Lucene search
K

6 matches found

EUVD
EUVD
added 7 hours ago6 views

EUVD-2026-42012

The uncanny-automator-pro WordPress plugin before 7.3.0.6 was distributed with malicious code after the vendor's uncanny-automator-pro WordPress plugin before 7.3.0.6 update/distribution infrastructure was compromised; the injected backdoor grants unauthenticated attackers an administrator sessio...

6AI score
Exploits0References1
EUVD
EUVD
added 2026/06/25 8:38 p.m.6 views

EUVD-2026-39561

Two data sources DICOMWebProxy and DICOMJSON shipped in the default configuration fetch an arbitrary URL parameter without validation. A global authentication service in OHIF automatically injects the authenticated user's OIDC Bearer token into the resulting requests, sending it to the...

8.3CVSS6AI score0.00232EPSS
Exploits0References2
Snyk
Snyk
added 2025/08/14 3:31 p.m.7 views

Malicious Package

Overview postingzon is a malicious package. This package contains malicious code, and its content was removed from the official package manager. The package appears to be part of a larger campaign targeting user credentials. It, and several other variations, masquerade as automation tools for...

8.6CVSS6.9AI score
Exploits0References3
RedHat Linux
RedHat Linux
added 2023/06/15 9:3 a.m.5 views

plugin: missing permission checks in Blue Ocean Plugin

Jenkins Blue Ocean Plugin 1.25.3 and earlier does not perform a permission check in several HTTP endpoints, allowing attackers with Overall/Read permission to connect to an attacker-specified HTTP server...

6.5CVSS5.8AI score0.00782EPSS
Exploits0References5
The Hacker News
The Hacker News
added 2019/08/28 3:37 p.m.3 views

Magecart Hackers Compromise 80 More eCommerce Sites to Steal Credit Cards

Cybersecurity researchers have discovered over 80 Magecart compromised e-commerce websites that were actively sending credit card information of online shoppers to the attackers-controlled servers. Operating their businesses in the United States, Canada, Europe, Latin America, and Asia, many of...

8AI score
Exploits0
Positive Technologies
Positive Technologies
added 2019/04/04 12:0 a.m.5 views

PT-2019-11681 · Jenkins · Jenkins Jenkins-Reviewbot Plugin

Name of the Vulnerable Software and Affected Versions: Jenkins jenkins-reviewbot Plugin affected versions not specified Description: A missing permission check in the ReviewboardDescriptordoTestConnection form validation method allows attackers with Overall/Read permission to initiate a connectio...

6.5CVSS6.2AI score0.01486EPSS
Exploits0References5
Rows per page
Query Builder