Lucene search
K

55 matches found

Circl
Circl
added 2026/04/28 8:11 p.m.22 views

CVE-2026-6970

creationtimestamp| type| source ---|---|--- 2026-04-28 20:11:02+00:00| seen| https://bsky.app/profile/mel-echosphere.bsky.social/post/3mklfebpkit2s 2026-05-01 07:03:02+00:00| seen| https://bsky.app/profile/hugovalters.bsky.social/post/3mkrkpz77ed26 2026-05-06 07:40:29+00:00| seen|...

7.3CVSS5.7AI score0.0011EPSS
Exploits0References3
OSV
OSV
added 2026/04/27 12:0 a.m.6 views

UBUNTU-CVE-2026-6970

authd prior to version 0.6.4 contains a logic error in primary group ID assignment that can lead to local privilege escalation. When a user's primary group ID GID differs from their UID, either because the account was created with authd prior to version 0.5.4 or because the primary group was...

7.3CVSS5.8AI score0.0011EPSS
Exploits0References3
Nuclei
Nuclei
added 2026/02/12 12:4 a.m.7 views

WP Recipe Maker <= 9.1.0 - Reflected XSS via Referer Header

The WP Recipe Maker plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'Referer' header in all versions up to, and including, 9.1.0 due to insufficient input sanitization and output escaping. The Referer header value is used directly in the href attribute of the "Back"...

6.1CVSS5.5AI score0.00679EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2025/09/04 12:0 a.m.2 views

Linux Distros Unpatched Vulnerability : CVE-2019-6970

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Moodle 3.5.x before 3.5.4 allows SSRF. CVE-2019-6970 Note that Nessus relies on the presence of the package as reported by the vendor. %NASLMINLEVEL 80900 C...

7.5CVSS7.3AI score0.01201EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2025/08/09 12:23 a.m.5 views

CVE-2025-47188

A vulnerability in the Mitel 6800 Series, 6900 Series, and 6900w Series SIP Phones through 6.4 SP4 R6.4.0.4006, and the 6970 Conference Unit through 6.4 SP4 R6.4.0.4006 or version V1 R0.1.0, could allow an unauthenticated attacker to conduct a command injection attack due to insufficient paramete...

6.5CVSS9.2AI score0.48492EPSS
Exploits0References1
Circl
Circl
added 2025/07/10 3:0 a.m.13 views

CVE-2025-6970

creationtimestamp| type| source ---|---|--- 2025-07-10 03:00:13+00:00| published-proof-of-concept| Telegram/VL2zkodKXJ4s7-qnqkcGB4g3iOsCKYXSgneWGoW9UEmWyHE 2025-07-15 16:23:39+00:00| confirmed| https://github.com/projectdiscovery/nuclei-templates/tree/main/http/cves/2025/CVE-2025-6970.yaml...

7.5CVSS5.3AI score0.55683EPSS
Exploits2References2
Packet Storm
Packet Storm
added 2025/07/10 12:0 a.m.147 views

📄 WordPress Events Manager 7.0.3 SQL Injection

The Events Manager – Calendar, Bookings, Tickets, and more! plugin for WordPress is vulnerable to time-based SQL Injection via the orderby parameter in all versions up to, and including, 7.0.3 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the...

7.5CVSS8AI score0.55683EPSS
Exploits2
Patchstack
Patchstack
added 2025/07/09 9:5 p.m.12 views

WordPress Event Manager plugin <= 7.0.3 - Unauthenticated SQL Injection vulnerability

Unauthenticated SQL Injection vulnerability discovered by mikemyers in WordPress Plugin Events Manager versions = 6.6.4.4...

7.5CVSS7.7AI score0.55683EPSS
Exploits2References1Affected Software1
Positive Technologies
Positive Technologies
added 2025/05/12 12:0 a.m.8 views

PT-2025-20723 · Undefined · Undefined

Name of the Vulnerable Software and Affected Versions: Mitel 6800 Series SIP Phones versions through 6.4 SP4 Mitel 6900 Series SIP Phones versions through 6.4 SP4 Mitel 6900w Series SIP Phones versions through 6.4 SP4 Mitel 6970 Conference Unit versions through 6.4 SP4 Description: A vulnerabilit...

7.5CVSS6.8AI score0.00861EPSS
Exploits0References12
BDU FSTEC
BDU FSTEC
added 2024/09/10 12:0 a.m.5 views

The vulnerability of the microprogramming software of Mitel telephones of models 6800, 6900, 6970, and 6900w lies in the fact that it allows for the insertion or modification of arguments, enabling a perpetrator to execute arbitrary commands.

The vulnerability of the microprogramming software in SIP phones of the Mitel series 6800, 6900, 6970, and 6900w is related to the implementation or modification of arguments. Exploiting this vulnerability allows a remote attacker to execute arbitrary commands...

7.7CVSS8.4AI score0.4161EPSS
Exploits3References4
Tenable Nessus
Tenable Nessus
added 2024/08/21 12:0 a.m.11 views

Ubuntu 22.04 LTS : exfatprogs vulnerability (USN-6970-1)

The remote Ubuntu 22.04 LTS host has a package installed that is affected by a vulnerability as referenced in the USN-6970-1 advisory. It was discovered that exfatprogs incorrectly handled certain memory operations. If a user or automated system were tricked into handling specially crafted exfat...

5.5CVSS6.2AI score0.00381EPSS
Exploits1References2
Cvelist
Cvelist
added 2024/07/22 4:0 a.m.27 views

CVE-2024-6970 itsourcecode Tailoring Management System staffcatadd.php sql injection

A vulnerability classified as critical has been found in itsourcecode Tailoring Management System 1.0. Affected is an unknown function of the file /staffcatadd.php. The manipulation of the argument title leads to sql injection. It is possible to launch the attack remotely. The exploit has been...

6.5CVSS0.00426EPSS
Exploits0References4
BDU FSTEC
BDU FSTEC
added 2024/05/06 12:0 a.m.6 views

The vulnerability of the microprogrammed software of Mitel series 6800, 6900, 6900w, and 6970 desktop telephones, related to the ability to bypass authentication, allows attackers to modify phone configuration parameters and trigger a service failure.

The vulnerability of the microprogramming software of Mitel series 6800, 6900, 6900w, and 6970 lies in its ability to bypass authentication. Exploiting this vulnerability allows an attacker to modify the phone’s configuration parameters and cause service failures...

6.5CVSS5.5AI score0.00617EPSS
Exploits0References5Affected Software1
BDU FSTEC
BDU FSTEC
added 2024/05/03 12:0 a.m.5 views

The vulnerability of the microprogramming software in SIP phones of the Mitel series 6800, 6900, 6970, and 6900w allows a intruder to execute arbitrary commands.

The vulnerability of the microprogramming software of Mitel telephones of models 6800, 6900, 6970, and 6900w lies in the fact that the operation results are stored outside of the buffer in memory. Exploiting this vulnerability allows a malicious actor to execute arbitrary commands by sending...

9CVSS6.2AI score0.0025EPSS
Exploits0References3Affected Software1
Positive Technologies
Positive Technologies
added 2024/05/02 12:0 a.m.5 views

PT-2024-3206 · Mitel · Mitel 6900 Series +2

Name of the Vulnerable Software and Affected Versions: Mitel 6800 Series and 6900 Series SIP Phones versions through 6.3 SP3 HF4 Mitel 6900w Series SIP Phone versions through 6.3.3 Mitel 6970 Conference Unit versions through 5.1.1 SP8 Description: A buffer overflow attack can be conducted by an...

9CVSS8.4AI score0.0025EPSS
Exploits0References7
Vulnrichment
Vulnrichment
added 2024/05/02 12:0 a.m.11 views

CVE-2024-31967

A vulnerability on Mitel 6800 Series and 6900 Series SIP Phones through 6.3 SP3 HF4, 6900w Series SIP Phone through 6.3.3, and 6970 Conference Unit through 5.1.1 SP8 allows an unauthenticated attacker to conduct an unauthorized access attack due to improper access control. A successful exploit...

7AI score0.00458EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/05/02 12:0 a.m.14 views

CVE-2024-31963

A vulnerability on Mitel 6800 Series and 6900 Series SIP Phones through 6.3 SP3 HF4, 6900w Series SIP Phone through 6.3.3, and 6970 Conference Unit through 5.1.1 SP8 allows an authenticated attacker to conduct a buffer overflow attack due to insufficient bounds checking and input sanitization. A...

8.1AI score0.0025EPSS
Exploits0References1
CVE
CVE
added 2024/05/02 12:0 a.m.78 views

CVE-2024-31966

The CVE-2024-31966 issue affects Mitel 6800 Series and 6900 Series SIP Phones (through 6.3 SP3 HF4), Mitel 6900w Series SIP Phone (through 6.3.3), and Mitel 6970 Conference Unit (through 5.1.1 SP8). The root cause is insufficient parameter sanitization, allowing an authenticated attacker with adm...

6.2CVSS7.4AI score0.00441EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/05/02 12:0 a.m.28 views

CVE-2024-31965

A vulnerability on Mitel 6800 Series and 6900 Series SIP Phones through 6.3 SP3 HF4, 6900w Series SIP Phone through 6.3.3, and 6970 Conference Unit through 5.1.1 SP8 allows an authenticated attacker with administrative privilege to conduct a path traversal attack due to insufficient input...

6.6AI score0.00239EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2024/04/17 12:0 a.m.8 views

PT-2024-3247 · Mitel · Mitel 6900 Series +2

Name of the Vulnerable Software and Affected Versions: Mitel 6800 Series versions through 6.3 SP3 HF4 Mitel 6900 Series versions through 6.3 SP3 HF4 Mitel 6900w Series versions through 6.3.3 Mitel 6970 Conference Unit versions through 5.1.1 SP8 Description: The issue is related to an authenticati...

7.5CVSS7.5AI score0.00617EPSS
Exploits0References9
Rows per page
Query Builder