Lucene search
K

3667 matches found

Nuclei
Nuclei
added yesterday19 views

ListingPro < 2.6.1 - Sensitive Data Disclosure

The ListingPro - WordPress Directory & Listing Theme for WordPress is vulnerable to Sensitive Data Exposure in versions before 2.6.1 via the /listingpro-plugin/functions.php file. This makes it possible for unauthenticated attackers to extract sensitive data including usernames, full names, email...

5.3CVSS6.2AI score0.01608EPSS
Exploits1References2
Nuclei
Nuclei
added yesterday185 views

Jms Blog - SQL Injection

The module Jms Blog jmsblog from Joommasters contains a Time Based SQL injection vulnerability. This module is for the PrestaShop e-commerce platform and mainly provided with joommasters PrestaShop themes id: CVE-2023-27034 info: name: Jms Blog - SQL Injection author: MaStErChO severity: critical...

9.8CVSS7.1AI score0.58743EPSS
Exploits0References5
Nuclei
Nuclei
added yesterday57 views

Edito CMS - Sensitive Data Leak

Web services managed by Edito CMS Content Management System in versions from 3.5 through 3.25 leak sensitive data as they allow downloading configuration files by an unauthorized user. id: CVE-2024-4836 info: name: Edito CMS - Sensitive Data Leak author: s4e-io severity: high description: | Web...

7.5CVSS6.1AI score0.02651EPSS
Exploits0References3
NVD
NVD
added 4 days ago6 views

CVE-2026-12918

The Mail Mint – Email Marketing, Newsletter, Email Automation & WooCommerce Emails plugin for WordPress is vulnerable to generic SQL Injection via the 'recipients' parameter in all versions up to, and including, 1.24.1 due to insufficient escaping on the user supplied parameter and lack of...

4.9CVSS0.00319EPSS
Exploits0References6
EUVD
EUVD
added 2026/07/02 8:42 a.m.8 views

EUVD-2026-41271

A vulnerability was discovered on StormShield Network Security 4.3.0 to 4.3.41 included, 4.8.0 to 4.8.15 included , 5.0.0 to 5.0.5 included There is a possible leak of secret information if administration commands have been passed with the CLI command line tool. Someone with SSH access to the...

4.3CVSS5.8AI score0.00212EPSS
Exploits0References1
CVE
CVE
added 2026/07/01 10:22 p.m.20 views

CVE-2026-14408

CVE-2026-14408 affects Google Chrome Dawn prior to 150.0.7871.46, with an uninitialized use in Dawn allowing a remote attacker to read potentially sensitive information from process memory via a crafted HTML page. The vulnerability’s impact is described as information disclosure (Medium severity)...

6.5CVSS5.8AI score0.00224EPSS
Exploits0References2Affected Software1
Debian CVE
Debian CVE
added 2026/07/01 10:21 p.m.5 views

CVE-2026-14418

Uninitialized Use in ANGLE in Google Chrome prior to 150.0.7871.46 allowed a remote attacker to leak cross-origin data via a crafted HTML page. Chromium security severity: High...

4.3CVSS5.8AI score0.00185EPSS
Exploits0
ATTACKERKB
ATTACKERKB
added 2026/07/01 10:21 p.m.6 views

CVE-2026-14396

Out of bounds read in ANGLE in Google Chrome prior to 150.0.7871.46 allowed a remote attacker to leak cross-origin data via a crafted HTML page. Chromium security severity: High...

5.8AI score0.00247EPSS
Exploits0References3Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/07/01 10:21 p.m.6 views

CVE-2026-14384

Out of bounds read in ANGLE in Google Chrome on Windows prior to 150.0.7871.46 allowed a remote attacker to leak cross-origin data via a crafted HTML page. Chromium security severity: Medium...

5.8AI score0.00263EPSS
Exploits0References3Affected Software1
RedhatCVE
RedhatCVE
added 2026/07/01 10:20 p.m.6 views

CVE-2026-53467

A flaw was found in ImageMagick. The MNG decoder in ImageMagick contains a heap information disclosure vulnerability. This flaw could allow an attacker to potentially access sensitive information from memory due to parts of image pixels being left unchanged during processing. This could lead to...

5.3CVSS5.6AI score0.00197EPSS
Exploits0References4
EUVD
EUVD
added 2026/07/01 4:13 p.m.6 views

EUVD-2026-41061

Guardian language-system passes the name GET parameter directly into an unsanitized SQL query in designer.php line 124: SELECT FROM complex WHERE name='".$GET'name'."'. An authenticated attacker can perform error-based SQL injection to extract database contents...

9.8CVSS5.8AI score0.00373EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/07/01 12:0 a.m.5 views

Linux Distros Unpatched Vulnerability : CVE-2026-14019

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Inappropriate implementation in Passwords in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to leak cross-origin data via a crafted HTML page...

6.5CVSS6.2AI score0.00238EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/07/01 12:0 a.m.6 views

Linux Distros Unpatched Vulnerability : CVE-2026-14004

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Inappropriate implementation in CSS in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to leak cross-origin data via a crafted HTML page. Chromiu...

6.5CVSS6.2AI score0.00299EPSS
Exploits0References2
NVD
NVD
added 2026/06/30 11:17 p.m.4 views

CVE-2026-14146

Inappropriate implementation in CSS in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to leak cross-origin data via a crafted HTML page. Chromium security severity: Low...

6.5CVSS0.00264EPSS
Exploits0References2
NVD
NVD
added 2026/06/30 11:17 p.m.7 views

CVE-2026-14112

Inappropriate implementation in Enterprise in Google Chrome prior to 150.0.7871.47 allowed a remote attacker who convinced a user to engage in specific UI gestures to obtain potentially sensitive information from process memory via a crafted HTML page. Chromium security severity: Low...

5.3CVSS0.00218EPSS
Exploits0References2
OSV
OSV
added 2026/06/30 11:17 p.m.3 views

DEBIAN-CVE-2026-14100

Insufficient data validation in NetworkCache in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to leak cross-origin data via a crafted HTML page. Chromium security severity: Low...

6.5CVSS5.8AI score0.00229EPSS
Exploits0References1
NVD
NVD
added 2026/06/30 11:17 p.m.6 views

CVE-2026-14100

Insufficient data validation in NetworkCache in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to leak cross-origin data via a crafted HTML page. Chromium security severity: Low...

6.5CVSS0.00229EPSS
Exploits0References2
NVD
NVD
added 2026/06/30 11:17 p.m.6 views

CVE-2026-14050

Insufficient policy enforcement in Passwords in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to leak cross-origin data via a crafted HTML page. Chromium security severity: Low...

6.5CVSS0.00247EPSS
Exploits0References2
OSV
OSV
added 2026/06/30 11:17 p.m.2 views

DEBIAN-CVE-2026-14019

Inappropriate implementation in Passwords in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to leak cross-origin data via a crafted HTML page. Chromium security severity: Medium...

6.5CVSS5.8AI score0.00238EPSS
Exploits0References1
OSV
OSV
added 2026/06/30 11:16 p.m.2 views

DEBIAN-CVE-2026-13833

Uninitialized Use in ANGLE in Google Chrome on Mac prior to 150.0.7871.47 allowed a remote attacker to leak cross-origin data via a crafted HTML page. Chromium security severity: High...

6.5CVSS5.8AI score0.00289EPSS
Exploits0References1
Rows per page
Query Builder