CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Tenable Nessus•added 2025/08/27 12:0 a.m.•4 views

Linux Distros Unpatched Vulnerability : CVE-2019-20165

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in GPAC version 0.8.0 and 0.9.0-development-20191109. There is a NULL pointer dereference in the function ilstitemRead in...

5.5CVSS6.4AI score0.00865EPSS

Tenable Nessus•added 2025/08/27 12:0 a.m.•5 views

Linux Distros Unpatched Vulnerability : CVE-2020-19750

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in gpac 0.8.0. The strdup function in boxcodebase.c has a heap-based buffer over-read. CVE-2020-19750 Note that Nessus relies on the...

7.5CVSS7.3AI score0.01085EPSS

Tenable Nessus•added 2025/08/26 12:0 a.m.•3 views

Linux Distros Unpatched Vulnerability : CVE-2021-40569

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The binary MP4Box in Gpac through 1.0.1 has a double-free vulnerability in the ilocentrydel funciton in boxcodemeta.c, which allows attackers to cause a denial ...

5.5CVSS6.6AI score0.00863EPSS

Packet Storm•added 2025/08/25 12:0 a.m.•289 views

📄 WordPress WP Reactions Box 1.0 SQL Injection

WordPress WP Reactions Box plugin versions 1.0 and below suffer from a remote SQL Injection vulnerability. Exploit Title: WordPress WP Reactions Box Plugin 1.0 - SQL Injection Google Dork: N/A Date: 2025-08-24 Exploit Author: bRpsd cyatlive.no Vendor Homepage:...

8.6AI score

Tenable Nessus•added 2025/08/25 12:0 a.m.•6 views

Linux Distros Unpatched Vulnerability : CVE-2017-12444

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The mdjvubitmapgetboundingbox function in base/4bitmap.c in minidjvu 0.8 can cause a denial of service invalid memory read and application crash via a crafted...

6.5CVSS6.6AI score0.00881EPSS

Exploits0References3

Patchstack•added 2025/08/23 2:58 a.m.•3 views

WordPress 多说社会化评论框 plugin <= 1.2 - Cross Site Request Forgery (CSRF) to Settings Change vulnerability

Cross Site Request Forgery CSRF to Settings Change vulnerability discovered by Mika Patchstack Alliance in WordPress Plugin 多说社会化评论框 versions = 1.2...

4.3CVSS6.7AI score0.00131EPSS

Exploits0Affected Software1

RedhatCVE•added 2025/08/22 8:30 a.m.•5 views

CVE-2025-53226

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in digitalzoomstudio Comments Capcha Box comments-capcha-box allows Reflected XSS.This issue affects Comments Capcha Box: from n/a through = 1.1...

7.1CVSS5.9AI score0.00219EPSS

NVD•added 2025/08/20 8:15 a.m.•7 views

CVE-2025-53226

7.1CVSS0.00219EPSS

CVE•added 2025/08/20 8:3 a.m.•12 views

CVE-2025-53226

CVE-2025-53226 (WordPress Comments Capcha Box) involves a reflected XSS in the Comments Capcha Box plugin for WordPress (versions up to 1.1). Root cause: improper neutralization of input during web page generation, allowing injection of malicious scripts. Impact: client-side script execution coul...

7.1CVSS5.9AI score0.00219EPSS

Cvelist•added 2025/08/20 8:3 a.m.•10 views

CVE-2025-53226 WordPress Comments Capcha Box Plugin <= 1.1 - Cross Site Scripting (XSS) Vulnerability

7.1CVSS0.00219EPSS

Vulnrichment•added 2025/08/20 8:3 a.m.•2 views

CVE-2025-53226 WordPress Comments Capcha Box Plugin <= 1.1 - Cross Site Scripting (XSS) Vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in digitalzoomstudio Comments Capcha Box allows Reflected XSS. This issue affects Comments Capcha Box: from n/a through 1.1...

7.1CVSS7.2AI score0.00219EPSS

CNNVD•added 2025/08/20 12:0 a.m.•0 views

WordPress plugin Comments Capcha Box 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation. WordPress is a blogging platform developed in the PHP language. The platform supports personal blog sites on servers running PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability exists in...

7.1CVSS5.9AI score0.00219EPSS

Exploits0References2

Positive Technologies•added 2025/08/20 12:0 a.m.•5 views

PT-2025-33977 · Digitalzoomstudio · Comments Capcha Box

Name of the Vulnerable Software and Affected Versions: digitalzoomstudio Comments Capcha Box versions through 1.1 Description: The software contains a Reflected Cross-site Scripting XSS issue due to improper neutralization of input during web page generation. This allows for the injection of...

7.1CVSS6AI score0.00219EPSS

Exploits0References3

Packet Storm News•added 2025/08/20 12:0 a.m.•4 views

Foe for Fraud: Transferable Adversarial Attacks in Credit Card Fraud Detection

Credit card fraud detection CCFD is a critical application of Machine Learning ML in the financial sector, where accurately identifying fraudulent transactions is essential for mitigating financial losses. ML models have demonstrated their effectiveness in fraud detection task, in particular with...

7AI score

Patchstack•added 2025/08/19 12:18 p.m.•4 views

WordPress Comments Capcha Box Plugin <= 1.1 - Cross Site Scripting (XSS) Vulnerability

Cross Site Scripting XSS Vulnerability discovered by Skalucy in WordPress Plugin Comments Capcha Box versions = 1.1...

7.1CVSS6AI score0.00219EPSS

Exploits0Affected Software1

Packet Storm News•added 2025/08/19 12:0 a.m.•2 views

Enhancing Targeted Adversarial Attacks on Large Vision-Language Models through Intermediate Projector Guidance

Targeted adversarial attacks are essential for proactively identifying security flaws in Vision-Language Models before real-world deployment. However, current methods perturb images to maximize global similarity with the target text or reference image at the encoder level, collapsing rich visual...

7.3AI score

Tenable Nessus•added 2025/08/18 12:0 a.m.•4 views

Linux Distros Unpatched Vulnerability : CVE-2021-31254

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Buffer overflow in the tencboxread function in MP4Box in GPAC 1.0.1 allows attackers to cause a denial of service or execute arbitrary code via a crafted file,...

7.8CVSS8.2AI score0.01453EPSS

Packet Storm News•added 2025/08/18 12:0 a.m.•3 views

MAJIC: Markovian Adaptive Jailbreaking Via Iterative Composition of Diverse Innovative Strategies

Large Language Models LLMs have exhibited remarkable capabilities but remain vulnerable to jailbreaking attacks, which can elicit harmful content from the models by manipulating the input prompts. Existing black-box jailbreaking techniques primarily rely on static prompts crafted with a single,...

6.9AI score

Tenable Nessus•added 2025/08/18 12:0 a.m.•8 views

Linux Distros Unpatched Vulnerability : CVE-2021-21859

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An exploitable integer truncation vulnerability exists within the MPEG-4 decoding functionality of the GPAC Project on Advanced Content library v1.0.1. The...

8.8CVSS7.8AI score0.01601EPSS