0 a.m.4 views

MiracleLinux 4 : mysql55-mysql-5.5.52-1.AXS4 (AXSA:2016-715:03)

The remote MiracleLinux 4 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2016-715:03 advisory. MySQL is a multi-user, multi-threaded SQL database server. MySQL is a client/server implementation consisting of a server daemon mysqld and many...

10CVSS8.2AI score0.6773EPSS
Exploits18References8
Tenable Nessus
Tenable Nessus
added 2026/01/14 12:0 a.m.8 views

MiracleLinux 3 : ruby-1.8.5-5.5 (AXSA:2008-514:03)

The remote MiracleLinux 3 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2008-514:03 advisory. Ruby is the interpreted scripting language for quick and easy object-oriented programming. It has many features to process text files and to do syste...

7.8CVSS6.8AI score0.95182EPSS
Exploits29References7
RedhatCVE
RedhatCVE
added 2026/01/09 11:36 a.m.4 views

CVE-2021-41838

An issue was discovered in SdHostDriver in the kernel 5.0 through 5.5 in Insyde InsydeH2O. There is an SMM callout that allows an attacker to access the System Management Mode and execute arbitrary code. This occurs because of a Numeric Range Comparison Without a Minimum Check...

8.2CVSS7.3AI score0.00301EPSS
Exploits0References1
Rows per page
Query Builder