Lucene search
K

11464 matches found

RedHat Linux
RedHat Linux
added 2025/11/11 8:21 a.m.1 views

kernel: tpm: Change to kvalloc() in eventlog/acpi.c

In the Linux kernel, the following vulnerability has been resolved: tpm: Change to kvalloc in eventlog/acpi.c The following failure was reported on HPE ProLiant D320: 10.693310 T1 tpmtis STM0925:00: 2.0 TPM device-id 0x3, rev-id 0 10.848132 T1 ------------ cut here ------------ 10.853559 T1...

5.5CVSS6.9AI score0.00211EPSS
Exploits0References5
EUVD
EUVD
added 2025/11/11 6:30 a.m.5 views

EUVD-2025-60924

The Add Multiple Marker plugin for WordPress is vulnerable to unauthorized modification of data to due to a missing capability check on the addmultiplemarkerresetmap and ammsavemapapi functions in all versions up to, and including, 1.2. This makes it possible for unauthenticated attackers to upda...

5.3CVSS5AI score0.00241EPSS
Exploits0References4
NVD
NVD
added 2025/11/11 4:15 a.m.4 views

CVE-2025-11999

The Add Multiple Marker plugin for WordPress is vulnerable to unauthorized modification of data to due to a missing capability check on the addmultiplemarkerresetmap and ammsavemapapi functions in all versions up to, and including, 1.2. This makes it possible for unauthenticated attackers to upda...

5.3CVSS0.00241EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2025/11/11 3:30 a.m.3 views

CVE-2025-11999 Add Multiple Marker <= 1.2 - Missing Authorization to Unauthenticated Settings Update

The Add Multiple Marker plugin for WordPress is vulnerable to unauthorized modification of data to due to a missing capability check on the addmultiplemarkerresetmap and ammsavemapapi functions in all versions up to, and including, 1.2. This makes it possible for unauthenticated attackers to upda...

5.3CVSS5AI score0.00241EPSS
Exploits0References3
Cvelist
Cvelist
added 2025/11/11 3:30 a.m.7 views

CVE-2025-11999 Add Multiple Marker <= 1.2 - Missing Authorization to Unauthenticated Settings Update

The Add Multiple Marker plugin for WordPress is vulnerable to unauthorized modification of data to due to a missing capability check on the addmultiplemarkerresetmap and ammsavemapapi functions in all versions up to, and including, 1.2. This makes it possible for unauthenticated attackers to upda...

5.3CVSS0.00241EPSS
Exploits0References3
CVE
CVE
added 2025/11/11 3:30 a.m.14 views

CVE-2025-11999

CVE-2025-11999 concerns the WordPress plugin Add Multiple Marker. A missing capability check in addmultiplemarker_reset_map() and amm_save_map_api() allows unauthenticated users to modify map settings (update the map API and reset maps) in all versions up to and including 1.2. Public sources (Wor...

5.3CVSS5AI score0.00241EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2025/11/11 12:11 a.m.14 views

CVE-2025-63709

A Cross-Site Scripting XSS vulnerability exists in SourceCodester Simple To-Do List System 1.0 in the "Add Tasks" text input. An authenticated user can submit HTML/JavaScript that is not correctly sanitized or encoded on output. The injected script is stored and later rendered in the browser of a...

5.4CVSS5.9AI score0.00206EPSS
Exploits1References1
Tenable Nessus
Tenable Nessus
added 2025/11/11 12:0 a.m.3 views

Amazon Linux 2 : oci-add-hooks, --advisory ALAS2DOCKER-2025-083 (ALASDOCKER-2025-083)

The version of oci-add-hooks installed on the remote host is prior to 0-0.5.20200504git325a340. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2DOCKER-2025-083 advisory. net/url: insufficient validation of bracketed IPv6 hostnames The Parse function permitted valu...

7.5CVSS7.4AI score0.00626EPSS
Exploits0References22
Positive Technologies
Positive Technologies
added 2025/11/11 12:0 a.m.4 views

PT-2025-52903

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.6.0+ 3 Description The Linux kernel contains a race condition within the macintosh/mac hid subsystem, specifically in the mac hid toggle emumouse function. This issue arises when multiple processes concurrently...

6CVSS6.5AI score0.00165EPSS
Exploits0
Positive Technologies
Positive Technologies
added 2025/11/11 12:0 a.m.5 views

PT-2025-46270

Name of the Vulnerable Software and Affected Versions Add Multiple Marker plugin for WordPress versions up to and including 1.2 Description The Add Multiple Marker plugin for WordPress is susceptible to unauthorized data modification because of a missing capability check in the addmultiplemarker...

5.3CVSS5.9AI score0.00241EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2025/11/11 12:0 a.m.15 views

Amazon Linux 2 : oci-add-hooks, --advisory ALAS2ECS-2025-080 (ALASECS-2025-080)

The version of oci-add-hooks installed on the remote host is prior to 0-0.5.20200504git325a340. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2ECS-2025-080 advisory. net/url: insufficient validation of bracketed IPv6 hostnames The Parse function permitted values...

7.5CVSS7.4AI score0.00626EPSS
Exploits0References22
Tenable Nessus
Tenable Nessus
added 2025/11/11 12:0 a.m.3 views

Amazon Linux 2 : oci-add-hooks, --advisory ALAS2NITRO-ENCLAVES-2025-075 (ALASNITRO-ENCLAVES-2025-075)

The version of oci-add-hooks installed on the remote host is prior to 0-0.5.20200504git325a340. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2NITRO-ENCLAVES-2025-075 advisory. net/url: insufficient validation of bracketed IPv6 hostnames The Parse function...

7.5CVSS7.4AI score0.00626EPSS
Exploits0References22
CNNVD
CNNVD
added 2025/11/11 12:0 a.m.3 views

WordPress plugin Add Multiple Marker 安全漏洞

WordPress is a blogging platform developed using the PHP language. The platform has the ability to set up a personal blog site on a PHP and MySQL based server.WordPress plugin is an application plugin. A security vulnerability exists in the WordPress plugin Add Multiple Marker, which stems from a...

5.3CVSS6.2AI score0.00241EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2025/11/11 12:0 a.m.3 views

Amazon Linux 2023 : oci-add-hooks (ALAS2023-2025-1273)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2025-1273 advisory. net/url: insufficient validation of bracketed IPv6 hostnames The Parse function permitted values other than IPv6 addresses to be included in square brackets within the host component of a URL...

7.5CVSS7.3AI score0.00626EPSS
Exploits0References22
EUVD
EUVD
added 2025/11/10 3:31 p.m.3 views

EUVD-2025-44059

A Cross-Site Scripting XSS vulnerability exists in SourceCodester Simple To-Do List System 1.0 in the "Add Tasks" text input. An authenticated user can submit HTML/JavaScript that is not correctly sanitized or encoded on output. The injected script is stored and later rendered in the browser of a...

5.3AI score0.00206EPSS
Exploits1References3
OSV
OSV
added 2025/11/10 3:15 p.m.4 views

CVE-2025-63709

A Cross-Site Scripting XSS vulnerability exists in SourceCodester Simple To-Do List System 1.0 in the "Add Tasks" text input. An authenticated user can submit HTML/JavaScript that is not correctly sanitized or encoded on output. The injected script is stored and later rendered in the browser of a...

5.4CVSS6.1AI score0.00206EPSS
Exploits1References2
NVD
NVD
added 2025/11/10 3:15 p.m.5 views

CVE-2025-63709

A Cross-Site Scripting XSS vulnerability exists in SourceCodester Simple To-Do List System 1.0 in the "Add Tasks" text input. An authenticated user can submit HTML/JavaScript that is not correctly sanitized or encoded on output. The injected script is stored and later rendered in the browser of a...

5.4CVSS0.00206EPSS
Exploits1References2
OSV
OSV
added 2025/11/10 3:15 a.m.3 views

CVE-2025-12927

A security vulnerability has been detected in DedeBIZ up to 6.3.2. The impacted element is an unknown function of the file /admin/archivesadd.php. Such manipulation of the argument flags leads to sql injection. The attack can be executed remotely. The exploit has been disclosed publicly and may b...

7.2CVSS5.7AI score0.00268EPSS
Exploits0References4
EUVD
EUVD
added 2025/11/10 2:32 a.m.4 views

EUVD-2025-38731

A security vulnerability has been detected in DedeBIZ up to 6.3.2. The impacted element is an unknown function of the file /admin/archivesadd.php. Such manipulation of the argument flags leads to sql injection. The attack can be executed remotely. The exploit has been disclosed publicly and may b...

5.8CVSS6.5AI score0.00268EPSS
Exploits0References5
Vulnrichment
Vulnrichment
added 2025/11/10 2:32 a.m.3 views

CVE-2025-12927 DedeBIZ archives_add.php sql injection

A security vulnerability has been detected in DedeBIZ up to 6.3.2. The impacted element is an unknown function of the file /admin/archivesadd.php. Such manipulation of the argument flags leads to sql injection. The attack can be executed remotely. The exploit has been disclosed publicly and may b...

5.8CVSS6.7AI score0.00268EPSS
Exploits0References4
Rows per page
Query Builder