Lucene search
K

5111 matches found

BDU FSTEC
BDU FSTEC
added 2025/01/31 12:0 a.m.5 views

The vulnerability of the read_hexstring() function in the tcprewrite editor for editing and replaying PCAP files, allows a hacker to cause a service failure.

The vulnerability of the readhexstring function in the tcprewrite tool for editing and replaying PCAP files involves pointer manipulation. Exploiting this vulnerability could allow an attacker to cause service interruptions remotely...

7.8CVSS7.1AI score0.01468EPSS
Exploits1References5Affected Software2
BDU FSTEC
BDU FSTEC
added 2025/01/31 12:0 a.m.5 views

The vulnerability of the parse_list() function in the tcpprep editor for processing PCAP files, as well as in the Tcpreplay tool for editing and replaying PCAP files, allows a hacker to cause a service failure.

The vulnerability of the parselist function in the tcpprep editing and playback PCAP file utility lies in pointer manipulation. Exploiting this vulnerability could allow a malicious actor to cause service interruptions remotely...

7.8CVSS7.1AI score0.01468EPSS
Exploits1References5Affected Software2
CNNVD
CNNVD
added 2025/01/31 12:0 a.m.6 views

CTFd 安全漏洞

CTFd is a Capture The Flag framework open-sourced by CTFd. A security vulnerability exists in CTFd version 3.7.5 that stems from a failure to properly validate or clean the Host header, which could lead to a phishing attack, password reset, or cache poisoning...

6.1CVSS6.7AI score0.00285EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2025/01/28 12:0 a.m.3 views

PT-2025-1875

Name of the Vulnerable Software and Affected Versions HP affected versions not specified Description With access to the address book, an attacker could modify SMB/FTP settings, redirect scans, and possibly capture credentials. This requires enabled scan functions and printer access. Recommendatio...

8CVSS8.1AI score0.00573EPSS
Exploits0References38
Positive Technologies
Positive Technologies
added 2025/01/28 12:0 a.m.3 views

PT-2025-1874

Name of the Vulnerable Software and Affected Versions Xerox VersaLink Printers affected versions not specified Xerox VersaLink C7025 MFPs affected versions not specified Description The issue allows authentication to be redirected to another server when accessing LDAP settings, potentially exposi...

8.7CVSS7.9AI score0.00918EPSS
Exploits0References34
Microsoft KB
Microsoft KB
added 2025/01/28 12:0 a.m.5 views

January 28, 2025—KB5050081 (OS Build 19045.5440) Preview

January 28, 2025—KB5050081 OS Build 19045.5440 Preview 11/17/20 For information about Windows update terminology, see the article about the types of Windows updates and the monthly quality update types. For an overview of Windows 10, version 22H2, see its update history page. Note Follow...

7.1AI score
Exploits0
OSV
OSV
added 2025/01/27 10:15 p.m.1 views

CVE-2024-54539

This issue was addressed through improved state management. This issue is fixed in macOS Sonoma 14.7.2, macOS Sequoia 15.2, macOS Ventura 13.7.2. An app may be able to capture keyboard events from the lock screen...

5.5CVSS5.7AI score
Exploits0References3
CNNVD
CNNVD
added 2025/01/27 12:0 a.m.3 views

Apple iOS和iPadOS 安全漏洞

Apple iOS and Apple iPadOS are products of Apple Inc. Apple iOS is an operating system developed for mobile devices, and Apple iPadOS is an operating system for the iPad tablet computer. A security vulnerability exists in Apple iOS version 18.3 and iPadOS version 18.3, which stems from an...

5.5CVSS8.8AI score0.00268EPSS
Exploits0References6
CNNVD
CNNVD
added 2025/01/27 12:0 a.m.3 views

Apple iOS和Apple iPadOS 安全漏洞

Apple iOS and Apple iPadOS are products of Apple Inc. Apple iOS is an operating system developed for mobile devices, and Apple iPadOS is an operating system for iPad tablets. A security vulnerability exists in Apple iOS version 18.3 and Apple iPadOS version 18.3, which originates from a malicious...

6.5CVSS7.2AI score0.00798EPSS
Exploits0References5
NVD
NVD
added 2025/01/16 9:15 p.m.22 views

CVE-2025-23929

Missing Authorization vulnerability in wishfulthemes Email Capture & Lead Generation email-capture-lead-generation allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Email Capture & Lead Generation: from n/a through = 1.0.2...

4.3CVSS0.00245EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/01/16 8:7 p.m.22 views

CVE-2025-23929 WordPress Email Capture & Lead Generation Plugin <= 1.0.2 - Broken Access Control vulnerability

Missing Authorization vulnerability in wishfulthemes Email Capture & Lead Generation email-capture-lead-generation allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Email Capture & Lead Generation: from n/a through = 1.0.2...

4.3CVSS0.00245EPSS
Exploits0References1
Patchstack
Patchstack
added 2025/01/16 6:43 p.m.4 views

WordPress Email Capture & Lead Generation Plugin <= 1.0.2 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Abdi Pranata in WordPress Plugin Email Capture & Lead Generation versions = 1.0.2...

4.3CVSS6.9AI score0.00245EPSS
Exploits0Affected Software1
Positive Technologies
Positive Technologies
added 2025/01/16 12:0 a.m.4 views

PT-2025-5208 · Wishfulthemes · Wishfulthemes Email Capture & Lead Generation

Name of the Vulnerable Software and Affected Versions: wishfulthemes Email Capture & Lead Generation versions 1.0.2 and earlier Description: The issue is related to a missing authorization vulnerability in wishfulthemes Email Capture & Lead Generation, which allows exploiting incorrectly configur...

4.3CVSS9.4AI score0.00245EPSS
Exploits0References4
Snyk
Snyk
added 2025/01/14 7:40 p.m.1 views

Interpretation Conflict

Overview Affected versions of this package are vulnerable to Interpretation Conflict due to improper handling of newline characters in remote URLs. An attacker can capture credentials for another Git remote by crafting a malicious URL that manipulates newline interpretations between Git and the G...

8.2CVSS7AI score0.03148EPSS
Exploits0References2
NVD
NVD
added 2025/01/14 7:15 p.m.26 views

CVE-2024-50338

Git Credential Manager GCM is a secure Git credential helper built on .NET that runs on Windows, macOS, and Linux. The Git credential protocol is text-based over standard input/output, and consists of a series of lines of key-value pairs in the format key=value. Git's documentation restricts the...

7.4CVSS0.03148EPSS
Exploits0References8
OSV
OSV
added 2025/01/14 6:11 p.m.4 views

CVE-2024-50338 Carriage-return character in remote URL allows malicious repository to leak credentials in Git Credential Manager

Git Credential Manager GCM is a secure Git credential helper built on .NET that runs on Windows, macOS, and Linux. The Git credential protocol is text-based over standard input/output, and consists of a series of lines of key-value pairs in the format key=value. Git's documentation restricts the...

7.4CVSS9.1AI score0.03148EPSS
Exploits0References10
Positive Technologies
Positive Technologies
added 2025/01/14 12:0 a.m.9 views

PT-2025-2920

Name of the Vulnerable Software and Affected Versions Git versions prior to v2.48.1 Git versions prior to v2.47.2 Git versions prior to v2.46.3 Git versions prior to v2.45.3 Git versions prior to v2.44.3 Git versions prior to v2.43.6 Git versions prior to v2.42.4 Git versions prior to v2.41.3 Git...

9CVSS7.5AI score0.25334EPSS
Exploits43References102
Positive Technologies
Positive Technologies
added 2025/01/11 12:0 a.m.43 views

PT-2025-1920 · WordPress · The Coupon X: Discount Pop Up

Name of the Vulnerable Software and Affected Versions: The Coupon X: Discount Pop Up, Promo Code Pop Ups, Announcement Pop Up, WooCommerce Popups plugin for WordPress versions up to, and including, 1.3.5 Description: The issue is related to PHP Object Injection via deserialization of untrusted...

7.5CVSS7.8AI score0.0053EPSS
Exploits0References9
Positive Technologies
Positive Technologies
added 2025/01/10 12:0 a.m.6 views

PT-2025-4828 · Redcap · Redcap

Name of the Vulnerable Software and Affected Versions: REDCap version 14.9.6 Description: A stored cross-site scripting XSS issue allows authenticated users to inject malicious scripts into the Survey field name of Survey. When a user receives the survey and clicks on the field name, it triggers...

6.1CVSS5.2AI score0.00273EPSS
Exploits0References5
CNNVD
CNNVD
added 2025/01/07 12:0 a.m.7 views

CTFd 安全漏洞

CTFd is a Capture The Flag framework open-sourced by CTFd. A security vulnerability exists in CTFd version 3.7.3, which stems from a vulnerability that allows an attacker to trigger a Regular Expression Denial of Service ReDoS by supplying a crafted string as an email address during registration...

7.5CVSS6.6AI score0.00707EPSS
Exploits0References3
Rows per page
Query Builder