Lucene search
+L

126804 matches found

Chainguard
Chainguard
added 2 hours ago3 views

CVE-2023-46233 vulnerabilities

Vulnerabilities for packages: arangodb...

9.1CVSS8.1AI score0.00635EPSS
Exploits0
Circl
Circl
added 5 hours ago4 views

CVE-2023-46849

creationtimestamp| type| source ---|---|--- 2026-07-17 11:00:06+00:00| seen| https://t.me/cyberwarehouse/177...

7.5CVSS4.8AI score0.01151EPSS
Exploits0References1
OSV
OSV
added 11 hours ago2 views

ROOT-OS-UBUNTU-2404-CVE-2023-31082 CVE-2023-31082 in rootio-linux - Patched by Root

Root has patched CVE-2023-31082 in the rootio-linux package for Root:Ubuntu:24.04. Multiple fixed versions available...

5.5CVSS5.4AI score0.0036EPSS
Exploits0
OSV
OSV
added 11 hours ago4 views

ROOT-OS-UBUNTU-2404-CVE-2023-53034 CVE-2023-53034 in rootio-linux - Patched by Root

Root has patched CVE-2023-53034 in the rootio-linux package for Root:Ubuntu:24.04. Multiple fixed versions available...

7.1CVSS7.8AI score0.00189EPSS
Exploits0
OSV
OSV
added 11 hours ago3 views

ROOT-OS-UBUNTU-2404-CVE-2023-54105 CVE-2023-54105 in rootio-linux - Patched by Root

Root has patched CVE-2023-54105 in the rootio-linux package for Root:Ubuntu:24.04. Multiple fixed versions available...

5.5CVSS5.4AI score0.00175EPSS
Exploits0
OSV
OSV
added 11 hours ago4 views

ROOT-OS-UBUNTU-2404-CVE-2023-4010 CVE-2023-4010 in rootio-linux - Patched by Root

Root has patched CVE-2023-4010 in the rootio-linux package for Root:Ubuntu:24.04. Multiple fixed versions available...

4.6CVSS5.9AI score0.00516EPSS
Exploits1
OSV
OSV
added 11 hours ago5 views

ROOT-OS-UBUNTU-2404-CVE-2023-20585 CVE-2023-20585 in rootio-linux - Patched by Root

Root has patched CVE-2023-20585 in the rootio-linux package for Root:Ubuntu:24.04. Multiple fixed versions available...

5.6CVSS6.7AI score0.00098EPSS
Exploits0
OSV
OSV
added 11 hours ago3 views

ROOT-OS-UBUNTU-2404-CVE-2023-53681 CVE-2023-53681 in rootio-linux - Patched by Root

Root has patched CVE-2023-53681 in the rootio-linux package for Root:Ubuntu:24.04. Multiple fixed versions available...

5.5CVSS6.5AI score0.00135EPSS
Exploits0
OSV
OSV
added 11 hours ago3 views

ROOT-OS-UBUNTU-2404-CVE-2023-53469 CVE-2023-53469 in rootio-linux - Patched by Root

Root has patched CVE-2023-53469 in the rootio-linux package for Root:Ubuntu:24.04. Multiple fixed versions available...

8.2AI score0.00027EPSS
Exploits0
Nuclei
Nuclei
added 11 hours ago27 views

Quiz and Survey Master <= 8.1.4 - SQL Injection

ExpressTech Quiz And Survey Master versions up to 8.1.4 contains an SQL injection caused by improper neutralization of special elements used in SQL commands, letting attackers execute arbitrary SQL queries, exploit requires user interaction. id: CVE-2023-28787 info: name: Quiz and Survey Master =...

9.3CVSS9AI score0.0196EPSS
Exploits0References3
Nuclei
Nuclei
added 11 hours ago44 views

JS Help Desk <= 2.8.1 - SQL Injection

The JS Help Desk – Best Help Desk & Support Plugin plugin for WordPress is vulnerable to SQL Injection via the ‘email' and 'trackingid' parameters in all versions up to 2.8.2 exclusive due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing S...

9.8CVSS8.8AI score0.02041EPSS
Exploits0References2
Nuclei
Nuclei
added 11 hours ago109 views

SolarView Compact < 6.00 - Directory Traversal

SolarView Compact before version 6.00 is vulnerable to directory traversal via the file parameter in downloader.php. An unauthenticated attacker can read arbitrary files from the system by using path traversal sequences with a null byte bypass to access sensitive files such as /etc/passwd. id:...

7.5CVSS7.5AI score0.02885EPSS
Exploits1References2
Nuclei
Nuclei
added 11 hours ago10 views

LogDash Activity Log <= 1.1.3 - SQL Injection

The LogDash Activity Log plugin for WordPress is vulnerable to SQL Injection via the username parameter in all versions up to, and including, 1.1.3 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for...

5.4CVSS5.7AI score0.00748EPSS
Exploits1References2
Nuclei
Nuclei
added 11 hours ago22 views

JetBackup <= 2.0.9.7 - Sensitive Information Exposure via Directory Listing

JetBackup WordPress plugin = 2.0.9.9 does not use index files to prevent directory listing in certain configurations, letting malicious actors leak backup files, exploit requires access to the web server. id: CVE-2023-7165 info: name: JetBackup = 2.0.9.7 - Sensitive Information Exposure via...

7.5CVSS8.3AI score0.01915EPSS
Exploits2References3
Nuclei
Nuclei
added 11 hours ago47 views

Subscribe to Category <= 2.7.4 - SQL Injection

The Subscribe to Category contains a sqlinjection caused by improper neutralization of special elements used in an SQL command, letting attackers execute arbitrary SQL commands, exploit requires user interaction. id: CVE-2023-32590 info: name: Subscribe to Category = 2.7.4 - SQL Injection author:...

9.3CVSS8.1AI score0.01646EPSS
Exploits1References2
Nuclei
Nuclei
added 11 hours ago38 views

JS Help Desk <= 2.8.2 - SQL Injection

JS Help Desk WordPress plugin 2.8.2 contains a SQL injection caused by insufficient escaping and preparation of user-supplied values in 'js-support-ticket-token-tkstatus' cookie, letting unauthenticated attackers extract sensitive database information, exploit requires no authentication. id:...

7.5CVSS5.6AI score0.01317EPSS
Exploits0References2
Nuclei
Nuclei
added 11 hours ago37 views

Hongjing e-HR 2020 - SQL Injection

A vulnerability, which was classified as critical, has been found in Hongjing e-HR 2020. Affected by this issue is some unknown functionality of the file /wselfservice/oauthservlet/%2e./.%2e/general/inform/org/loadhistroyorgtree of the component Login Interface. The manipulation of the argument...

9.8CVSS7AI score0.03766EPSS
Exploits1References2
Nuclei
Nuclei
added 11 hours ago13 views

PHP Login System 2.0.1 - Cross-Site Scripting

msaad1999's PHP-Login-System 2.0.1 contains a reflected cross-site scripting caused by unsanitized input in 'validator' parameter in /reset-password, letting remote attackers execute arbitrary JavaScript in a user's browser, exploit requires attacker to craft malicious URL id: CVE-2023-38875 info...

6.1CVSS6.2AI score0.00824EPSS
Exploits0References2
Nuclei
Nuclei
added 11 hours ago21 views

tagDiv Composer < 4.2 - Stored Cross-Site Scripting

tagDiv Composer plugin versions before 4.2 for WordPress are vulnerable to unauthenticated stored XSS via the /wp-json/tdw/savecss endpoint. An attacker can inject malicious JavaScript code through the compiledcss parameter, which gets stored and executed when the CSS is loaded. id: CVE-2023-3169...

6.1CVSS7AI score0.01582EPSS
Exploits2References2
Nuclei
Nuclei
added 11 hours ago33 views

Form-Maker < 1.15.20 - Unauthenticated Arbitrary File Upload

The plugin does not validate signatures when creating them on the server from user input, allowing unauthenticated users to create arbitrary files and lead to RCE. id: CVE-2023-4666 info: name: Form-Maker 1.15.20 - Unauthenticated Arbitrary File Upload author: pussycat0x severity: critical...

9.8CVSS8.5AI score0.03283EPSS
Exploits3References1
Rows per page
Query Builder