Lucene search
+L

128 matches found

OSV
OSV
added 2026/05/22 2:3 a.m.5 views

ECHO-48BB-6383-BA42

Bulletin has no description...

8.8CVSS5.7AI score0.0033EPSS
Exploits0References1
SUSE CVE
SUSE CVE
added 2026/04/17 12:4 p.m.7 views

SUSE CVE-2026-6383

A flaw was found in KubeVirt's Role-Based Access Control RBAC evaluation logic. The authorization mechanism improperly truncates subresource names, leading to incorrect permission evaluations. This allows authenticated users with specific custom roles to gain unauthorized access to subresources,...

5.4CVSS5.7AI score0.0015EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2026/04/03 12:0 a.m.14 views

AlmaLinux 9 : grafana-pcp (ALSA-2026:6383)

The remote AlmaLinux 9 host has a package installed that is affected by a vulnerability as referenced in the ALSA-2026:6383 advisory. net/url: Incorrect parsing of IPv6 host literals in net/url CVE-2026-25679 Tenable has extracted the preceding description block directly from the AlmaLinux securi...

7.5CVSS7.3AI score0.00728EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2026/01/16 12:0 a.m.4 views

MiracleLinux 4 : kernel-2.6.32-431.17.1.el6 (AXSA:2014-441:02)

The remote MiracleLinux 4 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2014-441:02 advisory. The kernel package contains the Linux kernel vmlinuz, the core of any Linux operating system. The kernel handles the basic functions of the operating...

10CVSS7.2AI score0.10385EPSS
Exploits2References4
EUVD
EUVD
added 2025/10/07 12:30 a.m.8 views

EUVD-2007-0899

Malware in sbrugna...

7.5CVSS6.1AI score0.02452EPSS
Exploits0References11
Circl
Circl
added 2025/09/09 2:31 p.m.8 views

CVE-2024-6383

creationtimestamp| type| source ---|---|--- 2025-09-09 14:31:42+00:00| seen| Telegram/E0KsFSsJPa62sMflb2zr5PWxT4eovn0FA00I5QEXBdwPDEU...

5.3CVSS6.5AI score0.00625EPSS
Exploits0
OpenVAS
OpenVAS
added 2025/07/04 12:0 a.m.4 views

Ubuntu: Security Advisory (USN-7613-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.4CVSS7.1AI score0.00734EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2025/06/28 3:21 a.m.11 views

CVE-2025-6383

The WP-PhotoNav plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's photonav shortcode in all versions up to, and including, 1.2.2 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated...

6.4CVSS6AI score0.00174EPSS
Exploits0References1
Circl
Circl
added 2025/06/26 2:50 a.m.14 views

CVE-2025-6383

creationtimestamp| type| source ---|---|--- 2025-06-26 02:50:37+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/19555 2025-06-26 06:33:26+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3lsiiylrpfu2m...

6.4CVSS4.8AI score0.00174EPSS
Exploits0References2
CVE
CVE
added 2025/06/26 2:6 a.m.38 views

CVE-2025-6383

CVE-2025-6383 affects the WordPress plugin WP-PhotoNav (versions up to and including 1.2.2). It describes a stored cross-site scripting vulnerability in the photonav shortcode caused by insufficient input sanitization and output escaping. Exploitation requires attacker authentication at contribut...

6.4CVSS5.5AI score0.00174EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2025/06/26 2:6 a.m.10 views

CVE-2025-6383 WP-PhotoNav <= 1.2.2 - Authenticated (Contributor+) Stored Cross-Site Scripting via photonav Shortcode

The WP-PhotoNav plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's photonav shortcode in all versions up to, and including, 1.2.2 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated...

6.4CVSS0.00174EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2025/06/26 2:6 a.m.5 views

CVE-2025-6383 WP-PhotoNav <= 1.2.2 - Authenticated (Contributor+) Stored Cross-Site Scripting via photonav Shortcode

The WP-PhotoNav plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's photonav shortcode in all versions up to, and including, 1.2.2 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated...

6.4CVSS5.5AI score0.00174EPSS
Exploits0References2
Patchstack
Patchstack
added 2025/06/26 1:5 a.m.10 views

WordPress WP-PhotoNav plugin <= 1.2.2 - Authenticated (Contributor+) Stored Cross-Site Scripting via photonav Shortcode vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting via photonav Shortcode vulnerability discovered by Gilang in WordPress Plugin WP-PhotoNav versions = 1.2.2...

6.4CVSS5.5AI score0.00174EPSS
Exploits0References1Affected Software1
OSV
OSV
added 2025/05/16 4:15 p.m.3 views

DEBIAN-CVE-2025-40906

BSON::XS versions 0.8.4 and earlier for Perl includes a bundled libbson 1.1.7, which has several vulnerabilities. Those include CVE-2017-14227, CVE-2018-16790, CVE-2023-0437, CVE-2024-6381, CVE-2024-6383, and CVE-2025-0755. BSON-XS was the official Perl XS implementation of MongoDB's BSON...

9.8CVSS7.8AI score0.00534EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2025/03/06 12:0 a.m.6 views

Linux Distros Unpatched Vulnerability : CVE-2024-6383

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The bsonstringappend function in MongoDB C Driver may be vulnerable to a buffer overflow where the function might attempt to allocate too small of buffer and ma...

5.3CVSS7AI score0.00625EPSS
Exploits0References2
Cvelist
Cvelist
added 2024/07/03 9:33 p.m.30 views

CVE-2024-6383 MongoDB C Driver bson_string_append may be vulnerable to a buffer overflow

The bsonstringappend function in MongoDB C Driver may be vulnerable to a buffer overflow where the function might attempt to allocate too small of buffer and may lead to memory corruption of neighbouring heap memory. This issue affects libbson versions prior to 1.27.1...

5.3CVSS0.00625EPSS
Exploits0References1
Debian CVE
Debian CVE
added 2024/07/03 9:33 p.m.13 views

CVE-2024-6383

The bsonstringappend function in MongoDB C Driver may be vulnerable to a buffer overflow where the function might attempt to allocate too small of buffer and may lead to memory corruption of neighbouring heap memory. This issue affects libbson versions prior to 1.27.1...

5.3CVSS7AI score0.00625EPSS
Exploits0
OSV
OSV
added 2024/06/06 12:28 p.m.16 views

CGA-PMXF-FWPC-6383

Bulletin has no description...

5.3CVSS6.9AI score0.01208EPSS
Exploits0
Circl
Circl
added 2024/01/09 7:56 a.m.6 views

CVE-2020-6383

creationtimestamp| type| source ---|---|--- 2024-01-09 07:56:37+00:00| seen| https://t.me/arpsyndicate/2730...

8.8CVSS7AI score0.0638EPSS
Exploits1References1
Circl
Circl
added 2024/01/08 8:27 p.m.6 views

CVE-2023-6383

creationtimestamp| type| source ---|---|--- 2024-01-08 20:27:09+00:00| seen| https://t.me/ctinow/164609 2024-01-25 16:22:14+00:00| seen| https://t.me/ctinow/173547...

7.5CVSS7.1AI score0.00647EPSS
Exploits2References2
Rows per page
Query Builder