Lucene search
K

11461 matches found

CVE
CVE
added 2025/12/09 12:0 a.m.19 views

CVE-2022-50653

CVE-2022-50653 is associated with the Linux kernel component mmc: atmel-mci. The issue arises when mmc_add_host() returns an error and its return value is ignored, potentially causing a memory leak of the allocation from mmc_alloc_host() and, in the remove path, a kernel crash due to a null point...

6.1AI score0.00173EPSS
Exploits0References7
CNNVD
CNNVD
added 2025/12/09 12:0 a.m.3 views

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that stems from improper checking of the return value of mmcaddhost, which could lead to a memory leak and null pointer...

6AI score0.00173EPSS
Exploits0References8
CNNVD
CNNVD
added 2025/12/09 12:0 a.m.3 views

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from an unchecked mmcaddhost return value, which could lead to a memory leak and null pointer dereference...

8.6AI score0.00206EPSS
Exploits0References7
Positive Technologies
Positive Technologies
added 2025/12/09 12:0 a.m.6 views

PT-2025-50275

Name of the Vulnerable Software and Affected Versions NiceGUI versions 3.3.1 and below Description NiceGUI, a Python-based UI framework, contains a flaw that allows a remote attacker to read arbitrary files on the server filesystem. This is due to a directory traversal issue present in the App.ad...

7.5CVSS6.6AI score0.00963EPSS
Exploits1References4
CNNVD
CNNVD
added 2025/12/09 12:0 a.m.4 views

WordPress plugin Add Custom Codes 跨站请求伪造漏洞

WordPress Add Custom Codes plugin is a free tool that allows users to add custom codes to WordPress websites. The WordPress Add Custom Codes plugin suffers from a cross-site request forgery vulnerability that stems from the WEB application not adequately verifying that a request is coming from a...

6.5CVSS6.8AI score0.00123EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/12/09 12:0 a.m.4 views

PT-2025-50008

Cross-Site Request Forgery CSRF vulnerability in SaifuMak Add Custom Codes add-custom-codes allows Cross Site Request Forgery.This issue affects Add Custom Codes: from n/a through = 4.80...

6.9AI score0.00123EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2025/12/09 12:0 a.m.1 views

PT-2025-49701

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A flaw exists in the Linux kernel’s mmc subsystem, specifically within the omap hsmmc driver. The mmc add host function may return an error, and failure to check this return value can le...

7.8CVSS7.1AI score0.00465EPSS
Exploits2References897
Positive Technologies
Positive Technologies
added 2025/12/09 12:0 a.m.1 views

PT-2025-49633

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A flaw exists in the Linux kernel’s mmc subsystem, specifically within the atmel-mci driver. The mmc add host function may return an error, and failure to check this return value can lea...

7.8CVSS6AI score0.00465EPSS
Exploits2References897
Cvelist
Cvelist
added 2025/12/08 11:54 p.m.30 views

CVE-2025-66469 NiceGUI Reflected XSS in ui.add_css, ui.add_scss, and ui.add_sass via Style Injection

NiceGUI is a Python-based UI framework. Versions 3.3.1 and below are vulnerable to Reflected XSS through its ui.addcss, ui.addscss, and ui.addsass functions. The functions lack proper sanitization or encoding for the JavaScript context they generate. An attacker can break out of the intended or...

6.1CVSS0.00224EPSS
Exploits1References2
Vulnrichment
Vulnrichment
added 2025/12/08 11:54 p.m.3 views

CVE-2025-66469 NiceGUI Reflected XSS in ui.add_css, ui.add_scss, and ui.add_sass via Style Injection

NiceGUI is a Python-based UI framework. Versions 3.3.1 and below are vulnerable to Reflected XSS through its ui.addcss, ui.addscss, and ui.addsass functions. The functions lack proper sanitization or encoding for the JavaScript context they generate. An attacker can break out of the intended or...

6.1CVSS6.1AI score0.00224EPSS
Exploits1References2
CVE
CVE
added 2025/12/08 11:54 p.m.14 views

CVE-2025-66469

CVE-2025-66469 is a reported Reflected XSS in NiceGUI (Python UI framework). The vulnerability affects versions 3.3.1 and earlier and stems from insufficient sanitization/escaping in the functions ui.add_css, ui.add_scss, and ui.add_sass, which generate JavaScript contexts that can be broken out ...

6.1CVSS6.1AI score0.00224EPSS
Exploits1References2Affected Software1
OSV
OSV
added 2025/12/08 11:54 p.m.4 views

CVE-2025-66469 NiceGUI Reflected XSS in ui.add_css, ui.add_scss, and ui.add_sass via Style Injection

NiceGUI is a Python-based UI framework. Versions 3.3.1 and below are vulnerable to Reflected XSS through its ui.addcss, ui.addscss, and ui.addsass functions. The functions lack proper sanitization or encoding for the JavaScript context they generate. An attacker can break out of the intended or...

6.1CVSS6.4AI score0.00224EPSS
Exploits1References4
OSV
OSV
added 2025/12/08 9:30 p.m.3 views

GHSA-72QC-WXCH-74MG NiceGUI Reflected XSS in ui.add_css, ui.add_scss, and ui.add_sass via Style Injection

Summary A Cross-Site Scripting XSS vulnerability exists in ui.addcss, ui.addscss, and ui.addsass functions in NiceGUI v3.3.1 and earlier. These functions allow developers to inject styles dynamically. However, they lack proper sanitization or encoding for the JavaScript context they generate. An...

6.1CVSS5.9AI score0.00224EPSS
Exploits1References4
OSV
OSV
added 2025/12/08 5:16 p.m.3 views

CVE-2025-63721

HummerRisk thru v1.5.0 is using a vulnerable Snakeyaml component, allowing attackers with normal user privileges to hit the /rule/add API and thereby achieve RCE and take over the server...

8.8CVSS6.8AI score
Exploits0References2
OSV
OSV
added 2025/12/08 12:16 p.m.6 views

CVE-2025-14230

A vulnerability was detected in code-projects Daily Time Recording System 4.5.0. The impacted element is an unknown function of the file /admin/addpayroll.php. Performing manipulation of the argument detailId results in sql injection. The attack can be initiated remotely. The exploit is now publi...

8.8CVSS5.8AI score0.0026EPSS
Exploits1References5
CVE
CVE
added 2025/12/08 11:32 a.m.16 views

CVE-2025-14230

Code-Projects Daily Time Recording System 4.5.0 is affected by a SQL injection in /admin/add_payroll.php caused by manipulating the detail_Id parameter. The vulnerability arises from improper input handling in an unknown function, enabling remote exploitation. Public exploit details exist (PoC in...

8.8CVSS6.8AI score0.0026EPSS
Exploits1References5Affected Software1
Cvelist
Cvelist
added 2025/12/08 11:32 a.m.27 views

CVE-2025-14230 code-projects Daily Time Recording System add_payroll.php sql injection

A vulnerability was detected in code-projects Daily Time Recording System 4.5.0. The impacted element is an unknown function of the file /admin/addpayroll.php. Performing manipulation of the argument detailId results in sql injection. The attack can be initiated remotely. The exploit is now publi...

6.5CVSS0.0026EPSS
Exploits1References5
Vulnrichment
Vulnrichment
added 2025/12/08 11:32 a.m.4 views

CVE-2025-14230 code-projects Daily Time Recording System add_payroll.php sql injection

A vulnerability was detected in code-projects Daily Time Recording System 4.5.0. The impacted element is an unknown function of the file /admin/addpayroll.php. Performing manipulation of the argument detailId results in sql injection. The attack can be initiated remotely. The exploit is now publi...

6.5CVSS6.8AI score0.0026EPSS
Exploits1References5
EUVD
EUVD
added 2025/12/08 3:31 a.m.4 views

EUVD-2022-55694

In the Linux kernel, the following vulnerability has been resolved: mmc: meson-gx: fix return value check of mmcaddhost mmcaddhost may return error, if we ignore its return value, it will lead two issues: 1. The memory that allocated in mmcallochost is leaked. 2. In the remove path, mmcremovehost...

6AI score0.00173EPSS
Exploits0References8
EUVD
EUVD
added 2025/12/08 3:31 a.m.4 views

EUVD-2025-201639

In the Linux kernel, the following vulnerability has been resolved: orangefs: fix xattr related buffer overflow... Willy Tarreau forwarded me a message from Disclosure with the following warning: The helper xattrkey uses the pointer variable in the loop condition rather than dereferencing it. As...

6AI score0.00182EPSS
Exploits0References9
Rows per page
Query Builder