Lucene search
K

66 matches found

Tenable Nessus
Tenable Nessus
added 2025/12/04 12:0 a.m.8 views

Debian dsa-6070 : gir1.2-javascriptcoregtk-4.0 - security update

The remote Debian 12 / 13 host has packages installed that are affected by multiple vulnerabilities as referenced in the dsa-6070 advisory. - ------------------------------------------------------------------------- Debian Security Advisory DSA-6070-1 [email protected]...

8.8CVSS7.4AI score0.01378EPSS
Exploits0References23
OpenVAS
OpenVAS
added 2025/12/04 12:0 a.m.4 views

Debian: Security Advisory (DSA-6070-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.8CVSS6.8AI score0.01378EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2001-0572

Malware in sbrugna...

5CVSS6.4AI score0.05301EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2025/08/27 12:0 a.m.3 views

Linux Distros Unpatched Vulnerability : CVE-2020-6070

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An exploitable code execution vulnerability exists in the file system checking functionality of fsck.f2fs 1.12.0. A specially crafted f2fs file can cause a logi...

7.8CVSS7.2AI score0.0173EPSS
Exploits1References2
NVD
NVD
added 2025/06/14 9:15 a.m.14 views

CVE-2025-6070

The Restrict File Access plugin for WordPress is vulnerable to Directory Traversal in all versions up to, and including, 1.1.2 via the output function. This makes it possible for authenticated attackers, with Subscriber-level access and above, to read the contents of arbitrary files on the server...

6.5CVSS0.00628EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2025/06/14 8:23 a.m.3 views

CVE-2025-6070 Restrict File Access <= 1.1.2 - Authenticated (Subscriber+) Arbitrary File Read

The Restrict File Access plugin for WordPress is vulnerable to Directory Traversal in all versions up to, and including, 1.1.2 via the output function. This makes it possible for authenticated attackers, with Subscriber-level access and above, to read the contents of arbitrary files on the server...

6.5CVSS6.2AI score0.00628EPSS
Exploits0References2
Cvelist
Cvelist
added 2025/06/14 8:23 a.m.21 views

CVE-2025-6070 Restrict File Access <= 1.1.2 - Authenticated (Subscriber+) Arbitrary File Read

The Restrict File Access plugin for WordPress is vulnerable to Directory Traversal in all versions up to, and including, 1.1.2 via the output function. This makes it possible for authenticated attackers, with Subscriber-level access and above, to read the contents of arbitrary files on the server...

6.5CVSS0.00628EPSS
Exploits0References2
Patchstack
Patchstack
added 2025/06/14 3:11 a.m.13 views

WordPress Restrict File Access plugin <= 1.1.2 - Authenticated (Subscriber+) Arbitrary File Read vulnerability

Authenticated Subscriber+ Arbitrary File Read vulnerability discovered by johska in WordPress Plugin Restrict File Access versions = 1.1.2...

6.5CVSS6.8AI score0.00628EPSS
Exploits0References1Affected Software1
RedhatCVE
RedhatCVE
added 2025/05/23 8:1 a.m.8 views

CVE-2024-6070

The If-So Dynamic Content Personalization WordPress plugin before 1.8.0.4 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in...

4.8CVSS5.7AI score0.00374EPSS
Exploits1References1
Patchstack
Patchstack
added 2024/07/15 12:0 a.m.14 views

WordPress If-So Dynamic Content Personalization Plugin < 1.8.0.4 is vulnerable to Cross Site Scripting (XSS)

Software If-So Dynamic Content Personalization Type Plugin Vulnerable versions 1.8.0.4 Fixed in 1.8.0.4 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-6070 Patch priority Low CVSS severity Low 5.9 Developer Claim ownership PSID aeca1edb610d Credits...

4.8CVSS5.8AI score0.00374EPSS
Exploits1References4Affected Software1
OSV
OSV
added 2024/07/13 6:15 a.m.2 views

CVE-2024-6070

The If-So Dynamic Content Personalization WordPress plugin before 1.8.0.4 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in...

4.8CVSS5.8AI score
Exploits0References1
NVD
NVD
added 2024/07/13 6:15 a.m.21 views

CVE-2024-6070

The If-So Dynamic Content Personalization WordPress plugin before 1.8.0.4 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in...

4.8CVSS0.00374EPSS
Exploits1References1
Vulnrichment
Vulnrichment
added 2024/07/13 6:0 a.m.14 views

CVE-2024-6070 if-so < 1.8.0.4 - Admin+ Stored XSS

The If-So Dynamic Content Personalization WordPress plugin before 1.8.0.4 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in...

5.8AI score0.00374EPSS
Exploits1References1
Cvelist
Cvelist
added 2024/07/13 6:0 a.m.24 views

CVE-2024-6070 if-so < 1.8.0.4 - Admin+ Stored XSS

The If-So Dynamic Content Personalization WordPress plugin before 1.8.0.4 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in...

0.00374EPSS
Exploits1References1
Circl
Circl
added 2024/02/23 6:11 p.m.7 views

CVE-2012-6070

creationtimestamp| type| source ---|---|--- 2024-02-23 18:11:32+00:00| seen| https://t.me/ctinow/191989...

7.5CVSS7.4AI score0.01585EPSS
Exploits0References1
Circl
Circl
added 2023/12/20 10:11 a.m.6 views

CVE-2023-6070

creationtimestamp| type| source ---|---|--- 2023-12-20 10:11:48+00:00| seen| https://t.me/ctinow/156850...

4.3CVSS4.7AI score0.00243EPSS
Exploits0References1
CVE
CVE
added 2023/11/29 8:53 a.m.33 views

CVE-2023-6070

The connected sources provide concrete details for CVE-2023-6070: an SSRF vulnerability in Trellix ESM (Enterprise Security Manager) versions prior to 11.6.8. A low-privileged authenticated user can upload arbitrary content through the certificate validation functionality, potentially altering co...

4.3CVSS4.7AI score0.00243EPSS
Exploits0References1Affected Software1
ATTACKERKB
ATTACKERKB
added 2023/11/22 6:15 p.m.4 views

CVE-2023-48646

Zoho ManageEngine RecoveryManager Plus before 6070 allows admin users to execute arbitrary commands via proxy settings...

7.2CVSS6.1AI score0.82163EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2023/11/22 12:0 a.m.5 views

PT-2023-7559 · Zoho · Zoho Manageengine Recovery Manager Plus

Name of the Vulnerable Software and Affected Versions: Zoho ManageEngine RecoveryManager Plus versions prior to 6070 Description: The issue allows admin users to execute arbitrary commands via proxy settings. This is due to a failure to neutralize special elements, which can be exploited by a...

8.3CVSS7.4AI score0.82163EPSS
Exploits0References5
CNNVD
CNNVD
added 2023/11/22 12:0 a.m.5 views

ZOHO ManageEngine RecoveryManager Plus Security Vulnerability

ZOHO ManageEngine RecoveryManager Plus is a backup and recovery solution from ZOHO, Inc. A security vulnerability exists in ZOHO ManageEngine RecoveryManager Plus versions prior to 6070 that originates from allowing an administrator user to execute arbitrary commands via proxy settings...

7.2CVSS7.4AI score0.82163EPSS
Exploits0References2
Rows per page
Query Builder