Lucene search
K

299 matches found

Cvelist
Cvelist
added 2025/04/15 7:59 p.m.8 views

CVE-2025-2567 Lantronix Xport Missing Authentication for Critical Function

An attacker could modify or disable settings, disrupt fuel monitoring and supply chain operations, leading to disabling of ATG monitoring. This would result in potential safety hazards in fuel storage and transportation...

9.8CVSS0.00456EPSS
Exploits0References1
UbuntuCve
UbuntuCve
added 2025/04/15 7:16 p.m.6 views

CVE-2025-24358

gorilla/csrf provides Cross Site Request Forgery CSRF prevention middleware for Go web applications & services. Prior to 1.7.2, gorilla/csrf does not validate the Origin header against an allowlist. Its executes its validation of the Referer header for cross-origin requests only when it believes...

6CVSS6.3AI score0.00347EPSS
Exploits0References3
Circl
Circl
added 2025/04/15 4:38 a.m.4 views

CVE-2025-32941

creationtimestamp| type| source ---|---|--- 2025-04-15 04:38:14+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3lmtaycjrde2h 2025-04-15 07:24:04+00:00| seen| https://t.me/cvedetector/22908...

4.8AI score
Exploits0References2
Patchstack
Patchstack
added 2025/04/09 10:3 p.m.5 views

WordPress ORDER POST plugin <= 2.0.2 - Unauthenticated Arbitrary Shortcode Execution vulnerability

Unauthenticated Arbitrary Shortcode Execution vulnerability discovered by Avraham Shemesh in WordPress Plugin ORDER POST versions = 2.0.2...

7.3CVSS8.4AI score0.00453EPSS
Exploits0References1Affected Software1
Circl
Circl
added 2025/04/08 7:22 p.m.6 views

CVE-2025-27078

creationtimestamp| type| source ---|---|--- 2025-04-08 19:22:35+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3lmd755jc5t24...

6.5CVSS6.9AI score0.00397EPSS
Exploits0References1
NVD
NVD
added 2025/04/07 11:15 a.m.7 views

CVE-2024-43067

Memory corruption occurs during the copying of read data from the EEPROM because the IO configuration is exposed as shared memory...

7.8CVSS0.00081EPSS
Exploits0References1
Circl
Circl
added 2025/04/03 3:7 p.m.7 views

CVE-2025-31900

creationtimestamp| type| source ---|---|--- 2025-04-03 15:07:18+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3llw6jxc7n22z 2025-04-03 17:44:37+00:00| seen| https://t.me/cvedetector/21982...

7.1CVSS7.8AI score0.00224EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2025/04/02 9:21 a.m.4 views

CVE-2025-3063 Shopper Approved Reviews 2.0 - 2.1 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Options Update

The Shopper Approved Reviews plugin for WordPress is vulnerable to unauthorized modification of data that can lead to privilege escalation due to a missing capability check on the ajaxcallbackupdatesaoption function in versions 2.0 to 2.1. This makes it possible for authenticated attackers, with...

8.8CVSS7.4AI score0.00383EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2025/03/28 7:5 a.m.18 views

CVE-2022-49756

In the Linux kernel, the following vulnerability has been resolved: phy: usb: sunplus: Fix potential null-ptr-deref in spusbphyprobe spusbphyprobe will call platformgetresourcebyname that may fail and return NULL. devmioremap will use usbphy-moon4resmem-start as input, which may causes...

5.5CVSS6.9AI score0.00159EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2025/03/28 1:4 a.m.12 views

CVE-2023-53002

In the Linux kernel, the following vulnerability has been resolved: drm/i915: Fix a memory leak with reused mmapoffset drmvmanodeallow and drmvmanoderevoke should be called in balanced pairs. We call drmvmanodeallow once per-file everytime a user calls mmapoffset, but only call drmvmanoderevoke...

5.5CVSS6.5AI score0.0021EPSS
Exploits0References4
UbuntuCve
UbuntuCve
added 2025/03/27 5:15 p.m.8 views

CVE-2023-52930

In the Linux kernel, the following vulnerability has been resolved: drm/i915: Fix potential bit17 double-free A userspace with multiple threads racing I915GEMSETTILING to set the tiling to I915TILINGNONE could trigger a double free of the bit17 bitmask. Or conversely leak memory on the transition...

7.8CVSS6.4AI score0.00265EPSS
Exploits0References6
NVD
NVD
added 2025/03/26 8:15 p.m.19 views

CVE-2025-26011

Telesquare TLR-2005KSH 1.1.4 has an unauthorized stack overflow vulnerability when requesting the admin.cgi parameter with setUsernamePassword...

9.8CVSS0.00415EPSS
Exploits0References1
UbuntuCve
UbuntuCve
added 2025/03/25 12:0 a.m.5 views

CVE-2025-2722

Last updated 25 March 2025...

7AI score
Exploits0References4
NVD
NVD
added 2025/03/24 2:15 p.m.6 views

CVE-2025-30558

Cross-Site Request Forgery CSRF vulnerability in EnzoCostantini55 ANAC XML Render anac-xml-render allows Stored XSS.This issue affects ANAC XML Render: from n/a through = 1.5.7...

7.1CVSS0.00178EPSS
Exploits0References1
Circl
Circl
added 2025/03/22 7:38 a.m.9 views

CVE-2025-2482

creationtimestamp| type| source ---|---|--- 2025-03-22 07:38:51+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3lkx7uzg3zk24 2025-03-22 10:22:25+00:00| seen| https://t.me/cvedetector/20855...

6.1CVSS8.7AI score0.00294EPSS
Exploits0References2
Circl
Circl
added 2025/03/22 7:38 a.m.8 views

CVE-2025-2477

creationtimestamp| type| source ---|---|--- 2025-03-22 07:38:49+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3lkx7uz3h5r2h 2025-03-22 10:22:32+00:00| seen| https://t.me/cvedetector/20861...

4.7CVSS8.7AI score0.0027EPSS
Exploits0References2
Circl
Circl
added 2025/03/22 7:38 a.m.7 views

CVE-2025-2484

creationtimestamp| type| source ---|---|--- 2025-03-22 07:38:48+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3lkx7uyqnpo2s 2025-03-22 10:22:25+00:00| seen| https://t.me/cvedetector/20856...

6.1CVSS8.7AI score0.00304EPSS
Exploits0References2
Circl
Circl
added 2025/03/20 1:3 p.m.7 views

CVE-2025-0192

creationtimestamp| type| source ---|---|--- 2025-03-20 13:03:41+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3lksr44fju72s 2025-03-20 13:13:16+00:00| seen| https://t.me/cvedetector/20721 2025-08-11 18:27:49+00:00| seen| MISP/3e4b778d-5810-4171-a915-f1d106684af4...

5.4CVSS5.5AI score0.00279EPSS
Exploits0References2
NVD
NVD
added 2025/03/19 9:15 p.m.15 views

CVE-2025-27786

Applio is a voice conversion tool. Versions 3.2.8-bugfix and prior are vulnerable to arbitrary file removal in core.py. outputttspath in tts.py takes arbitrary user input and passes it to runttsscript function in core.py, which checks if the path in outputttspath exists, and if yes, removes that...

9.1CVSS0.00513EPSS
Exploits0References3
NVD
NVD
added 2025/03/18 3:16 p.m.6 views

CVE-2025-30116

An issue was discovered on the Forvia Hella HELLA Driving Recorder DR 820. Remotely Dumping of Video Footage and the Live Video Stream can occur. It allows remote attackers to access and download recorded video footage from the SD card via port 9091. Additionally, attackers can connect to port 90...

7.5CVSS0.00508EPSS
Exploits0References2
Rows per page
Query Builder