Lucene search
K

32018 matches found

CBLMariner
CBLMariner
added 2026/04/16 2:25 a.m.10 views

CVE-2026-33055 affecting package rust for versions less than 1.90.0-7

CVE-2026-33055 affecting package rust for versions less than 1.90.0-7. A patched version of the package is available...

8.1CVSS5.7AI score0.00397EPSS
Exploits1
Vulnrichment
Vulnrichment
added 2026/04/14 3:38 p.m.3 views

CVE-2026-39811

A integer overflow or wraparound vulnerability in Fortinet FortiWeb 8.0.0 through 8.0.3, FortiWeb 7.6.0 through 7.6.6, FortiWeb 7.4 all versions, FortiWeb 7.2 all versions, FortiWeb 7.0 all versions may allow attacker to denial of service via...

4.9CVSS5.8AI score0.00366EPSS
Exploits0References1
Oracle linux
Oracle linux
added 2026/04/08 12:0 a.m.7 views

capstone security update

5.0.1-7 - Fix CVE-2025-67873 heap buffer overflow Resolves: RHEL-141551 - Fix CVE-2025-68114 memory corruption Resolves: RHEL-137747...

9.8CVSS7.3AI score0.00191EPSS
Exploits1
CNNVD
CNNVD
added 2026/04/08 12:0 a.m.8 views

WordPress plugin Accept PayPal Payments using Contact Form 安全漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be added t...

5.3CVSS5.8AI score0.00195EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/04/08 12:0 a.m.13 views

PT-2026-31179

Missing Authorization vulnerability in ilGhera JW Player for WordPress jw-player-7-for-wp allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects JW Player for WordPress: from n/a through = 2.3.6...

5.9AI score0.00165EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2026/04/07 12:0 a.m.11 views

Oracle Linux 7 : libvpx (ELSA-2026-5320)

The remote Oracle Linux 7 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2026-5320 advisory. - Fixes heap buffer overflow in libvpx CVE-2026-2447 Orabug: 39112729 Tenable has extracted the preceding description block directly from the Oracle Linux...

8.8CVSS6.2AI score0.006EPSS
Exploits0References2
CBLMariner
CBLMariner
added 2026/04/06 11:43 p.m.7 views

CVE-2026-25541 affecting package netavark for versions less than 1.10.3-7

CVE-2026-25541 affecting package netavark for versions less than 1.10.3-7. A patched version of the package is available...

7.5CVSS5.9AI score0.00559EPSS
Exploits1
vulnersOsv
vulnersOsv
added 2026/03/31 12:31 a.m.5 views

airflow-aggua-plugin (>=1.0.7 <=1.0.8), airflow-clickhouse-plugin (>=0.5.1 <=0.5.7.post1) +108 more potentially affected by CVE-2026-32794 via apache-airflow (>=1.10.1 <=1.10.7)

apache-airflow PYPI version =1.10.1, =1.0.7, =0.5.1, =0.1.0, =0.1.1, =0.0.7, =1.0.1, =0.0.1, =0.1.6, =0.0.2, =1.0.0, =1.2.1, =2020.5.20rc1, =2021.2.5, =2021.3.13rc1 and more Source cves: CVE-2026-32794 Source advisory: OSV:GHSA-WRPJ-755P-X363...

4.8CVSS5.8AI score0.00355EPSS
Exploits1
Snyk
Snyk
added 2026/03/29 3:14 p.m.2 views

Information Exposure

Overview parse-server is a version of the Parse backend that can be deployed to any infrastructure that can run Node.js. Affected versions of this package are vulnerable to Information Exposure via the verifyPassword endpoint. An attacker can obtain sensitive authentication data, such as MFA TOTP...

8.2CVSS5.9AI score0.00303EPSS
Exploits0References2
vulnersOsv
vulnersOsv
added 2026/03/27 6:21 p.m.6 views

4coders-commons (>=0.0.1 <=0.0.2), @11ty/eleventy (=0.3.3) +3644 more potentially affected by CVE-2026-33940 via handlebars (>=4.0.0 <=4.7.8)

handlebars NPM version =4.0.0, =0.0.1, =0.1.0, =0.1.0, =0.0.11, =0.0.52, =0.1.0, =0.0.72, =0.1.0, =1.1.1, =0.0.0-3b548b7bf6ff6554f724240da3a11be924237e6c, =1.16.0, =1.16.0, =1.16.0, =2.4.4 and more Source cves: CVE-2026-33940 Source advisory: OSV:GHSA-XHPV-HC6G-R9C6...

8.1CVSS6.3AI score0.00703EPSS
Exploits1
ATTACKERKB
ATTACKERKB
added 2026/03/26 9:17 p.m.2 views

CVE-2026-0748

In the Drupal 7 Internationalization i18n module, the i18nnode submodule allows a user with both "Translate content" and "Administer content translations" permissions to view and attach unpublished nodes via the translation UI and its autocomplete widget. This bypasses intended access controls an...

5.3CVSS5.7AI score0.00405EPSS
Exploits1References3Affected Software1
Cvelist
Cvelist
added 2026/03/25 4:15 p.m.29 views

CVE-2026-32527 WordPress WP Insightly for Contact Form 7, WPForms, Elementor, Formidable and Ninja Forms plugin <= 1.1.5 - Broken Access Control vulnerability

Missing Authorization vulnerability in CRM Perks WP Insightly for Contact Form 7, WPForms, Elementor, Formidable and Ninja Forms cf7-insightly allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Insightly for Contact Form 7, WPForms, Elementor, Formidable...

6.5CVSS0.00166EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/03/25 12:0 a.m.9 views

WordPress plugin Integration for Mailchimp and Contact Form 7, WPForms, Elementor, Ninja Forms 安全漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows users to create personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be integrated...

6.5CVSS5.8AI score0.00315EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/03/25 12:0 a.m.9 views

WordPress plugin Spam Protect for Contact Form 路径遍历漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows users to create personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that extends the...

6.8CVSS5.8AI score0.00364EPSS
Exploits0References1
Patchstack
Patchstack
added 2026/03/20 5:41 p.m.5 views

WordPress Spam Protect for Contact Form 7 plugin <= 1.2.9 - Arbitrary File Deletion vulnerability

Arbitrary File Deletion vulnerability discovered by Andrea Bocchetti in WordPress Plugin Spam Protect for Contact Form 7 versions = 1.2.9...

6.7CVSS5.8AI score0.00364EPSS
Exploits0Affected Software1
OSV
OSV
added 2026/03/19 10:46 p.m.3 views

CVE-2026-29099 SuiteCRM has Authenticated Blind SQL Injection in OutboundEmail Legacy Functionality.

SuiteCRM is an open-source, enterprise-ready Customer Relationship Management CRM software application. Prior to versions 7.15.1 and 8.9.3, the retrieve function in include/OutboundEmail/OutboundEmail.php fails to properly neutralize the user controlled $id parameter. It is assumed that the...

8.8CVSS6AI score0.00259EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/03/19 12:0 a.m.4 views

Oracle Linux 7 : python-pyasn1 (ELSA-2026-4148)

The remote Oracle Linux 7 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2026-4148 advisory. 0.1.9-7.0.1 - Fixes CVE-2026-23490 fixes potential memory exhaustion Orabug: 39060516 Tenable has extracted the preceding description block directly from the...

7.5CVSS7.2AI score0.00679EPSS
Exploits0References2
vulnersOsv
vulnersOsv
added 2026/03/12 10:39 p.m.7 views

@01.software/cli (>=0.1.1 <=0.2.0-dev.260310.cf511cb), @01.software/sdk (>=0.0.1-251008.90016 <=0.3.0) +399 more potentially affected by CVE-2026-1526 via undici (>=7.0.0-alpha.3 <=7.22.0)

undici NPM version =7.0.0-alpha.3, =0.1.1, =0.0.1-251008.90016, =0.0.6, =0.0.1, =0.0.2, =0.1.0, =0.0.33, =0.0.1, =1.0.0, =21.0.0, =0.5.0, =1.0.1, =2.8.7 and more Source cves: CVE-2026-1526 Source advisory: SNYK:JS-UNDICI-15518068...

7.5CVSS7AI score0.0115EPSS
Exploits0
NVD
NVD
added 2026/03/11 4:16 p.m.3 views

CVE-2025-12690

Execution with unnecessary privileges in Forcepoint NGFW Engine allows local privilege escalation.This issue affects NGFW Engine through 6.10.19, through 7.3.0, through 7.2.4, through 7.1.10...

7.8CVSS0.00122EPSS
Exploits0References1
OpenVAS
OpenVAS
added 2026/03/11 12:0 a.m.1 views

Ubuntu: Security Advisory (USN-8060-7)

The remote host is missing an update for the SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.8CVSS5.8AI score0.00247EPSS
Exploits0References2
Rows per page
Query Builder