Lucene search
K

33 matches found

Cvelist
Cvelist
added 2025/12/18 7:22 a.m.27 views

CVE-2025-6326 WordPress Inset theme <= 1.18.0 - Local File Inclusion Vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in AncoraThemes Inset inset allows PHP Local File Inclusion.This issue affects Inset: from n/a through = 1.18.0...

8.1CVSS0.00344EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 4:57 a.m.10 views

CVE-2023-6326

The Master Slider – Responsive Touch Slider plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 3.9.10. This is due to missing or incorrect nonce validation on the 'processbulkaction' function. This makes it possible for unauthenticated attackers...

5.4CVSS6.7AI score0.00257EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 4:45 p.m.10 views

CVE-2020-6326

SAP NetWeaver Knowledge Management, version-7.30,7.31,7.40,7.50, allows an authenticated attacker to create malicious links in the UI, when clicked by victim, will execute arbitrary java scripts thus extracting or modifying information otherwise restricted leading to Stored Cross Site Scripting...

5.4CVSS6.8AI score0.00648EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 4:12 a.m.8 views

CVE-2012-6326

VMware vCenter Server 4.1 before Update 3 and 5.0 before Update 2, and vCSA 5.0 before Update 2, allows remote attackers to cause a denial of service disk consumption via vectors that trigger large log entries...

7.8CVSS6.8AI score0.01328EPSS
Exploits0References1
OSV
OSV
added 2024/11/15 8:6 p.m.8 views

CGA-6326-VCVP-J59P

Bulletin has no description...

3.1CVSS4.6AI score0.00521EPSS
Exploits0
NVD
NVD
added 2024/07/16 5:15 p.m.33 views

CVE-2024-6326

An exposure of sensitive information vulnerability exists in the Rockwell Automation FactoryTalk® System Service. A malicious user could exploit this vulnerability by starting a back-up or restore process, which temporarily exposes private keys, passwords, pre-shared keys, and database folders wh...

5.5CVSS0.00176EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/07/16 4:51 p.m.29 views

CVE-2024-6326 Rockwell Automation Unsecured Private Keys in FactoryTalk® System Services

An exposure of sensitive information vulnerability exists in the Rockwell Automation FactoryTalk® System Service. A malicious user could exploit this vulnerability by starting a back-up or restore process, which temporarily exposes private keys, passwords, pre-shared keys, and database folders wh...

1.8CVSS0.00176EPSS
Exploits0References1
Circl
Circl
added 2024/03/02 1:27 p.m.6 views

CVE-2023-6326

creationtimestamp| type| source ---|---|--- 2024-03-02 13:27:01+00:00| seen| https://t.me/ctinow/198348 2024-03-02 13:31:57+00:00| seen| https://t.me/ctinow/198353...

5.4CVSS6.7AI score0.00257EPSS
Exploits0References2
CVE
CVE
added 2024/03/02 11:15 a.m.74 views

CVE-2023-6326

CVE-2023-6326 affects Master Slider – Responsive Touch Slider for WordPress. The issue is Cross-Site Request Forgery due to missing/incorrect nonce validation in process_bulk_action, enabling unauthenticated attackers to duplicate or delete sliders via forged admin actions. Public references (Red...

5.4CVSS6.7AI score0.00257EPSS
Exploits0References3Affected Software1
Tenable Nessus
Tenable Nessus
added 2023/08/31 12:0 a.m.32 views

Ubuntu 16.04 ESM / 18.04 ESM / 20.04 ESM / 22.04 ESM / 23.04 : GitPython vulnerability (USN-6326-1)

The remote Ubuntu 16.04 ESM / 18.04 ESM / 20.04 ESM / 22.04 ESM / 23.04 host has packages installed that are affected by a vulnerability as referenced in the USN-6326-1 advisory. It was discovered that GitPython did not block insecure options from user inputs in the clone command. An attacker cou...

9.8CVSS8.5AI score0.00984EPSS
Exploits0References2
CVE
CVE
added 2022/07/28 4:49 p.m.34 views

CVE-2016-6326

CVE-2016-6326 is rejected/not used; this CVE entry does not represent an active vulnerability.

6.7AI score
Exploits0
CVE
CVE
added 2020/09/09 12:47 p.m.48 views

CVE-2020-6326

SAP NetWeaver Knowledge Management (versions 7.30, 7.31, 7.40, 7.50) is exposed to a Stored Cross-Site Scripting vulnerability (CVE-2020-6326) where an authenticated attacker can create a malicious UI link that, when clicked, executes arbitrary JavaScript and may extract or modify restricted info...

5.4CVSS5.5AI score0.00648EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2019/06/17 3:55 p.m.74 views

CVE-2019-6326

CVE-2019-6326 affects HP Color LaserJet Pro M280-M281 Multifunction Printer series (before v20190419) and HP LaserJet Pro MFP M28-M31 Printer series (before v20190426). The vulnerability is a Buffer Overflow in the device’s embedded web server, triggered by processing memory operations without pr...

7.2CVSS7.5AI score0.01712EPSS
Exploits0References1Affected Software1
NVD
NVD
added 2018/07/31 8:29 p.m.22 views

CVE-2018-14308

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.0.1.5096. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

8.8CVSS8.8AI score0.02773EPSS
Exploits0References2
Prion
Prion
added 2018/07/31 8:29 p.m.17 views

Design/Logic Flaw

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.0.1.5096. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

6.8CVSS8.8AI score0.02773EPSS
Exploits0References2Affected Software2
CVE
CVE
added 2018/07/31 8:0 p.m.63 views

CVE-2018-14308

CVE-2018-14308 affects Foxit Reader (and Foxit PhantomPDF) with versions before 9.2.0.9097. The root cause is a use-after-free in valueAsString handling where the code does not verify an object exists before operating on it, allowing remote code execution when a user visits a malicious page or op...

8.8CVSS8.8AI score0.02773EPSS
Exploits0References2Affected Software2
CVE
CVE
added 2017/06/26 9:0 p.m.90 views

CVE-2017-6326

CVE-2017-6326 affects Symantec Messaging Gateway. A command injection vulnerability allows an authenticated user to execute arbitrary OS commands on the web server (root context) via the backupNow.do flow due to insufficient input validation. Affected: SMG 10.x before 10.6.3-266 (per SYM17-004). ...

10CVSS9.6AI score0.72759EPSS
Exploits5References4Affected Software1
Circl
Circl
added 2017/06/26 12:0 a.m.27 views

CVE-2017-6326

creationtimestamp| type| source ---|---|--- 2017-06-26 00:00:00+00:00| exploited| https://www.exploit-db.com/exploits/42251 2018-05-29 15:50:33+00:00| seen| https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/linux/http/symantecmessaginggatewayexec.rb 2025-02-06...

10CVSS8.9AI score0.72759EPSS
Exploits5References2
OpenVAS
OpenVAS
added 2017/06/12 12:0 a.m.37 views

Symantec Messaging Gateway <= 10.6.3 Multiple Vulnerabilities

Symantec Messaging Gateway is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

10CVSS8.1AI score0.72759EPSS
Exploits5References1
OpenVAS
OpenVAS
added 2015/11/25 12:0 a.m.33 views

Cisco ASA DNS DoS Vulnerability (cisco-sa-20151021-asa-dns2)

A vulnerability in the DNS code of Cisco ASA may lead to a denial of service. Copyright C 2015 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program i...

7.8CVSS6.7AI score0.01908EPSS
Exploits0References1
Rows per page
Query Builder