Lucene search
K

15 matches found

EUVD
EUVD
added 2026/04/08 9:31 a.m.4 views

EUVD-2026-20364

Missing Authorization vulnerability in MWP Development Diet Calorie Calculator diet-calorie-calculator allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Diet Calorie Calculator: from n/a through = 1.1.1...

5.3CVSS5.9AI score0.0019EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/04/06 6:59 p.m.23 views

CVE-2026-35176 openFPGALoader has a heap buffer overflow in POFParser::parseSection() via crafted .pof file

openFPGALoader is a utility for programming FPGAs. In 1.1.1 and earlier, a heap-buffer-overflow read vulnerability exists in POFParser::parseSection that allows out-of-bounds heap memory access when parsing a crafted .pof file. No FPGA hardware is required to trigger this vulnerability...

7.1CVSS0.00159EPSS
Exploits1References1
Positive Technologies
Positive Technologies
added 2026/01/07 12:0 a.m.4 views

PT-2026-1628

Name of the Vulnerable Software and Affected Versions Stumble! for WordPress plugin versions up to and including 1.1.1 Description The Stumble! for WordPress plugin is susceptible to Reflected Cross-Site Scripting. This is due to insufficient input sanitization and output escaping of the $...

6.1CVSS6.5AI score0.00264EPSS
Exploits0References6
Vulnrichment
Vulnrichment
added 2025/10/27 1:33 a.m.4 views

CVE-2025-62900 WordPress Popular Posts by Webline plugin <= 1.1.1 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in WeblineIndia Popular Posts by Webline popular-posts-by-webline allows Stored XSS.This issue affects Popular Posts by Webline: from n/a through = 1.1.1...

6.5CVSS5.6AI score0.00191EPSS
Exploits0References1
NVD
NVD
added 2025/08/14 11:15 a.m.3 views

CVE-2025-49044

Cross-Site Request Forgery CSRF vulnerability in tosend.it Simple Poll simple-poll allows Stored XSS.This issue affects Simple Poll: from n/a through = 1.1.1...

7.1CVSS0.00118EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/04/10 12:0 a.m.2 views

PT-2025-15931 · Unknown · Aaronfrey Nearby Locations

Name of the Vulnerable Software and Affected Versions: aaronfrey Nearby Locations versions n/a through 1.1.1 Description: The issue is related to an SQL Injection vulnerability due to improper neutralization of special elements used in an SQL command. This allows for SQL Injection attacks...

7.6CVSS8.3AI score0.00417EPSS
Exploits0References4
ATTACKERKB
ATTACKERKB
added 2025/03/27 11:15 a.m.3 views

CVE-2025-30922

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in simplebooklet Simplebooklet PDF Viewer and Embedder simplebooklet allows Stored XSS.This issue affects Simplebooklet PDF Viewer and Embedder: from n/a through = 1.1.1...

6.5CVSS7.2AI score0.00271EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2024/08/29 12:0 a.m.8 views

PT-2024-30817 · Themeum · Themeum Droip

Name of the Vulnerable Software and Affected Versions: Themeum Droip versions 1.1.1 and earlier Description: The issue affects Themeum Droip, allowing file manipulation due to improper limitation of a pathname to a restricted directory. This is a Path Traversal vulnerability, enabling unauthorize...

10CVSS6.6AI score0.00604EPSS
Exploits0References9
OSV
OSV
added 2024/07/09 11:15 a.m.6 views

CVE-2024-37419

Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in Codeless Cowidgets – Elementor Addons allows Path Traversal.This issue affects Cowidgets – Elementor Addons: from n/a through 1.1.1...

8.8CVSS5.8AI score0.00604EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2024/06/09 12:0 a.m.9 views

PT-2024-24803 · Olive Themes · Olive One Click Demo Import

Name of the Vulnerable Software and Affected Versions: Olive One Click Demo Import versions 1.1.1 and earlier Description: The issue is related to a Missing Authorization vulnerability in Olive Themes Olive One Click Demo Import. Recommendations: For Olive One Click Demo Import versions 1.1.1 and...

5.3CVSS6.8AI score0.00297EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2023/06/14 12:0 a.m.3 views

PT-2023-24950 · Sojo · Sojo

Name of the Vulnerable Software and Affected Versions: sojo versions 1.1.1 and earlier Description: An issue allows attackers to cause a denial of service or other unspecified impacts via a crafted object that uses cyclic dependencies. Recommendations: For sojo versions 1.1.1 and earlier, at the...

7.5CVSS7.1AI score0.00845EPSS
Exploits1References7
Positive Technologies
Positive Technologies
added 2022/09/14 12:0 a.m.5 views

PT-2022-23368 · Osu Open Source · Vncauthproxy

Name of the Vulnerable Software and Affected Versions: OSU Open Source Lab VNCAuthProxy versions 1.1.1 and earlier Description: The issue is an authentication-bypass vulnerability in the VNCServerAuthenticator, located in vncap/vnc/protocol.py, which could allow a malicious actor to gain...

9.8CVSS7.1AI score0.01653EPSS
Exploits1References14
OSV
OSV
added 2021/08/24 3:15 p.m.7 views

AZL-6779 CVE-2021-3711 affecting package openssl for versions less than 1.1.1k-11

In order to decrypt SM2 encrypted data an application is expected to call the API function EVPPKEYdecrypt. Typically an application will call this function twice. The first time, on entry, the "out" parameter can be NULL and, on exit, the "outlen" parameter is populated with the buffer size...

9.8CVSS7AI score0.87816EPSS
Exploits1References1
CNNVD
CNNVD
added 2020/12/31 12:0 a.m.6 views

Rust Resource Management Error Vulnerability

Rust is a general-purpose, compiled programming language from the Mozilla Foundation. A security vulnerability exists in Rust ordered-float crate before 1.1.1 and 2.x before 2.0.1, which stems from the fact that NotNan values can contain NaN...

5.5CVSS5.8AI score0.00387EPSS
Exploits1References2
Positive Technologies
Positive Technologies
added 2002/12/31 12:0 a.m.4 views

PT-2002-2563 · Nola · Nola

Name of the Vulnerable Software and Affected Versions: NOLA versions 1.1.1 through 1.1.2 Description: The document management module does not restrict the types of files that are uploaded, allowing remote attackers to upload and execute arbitrary PHP files with extensions such as .php4...

5CVSS7.6AI score0.02157EPSS
Exploits0References7
Rows per page
Query Builder