Lucene search
K

33 matches found

OSSF Malicious Packages
OSSF Malicious Packages
added 2025/11/12 4:29 a.m.3 views

Malicious code in eslint-plugin-process-sails-update (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 54131fa2d2dcc4b78de6cb5b6d09342e6dc5740aaa9fbbe5e0ec5cac6985a259 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

6.9AI score
Exploits0
EUVD
EUVD
added 2025/10/07 12:30 a.m.7 views

EUVD-2005-4845

Malware in sbrugna...

5CVSS6.4AI score0.01124EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2022-38912

Malicious code in bioql PyPI...

9.8CVSS9.1AI score0.01392EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2025/09/10 12:0 a.m.4 views

Linux Distros Unpatched Vulnerability : CVE-2022-3124

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The Frontend File Manager Plugin WordPress plugin before 21.3 allows any unauthenticated user to rename uploaded files from users. Furthermore, due to the lack ...

5.3CVSS6.2AI score0.06199EPSS
Exploits2References2
Cvelist
Cvelist
added 2025/08/20 9:14 a.m.7 views

CVE-2025-57733

In JetBrains TeamCity before 2025.07.1 sMTP injection was possible allowing modification of email content...

5.5CVSS0.00261EPSS
Exploits0References1
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2024/08/30 4:58 a.m.2 views

Multiple vulnerabilities in WordPress plugin "Carousel Slider"

Overview WordPress plugin "Carousel Slider" provided by Sayful Islam contains 2 CSRF vulnerabilities listed below. Cross-site request forgery on Carousel image selection feature CWE-352 - CVE-2024-45269 Cross-site request forgery on Hero image selection feature CWE-352 - CVE-2024-45270 RyotaK of...

4.3CVSS6.5AI score0.00256EPSS
Exploits0References6
CNNVD
CNNVD
added 2024/08/30 12:0 a.m.5 views

WordPress plugin Carousel Slider 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

4.3CVSS4.8AI score0.00256EPSS
Exploits0References6
BDU FSTEC
BDU FSTEC
added 2024/02/12 12:0 a.m.5 views

The vulnerability of the ActivityPub plugin in the WordPress content management system allows attackers to perform unauthorized functions, modify or delete any content.

The vulnerability of the ActivityPub plugin in the WordPress content management system is related to deficiencies in the authentication process. Exploiting this vulnerability allows a malicious actor to perform unauthorized functions, modify or delete arbitrary content...

7.5CVSS7.8AI score0.00325EPSS
Exploits0References3Affected Software1
CNNVD
CNNVD
added 2021/08/16 12:0 a.m.3 views

WordPress 插件跨站脚本漏洞

WordPress is the Wordpress Foundation's set of blogging platform developed using the PHP language . The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress Plugin is an open source application plugin for WordPress. A cross-site scripting vulnerability exists i...

6.1CVSS6.2AI score0.00412EPSS
Exploits2References1
ATTACKERKB
ATTACKERKB
added 2020/08/17 12:0 a.m.59 views

CVE-2020-1472

An elevation of privilege vulnerability exists when an attacker establishes a vulnerable Netlogon secure channel connection to a domain controller, using the Netlogon Remote Protocol MS-NRPC. An attacker who successfully exploited the vulnerability could run a specially crafted application on a...

10CVSS8.1AI score0.99512EPSS
In wildExploits75References18
OSV
OSV
added 2019/12/31 3:15 p.m.1 views

CVE-2019-12273

OutSystems Platform 10 through 11 allows ImageResourceDetail.aspx CSRF for content modifications and file uploads. NOTE: The product is self-hosted by the customer, even though it has a .outsystemsenterprise.com domain name. NOTE: The vendor claims that the independent researcher created the repo...

6.5CVSS6.6AI score0.00465EPSS
Exploits1References1
CNVD
CNVD
added 2017/12/25 12:0 a.m.4 views

PHP Scripts Mall Readymade Job Site Script Cross Site Request Forgery Vulnerability

PHP Scripts Mall Readymade Job Site Script is a PHP based job site script by PHP Scripts Mall India. The script includes features like job management, profile management and email notifications. A cross-site request forgery vulnerability exists in PHP Scripts Mall Readymade Job Site Script. A...

8.8CVSS6.5AI score0.00505EPSS
Exploits1References1
Drupal
Drupal
added 2015/06/17 12:0 a.m.31 views

Apache Solr Real-Time - Critical - Access Bypass - SA-CONTRIB-2015-119

This module allows content-changes to be committed to Apache Solr in real-time. The module doesn't check the status of an entity being indexed which means that unpublished content will get indexed by Solr and the title and partial content may be exposed to any user who has permission to search si...

5CVSS6.1AI score0.01396EPSS
Exploits0References11
Rows per page
Query Builder