Lucene search
K

14951 matches found

EUVD
EUVD
added 2026/05/27 5:31 a.m.9 views

EUVD-2026-32054

The WP Iframe Geo Style for Amazon affiliates plugin for WordPress is vulnerable to Stored Cross-Site Scripting via 'adid' Shortcode Attribute in all versions up to, and including, 1.1 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers,...

6.4CVSS6AI score0.00187EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/05/27 5:31 a.m.30 views

CVE-2026-8837 WP Iframe Geo Style for Amazon affiliates <= 1.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via 'adid' Shortcode Attribute

The WP Iframe Geo Style for Amazon affiliates plugin for WordPress is vulnerable to Stored Cross-Site Scripting via 'adid' Shortcode Attribute in all versions up to, and including, 1.1 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers,...

6.4CVSS0.00187EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2026/05/27 5:31 a.m.8 views

CVE-2026-8837

The WP Iframe Geo Style for Amazon affiliates plugin for WordPress is vulnerable to Stored Cross-Site Scripting via 'adid' Shortcode Attribute in all versions up to, and including, 1.1 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers,...

6AI score0.00187EPSS
Exploits0References4
EUVD
EUVD
added 2026/05/27 1:57 a.m.15 views

EUVD-2026-32040

In OpenStack Swift before 2.36.2 and 2.37.2, s3api middleware enters an infinite loop when processing a truncated aws-chunked PUT request body. The StreamingInput class repeatedly appends an empty buffer and re-reads, causing the proxy-server worker handling the request to become permanently...

7.1CVSS5.9AI score0.00322EPSS
Exploits0References3
CVE
CVE
added 2026/05/27 1:57 a.m.23 views

CVE-2026-49017

OpenStack Swift prior to 2.36.2 and 2.37.2 is affected. The s3api middleware enters an infinite loop while processing truncated aws-chunked PUT bodies, due to the StreamingInput class repeatedly appending an empty buffer and re-reading. This causes the proxy-server worker to become permanently un...

7.1CVSS5.9AI score0.00322EPSS
Exploits0References5
ATTACKERKB
ATTACKERKB
added 2026/05/27 1:57 a.m.11 views

CVE-2026-49017

In OpenStack Swift before 2.36.2 and 2.37.2, s3api middleware enters an infinite loop when processing a truncated aws-chunked PUT request body. The StreamingInput class repeatedly appends an empty buffer and re-reads, causing the proxy-server worker handling the request to become permanently...

7.1CVSS5.9AI score0.00322EPSS
Exploits0References4Affected Software1
Fedora
Fedora
added 2026/05/27 12:53 a.m.11 views

[SECURITY] Fedora 44 Update: rust-eif_build-0.2.1-7.fc44

This CLI tool provides a low level path to assemble an enclave image format EIF file used in AWS Nitro Enclaves...

9.8CVSS5.8AI score0.00412EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2026/05/27 12:0 a.m.14 views

Amazon Linux 2 : libreoffice, --advisory ALAS2LIBREOFFICE-2026-008 (ALASLIBREOFFICE-2026-008)

The version of libreoffice installed on the remote host is prior to 5.3.6.1-21. It is, therefore, affected by a vulnerability as referenced in the ALAS2LIBREOFFICE-2026-008 advisory. NOTE: https://www.libreoffice.org/security/cve-2026-4430NOTE:...

7.8CVSS5.8AI score0.00078EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/05/27 12:0 a.m.23 views

Amazon Linux 2 : openssh, --advisory ALAS2-2026-3320 (ALAS-2026-3320)

The version of openssh installed on the remote host is prior to 7.4p1-22. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2026-3320 advisory. OpenSSH before 10.3 omits connection multiplexing confirmation for proxy-mode multiplexing sessions. CVE-2026-35388 OpenS...

8.1CVSS5.9AI score0.00176EPSS
Exploits0References6
CNNVD
CNNVD
added 2026/05/27 12:0 a.m.8 views

WordPress plugin WP Iframe Geo Style for Amazon affiliates 跨站脚本漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows users to create personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be installed t...

6.4CVSS5.8AI score0.00187EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2026/05/27 12:0 a.m.12 views

Amazon Linux 2 : firefox, --advisory ALAS2FIREFOX-2026-060 (ALASFIREFOX-2026-060)

The version of firefox installed on the remote host is prior to 140.10.2-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2FIREFOX-2026-060 advisory. In libexpat before 2.8.1, the computational complexity of attribute name collision checks allows a denial of...

9.8CVSS6AI score0.00446EPSS
Exploits1References12
Tenable Nessus
Tenable Nessus
added 2026/05/27 12:0 a.m.16 views

Amazon Linux 2 : nginx, --advisory ALAS2NGINX1-2026-012 (ALASNGINX1-2026-012)

The version of nginx installed on the remote host is prior to 1.30.1-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2NGINX1-2026-012 advisory. When NGINX Plus or NGINX Open Source are configured to use the HTTP/3 QUIC module, an attacker may be able to spoof...

9.2CVSS7.1AI score0.61469EPSS
Exploits41References14
Tenable Nessus
Tenable Nessus
added 2026/05/27 12:0 a.m.11 views

Amazon Linux 2 : dnsmasq, --advisory ALAS2-2026-3318 (ALAS-2026-3318)

The version of dnsmasq installed on the remote host is prior to 2.76-16. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2026-3318 advisory. A heap-based out-of-bounds write vulnerability in the DHCPv6 implementation of dnsmasq allows local attackers to execute...

8.8CVSS6.2AI score0.02681EPSS
Exploits3References6
Tenable Nessus
Tenable Nessus
added 2026/05/27 12:0 a.m.11 views

Amazon Linux 2 : thunderbird, --advisory ALAS2-2026-3315 (ALAS-2026-3315)

The version of thunderbird installed on the remote host is prior to 140.10.2-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2026-3315 advisory. In libexpat before 2.8.1, the computational complexity of attribute name collision checks allows a denial of servic...

9.8CVSS6AI score0.00446EPSS
Exploits1References12
Tenable Nessus
Tenable Nessus
added 2026/05/27 12:0 a.m.36 views

Amazon Linux 2 : httpd, --advisory ALAS2-2026-3314 (ALAS-2026-3314)

The version of httpd installed on the remote host is prior to 2.4.67-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2026-3314 advisory. An escalation of privilege bug in various modules in Apache HTTP 2.4.66 and earlier allows local .htaccess authors to read...

9.8CVSS5.8AI score0.01325EPSS
Exploits2References22
Positive Technologies
Positive Technologies
added 2026/05/27 12:0 a.m.10 views

PT-2026-43508

The WP Iframe Geo Style for Amazon affiliates plugin for WordPress is vulnerable to Stored Cross-Site Scripting via 'adid' Shortcode Attribute in all versions up to, and including, 1.1 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers,...

6.4CVSS6AI score0.00187EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2026/05/27 12:0 a.m.18 views

Amazon Linux 2 : ImageMagick, --advisory ALAS2-2026-3305 (ALAS-2026-3305)

The version of ImageMagick installed on the remote host is prior to 6.9.10.97-1. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2026-3305 advisory. Stack buffer overflow in XTileImage CVE-2026-42050 Tenable has extracted the preceding description block directly from the...

5.5CVSS6AI score0.0013EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/05/27 12:0 a.m.12 views

Amazon Linux 2 : socat, --advisory ALAS2-2026-3303 (ALAS-2026-3303)

The version of socat installed on the remote host is prior to 1.7.3.2-2. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2026-3303 advisory. readline.sh in socat through 1.8.0.1 relies on the /tmp/$USER/stderr2 file. CVE-2024-54661 Tenable has extracted the preceding...

9.8CVSS5.8AI score0.00794EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/05/27 12:0 a.m.13 views

Amazon Linux 2 : dnsmasq, --advisory ALAS2DNSMASQ-2026-004 (ALASDNSMASQ-2026-004)

The version of dnsmasq installed on the remote host is prior to 2.90-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2DNSMASQ-2026-004 advisory. A Denial of Service DoS vulnerability in the DNSSEC validation of dnsmasq allows remote attackers to cause a denial o...

8.8CVSS6.4AI score0.06662EPSS
Exploits4References12
Tenable Nessus
Tenable Nessus
added 2026/05/27 12:0 a.m.8 views

Amazon Linux 2023 : python3.13-pip, python3.13-pip-wheel (ALAS2023-2026-1719)

It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2026-1719 advisory. pip handles concatenated tar and ZIP files as ZIP files regardless of filename or whether a file is both a tar and ZIP file. This behavior could result in confusing installation behavior, such as...

4.6CVSS5.8AI score0.00144EPSS
Exploits0References4
Rows per page
Query Builder