Lucene search
K

118 matches found

CNNVD
CNNVD
added 2025/11/11 12:0 a.m.4 views

WordPress plugin WP Count Down Timer 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin ... A cross-site...

6.4CVSS5.9AI score0.00211EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2025/11/10 1:27 p.m.4 views

CVE-2025-64686

...

6.3AI score0.00005EPSS
Exploits0
Cvelist
Cvelist
added 2025/10/28 1:23 p.m.6 views

CVE-2025-12390 Org.keycloak.protocol.oidc.endpoints.logoutendpoint: offline session takeover due to reused authentication session id

A flaw was found in Keycloak. In Keycloak where a user can accidentally get access to another user's session if both use the same device and browser. This happens because Keycloak sometimes reuses session identifiers and doesn’t clean up properly during logout when browser cookies are missing. As...

6CVSS0.00128EPSS
Exploits0References7
OSV
OSV
added 2025/10/27 6:15 p.m.2 views

UBUNTU-CVE-2025-61795

Improper Resource Shutdown or Release vulnerability in Apache Tomcat. If an error occurred including exceeding limits during the processing of a multipart upload, temporary copies of the uploaded parts written to disc were not cleaned up immediately but left for the garbage collection process to...

5.3CVSS7.1AI score0.01139EPSS
Exploits0References6
CNNVD
CNNVD
added 2025/10/17 12:0 a.m.3 views

ThingsBoard 安全漏洞

ThingsBoard is a Java-based platform for IOT devices for monitoring, management, and data collection by the ThingsBoard team. A security vulnerability exists in ThingsBoard versions prior to 4.2.1, which stems from insufficient cleanup of uploaded SVG files and improper validation of content type...

6.2CVSS5.9AI score0.00345EPSS
Exploits0References6
Cvelist
Cvelist
added 2025/10/16 9:22 a.m.61 views

CVE-2025-6338 Possible denial of service with multiple incoming connections to a Schannel based server with a TLS backend

There is an incomplete cleanup vulnerability in Qt Network's Schannel support on Windows which can lead to a Denial of Service over a long period.This issue affects Qt from 5.15.0 through 6.8.3, from 6.9.0 before 6.9.2...

9.2CVSS0.00403EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/10/15 12:0 a.m.4 views

WordPress plugin External Login 信息泄露漏洞

The WordPress External Login plugin is mainly used to integrate WordPress login functionality with an external database system, allowing users to log in to the site directly through an external account. An information disclosure vulnerability exists in the WordPress External Login plugin, which...

4.3CVSS6.6AI score0.00245EPSS
Exploits0References5
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2017-5820

Malware in sbrugna...

5.6CVSS6.9AI score0.00277EPSS
Exploits0References8
SUSE CVE
SUSE CVE
added 2025/10/05 2:55 a.m.4 views

SUSE CVE-2023-53594

In the Linux kernel, the following vulnerability has been resolved: driver core: fix resource leak in deviceadd When calling kobjectadd failed in deviceadd, it will call cleanupgluedir to free resource. But in kobjectadd, dev-kobj.parent has been set to NULL. This will cause resource leak. The...

5.5CVSS6.5AI score0.00135EPSS
Exploits0References8
EUVD
EUVD
added 2025/10/03 8:7 p.m.3 views

EUVD-2023-24697

Malicious code in bioql PyPI...

1.9CVSS6.4AI score0.00096EPSS
Exploits0References2
CNNVD
CNNVD
added 2025/09/25 12:0 a.m.4 views

Vulnerability-Lookup 跨站脚本漏洞

Vulnerability-Lookup is an open source Vulnerability-Lookup platform for managing disclosure of vulnerabilities. A cross-site scripting vulnerability exists in Vulnerability-Lookup version 2.16.0 that stems from insufficient cleanup of user input and could lead to a cross-site scripting attack...

6.4CVSS5.7AI score0.00185EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/09/14 12:0 a.m.6 views

Linux Distros Unpatched Vulnerability : CVE-2025-39750

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - wifi: ath12k: Correct tid cleanup when tid setup fails Currently, if any error occurs during ath12kdprxpeertidsetup, the tid value is already incremented, even...

7.1CVSS7AI score0.00149EPSS
Exploits0References3
CNNVD
CNNVD
added 2025/08/28 12:0 a.m.6 views

FreePBX 安全漏洞

FreePBX formerly known as Asterisk Management Portal is a suite of tools from the FreePBX project for configuring Asterisk an IP telephony system via a GUI web-based graphical interface. A security vulnerability exists in FreePBX version 15.0.66 and versions prior to 17.0.3, which stems from...

10CVSS7.8AI score0.93286EPSS
Exploits21References3
Tenable Nessus
Tenable Nessus
added 2025/08/24 12:0 a.m.4 views

Linux Distros Unpatched Vulnerability : CVE-2021-28688

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The fix for XSA-365 includes initialization of pointers such that subsequent cleanup code wouldn't use uninitialized or stale values. This initialization went t...

6.5CVSS6.7AI score0.00332EPSS
Exploits0References2
CNNVD
CNNVD
added 2025/08/22 12:0 a.m.3 views

WordPress plugin WP Talroo 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security...

7.1CVSS5.9AI score0.00236EPSS
Exploits1References3
CNNVD
CNNVD
added 2025/08/12 12:0 a.m.4 views

Siemens多款产品 代码问题漏洞

Siemens SIMATIC STEP and others are products of Siemens, a German company. siemens SIMATIC STEP is a comprehensive engineering tool for configuring and programming SIMATIC controllers. siemens SIMATIC PCS neo is a distributed control system. siemens SIMATIC STEP 7 is a PLC program simulation...

8.6CVSS7AI score0.00153EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/08/05 12:0 a.m.2 views

Linux Distros Unpatched Vulnerability : CVE-2025-38024

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - RDMA/rxe: Fix slab-use-after-free Read in rxequeuecleanup bug Call Trace: dumpstack lib/dumpstack.c:94 inline dumpstacklvl+0x7d/0xa0 lib/dumpstack.c:120...

7.8CVSS6.8AI score0.00179EPSS
Exploits0References3
BDU FSTEC
BDU FSTEC
added 2025/07/28 12:0 a.m.7 views

The vulnerability of the Linux operating system’s Bluetooth kernel component, which allows a hacker to trigger a service failure

The vulnerability of the Linux operating system’s Bluetooth kernel component is related to improper cleaning or release of resources. Exploiting this vulnerability can allow an attacker to cause a service failure...

3.3CVSS6.2AI score0.00155EPSS
Exploits0References10Affected Software8
CNNVD
CNNVD
added 2025/07/03 12:0 a.m.3 views

Citizen 跨站脚本漏洞

Citizen is a beautiful, easy-to-use and responsive MediaWiki skin from the Star Citizen Wiki team. A cross-site scripting vulnerability exists in Citizen versions prior to 1.9.4 through 3.4.0, which stems from a short description inserted by the ShortDescription extension that is not properly...

8.6CVSS5.8AI score0.003EPSS
Exploits1References4
SUSE CVE
SUSE CVE
added 2025/06/19 3:44 a.m.3 views

SUSE CVE-2022-50008

In the Linux kernel, the following vulnerability has been resolved: kprobes: don't call disarmkprobe for disabled kprobes The assumption in disablekprobe is wrong, and it could try to disarm an already disarmed kprobe and fire the WARNONCE below. 0 We can easily reproduce this issue. 1. Write 0 t...

5.5CVSS6.4AI score0.00208EPSS
Exploits0References10
Rows per page
Query Builder