Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

44 matches found

OSV
OSVadded 2 days ago3 views

MINI-5956-HHXH-CJJC

Bulletin has no description...

6.3CVSS5.7AI score0.00034EPSS
Exploits0
OSV
OSVadded 2026/04/11 8:18 p.m.0 views

MINI-3MGC-5956-X8M9

Bulletin has no description...

6.1CVSS5.7AI score0.00011EPSS
Exploits0
Tenable Nessus
Tenable Nessusadded 2026/01/20 12:0 a.m.3 views

MiracleLinux 8 : git-lfs-3.2.0-2.el8 (AXSA:2023-5956:02)

The remote MiracleLinux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2023-5956:02 advisory. golang: net/http/httputil: ReverseProxy should not forward unparseable query parameters CVE-2022-2880 golang: regexp/syntax: limit memory used by...

7.5CVSS7.7AI score0.00331EPSS
Exploits1References4
RedhatCVE
RedhatCVEadded 2025/07/06 2:18 a.m.5 views

CVE-2025-5956

The WP Human Resource Management plugin for WordPress is vulnerable to Arbitrary User Deletion due to a missing authorization within the ajaxdeleteemployee function in versions 2.0.0 through 2.2.17. The plugin’s deletion handler reads the client-supplied $POST'delete' array and passes each ID...

8.1CVSS6.3AI score0.00165EPSS
Exploits0References1
NVD
NVDadded 2025/07/04 3:15 a.m.3 views

CVE-2025-5956

The WP Human Resource Management plugin for WordPress is vulnerable to Arbitrary User Deletion due to a missing authorization within the ajaxdeleteemployee function in versions 2.0.0 through 2.2.17. The plugin’s deletion handler reads the client-supplied $POST'delete' array and passes each ID...

8.1CVSS0.00165EPSS
Exploits0References3
Cvelist
Cvelistadded 2025/07/04 1:44 a.m.9 views

CVE-2025-5956 WP Human Resource Management 2.0.0 - 2.2.17 - Missing Authorization to Authenticated (Employee+) Arbitrary User Deletion via ajax_delete_employee Function

The WP Human Resource Management plugin for WordPress is vulnerable to Arbitrary User Deletion due to a missing authorization within the ajaxdeleteemployee function in versions 2.0.0 through 2.2.17. The plugin’s deletion handler reads the client-supplied $POST'delete' array and passes each ID...

6.5CVSS0.00165EPSS
Exploits0References3
CVE
CVEadded 2025/07/04 1:44 a.m.22 views

CVE-2025-5956

CVE-2025-5956 concerns the WordPress plugin WP Human Resource Management (versions 2.0.0–2.2.17). The root cause is missing authorization in the ajax_delete_employee() handler, which reads $_POST['delete'] and passes IDs to wp_delete_user() without verifying delete_users capability or restricting...

8.1CVSS6.3AI score0.00165EPSS
Exploits0References3Affected Software1
Patchstack
Patchstackadded 2025/07/03 11:14 p.m.6 views

WordPress WP Human Resource Management plugin 2.0.0-2.2.17 - Missing Authorization to Authenticated (Employee+) Arbitrary User Deletion vulnerability

Missing Authorization to Authenticated Employee+ Arbitrary User Deletion vulnerability discovered by kr0d in WordPress Plugin WP Human Resource Management versions 2.0.0-2.2.17...

8.1CVSS6.8AI score0.00165EPSS
Exploits0References1Affected Software1
OSV
OSVadded 2025/07/03 12:0 a.m.2 views

DSA-5956-1 ring - security update

Bulletin has no description...

7.5CVSS7.3AI score0.00537EPSS
Exploits1
Circl
Circladded 2024/09/05 1:50 p.m.0 views

CVE-2024-5956

creationtimestamp| type| source ---|---|--- 2024-09-05 13:50:19+00:00| seen| https://t.me/cvedetector/4900...

6.5CVSS4.8AI score0.00107EPSS
Exploits0References1
NVD
NVDadded 2024/09/05 11:15 a.m.12 views

CVE-2024-5956

This vulnerability allows unauthenticated remote attackers to bypass authentication and gain partial data access to the vulnerable Trellix IPS Manager with garbage data in response mostly...

6.5CVSS0.00107EPSS
Exploits0References1
OSV
OSVadded 2024/06/06 12:23 p.m.7 views

CGA-4WW9-G958-5956

Bulletin has no description...

7.5CVSS8.3AI score0.64852EPSS
Exploits1
Patchstack
Patchstackadded 2024/01/31 12:0 a.m.9 views

WordPress Wp-Adv-Quiz Plugin <= 1.0.3 is vulnerable to Cross Site Scripting (XSS)

Software Wp-Adv-Quiz Type Plugin Vulnerable versions = 1.0.3 Fixed in N/A OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-5956 Patch priority Low CVSS severity Low 5.9 Developer Claim ownership PSID bf0336ffbf73 Credits Bob Matyas Required privilege...

4.8CVSS5.8AI score0.00081EPSS
Exploits2References4Affected Software1
Circl
Circladded 2024/01/29 4:26 p.m.0 views

CVE-2023-5956

creationtimestamp| type| source ---|---|--- 2024-01-29 16:26:17+00:00| seen| https://t.me/ctinow/175363 2024-02-03 08:16:26+00:00| seen| https://t.me/ctinow/178427 2024-02-21 16:41:29+00:00| seen| https://t.me/ctinow/189752 2025-06-09 21:32:12+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/17...

4.8CVSS4.9AI score0.00081EPSS
Exploits2References4
Cvelist
Cvelistadded 2024/01/29 2:44 p.m.18 views

CVE-2023-5956 Wp-Adv-Quiz <= 1.0.2 - Admin+ Stored XSS in Quiz Overview

The Wp-Adv-Quiz WordPress plugin through 1.0.2 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...

5AI score0.00081EPSS
Exploits2References1
CVE
CVEadded 2024/01/29 2:44 p.m.42 views

CVE-2023-5956

CVE-2023-5956 affects the WordPress plugin Wp-Adv-Quiz (versions up to 1.0.2; some sources indicate

4.8CVSS4.7AI score0.00081EPSS
Exploits2References1Affected Software1
Vulnrichment
Vulnrichmentadded 2024/01/29 2:44 p.m.5 views

CVE-2023-5956 Wp-Adv-Quiz <= 1.0.2 - Admin+ Stored XSS in Quiz Overview

The Wp-Adv-Quiz WordPress plugin through 1.0.2 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...

4.6AI score0.00081EPSS
Exploits2References1
Tenable Nessus
Tenable Nessusadded 2023/09/26 12:0 a.m.18 views

Siemens InsydeH2O Improper Input Validation (CVE-2020-5956)

An issue was discovered in SdLegacySmm in Insyde InsydeH2O with kernel 5.1 before 05.15.11, 5.2 before 05.25.11, 5.3 before 05.34.11, and 5.4 before 05.42.11. The software SMI handler allows untrusted external input because it does not verify CommBuffer. Insyde BIOS is typically used in RUGGEDCOM...

7.5CVSS7.4AI score0.00281EPSS
Exploits0References3
OpenVAS
OpenVASadded 2023/03/16 12:0 a.m.30 views

Ubuntu: Security Advisory (USN-5956-2)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS7.9AI score0.94418EPSS
Exploits67References2
OpenVAS
OpenVASadded 2023/03/16 12:0 a.m.33 views

Ubuntu: Security Advisory (USN-5956-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS7.2AI score0.94418EPSS
Exploits67References4
Rows per page
Query Builder