Lucene search
K

437 matches found

BDU FSTEC
BDU FSTEC
added 2025/03/19 12:0 a.m.9 views

The vulnerability of the nft_mapelem_deactivate() function in the net/netfilter/nf_tables_api.c module of the netfilter component of the Linux operating system allows a hacker to trigger a service failure.

The vulnerability of the nftmapelemdeactivate function in the net/netfilter/nftablesapi.c module of the netfilter component of the Linux operating system is related to improper memory release. Exploiting this vulnerability could allow an attacker to cause a service failure...

7.5CVSS6.2AI score0.00262EPSS
Exploits0References15Affected Software2
RedHat Linux
RedHat Linux
added 2025/03/10 10:52 a.m.3 views

kernel: leds: trigger: Unregister sysfs attributes before calling deactivate()

leds in linux kernel permits calling sysfs attributes show/store functions after deactivate has been called...

7.8CVSS7.1AI score0.00249EPSS
Exploits0References5
SUSE CVE
SUSE CVE
added 2025/03/07 2:39 a.m.10 views

SUSE CVE-2024-58061

In the Linux kernel, the following vulnerability has been resolved: wifi: mac80211: prohibit deactivating all links In the internal API this calls this is a WARNON, but that should remain since internally we want to know about bugs that may cause this. Prevent deactivating all links in the debugf...

5.5CVSS7.7AI score0.0017EPSS
Exploits0References14
AstraLinux
AstraLinux
added 2025/02/06 4:28 p.m.3 views

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: netfilter: nftables: don't fail inserts if duplicate has expired nftables selftests fail: run-tests.sh testcases/sets/0044intervaloverlap0 Expected: 0-2 . 0-3, got: W: FAILED ./testcases/sets/0044intervaloverlap0: got 1 Insertion...

6.2CVSS7.8AI score0.00203EPSS
Exploits0References1
NVD
NVD
added 2025/02/05 10:15 a.m.13 views

CVE-2023-52925

In the Linux kernel, the following vulnerability has been resolved: netfilter: nftables: don't fail inserts if duplicate has expired nftables selftests fail: run-tests.sh testcases/sets/0044intervaloverlap0 Expected: 0-2 . 0-3, got: W: FAILED ./testcases/sets/0044intervaloverlap0: got 1 Insertion...

6.2CVSS0.00203EPSS
Exploits0References5
OSV
OSV
added 2025/02/01 4:15 a.m.6 views

CVE-2024-13651

The RapidLoad – Optimize Web Vitals Automatically plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the ajaxdeactivate function in all versions up to, and including, 2.4.4. This makes it possible for authenticated attackers, with...

4.3CVSS7.3AI score0.00281EPSS
Exploits0References2
CNNVD
CNNVD
added 2025/02/01 12:0 a.m.9 views

WordPress plugin RapidLoad 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security...

4.3CVSS8.6AI score0.00281EPSS
Exploits0References2
CVE
CVE
added 2025/01/14 7:5 a.m.130 views

CVE-2024-12006

CVE-2024-12006 concerns the W3 Total Cache WordPress plugin. The Red Hat advisory confirms the root cause: a missing capability check in multiple functions, affecting all versions up to and including 2.8.1. This flaw allows unauthenticated users to modify data by deactivating the plugin and by ac...

5.3CVSS5.2AI score0.00487EPSS
Exploits0References6Affected Software1
OSV
OSV
added 2025/01/08 9:15 a.m.4 views

CVE-2024-12855

The AdForest theme for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on several AJAX actions like 'sbremovead' in all versions up to, and including, 5.1.7. This makes it possible for authenticated attackers, with Subscriber-level access and above, ...

5.4CVSS5.8AI score0.00267EPSS
Exploits0References2
NVD
NVD
added 2025/01/02 12:15 p.m.7 views

CVE-2023-46188

Missing Authorization vulnerability in Jose Mortellaro Freesoul Deactivate Plugins – Plugin manager and cleanup allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Freesoul Deactivate Plugins – Plugin manager and cleanup: from n/a through 2.1.3...

4.3CVSS0.00411EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/01/02 11:59 a.m.9 views

CVE-2023-46188 WordPress Freesoul Deactivate Plugins plugin <= 2.1.3 - Broken Access Control vulnerability

Missing Authorization vulnerability in Jose Mortellaro Freesoul Deactivate Plugins – Plugin manager and cleanup allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Freesoul Deactivate Plugins – Plugin manager and cleanup: from n/a through 2.1.3...

4.3CVSS8.5AI score0.00411EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/01/02 11:59 a.m.17 views

CVE-2023-46188 WordPress Freesoul Deactivate Plugins plugin <= 2.1.3 - Broken Access Control vulnerability

Missing Authorization vulnerability in Jose Mortellaro Freesoul Deactivate Plugins – Plugin manager and cleanup allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Freesoul Deactivate Plugins – Plugin manager and cleanup: from n/a through 2.1.3...

4.3CVSS0.00411EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/01/02 12:0 a.m.4 views

WordPress plugin Freesoul Deactivate Plugins 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

4.3CVSS8.8AI score0.00411EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/01/02 12:0 a.m.7 views

PT-2025-1505 · Unknown · Freesoul Deactivate Plugins

Name of the Vulnerable Software and Affected Versions: Freesoul Deactivate Plugins – Plugin manager and cleanup versions 2.1.3 and earlier Description: The issue is related to a Missing Authorization vulnerability, which allows exploiting incorrectly configured access control security levels. Thi...

4.3CVSS9.4AI score0.00411EPSS
Exploits0References3
OSV
OSV
added 2024/12/14 7:15 a.m.3 views

CVE-2024-11713

The WP Job Portal – A Complete Recruitment System for Company or Job Board website plugin for WordPress is vulnerable to SQL Injection via the 'pageid' parameter of the wpjobportaldeactivate function in all versions up to, and including, 2.2.2 due to insufficient escaping on the user supplied...

4.9CVSS5.8AI score0.0046EPSS
Exploits0References3
CNNVD
CNNVD
added 2024/12/14 12:0 a.m.5 views

WordPress plugin WP Job Portal SQL注入漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A SQL injection...

4.9CVSS8.8AI score0.0046EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2024/12/14 12:0 a.m.4 views

PT-2024-17203 · WordPress · Wp Job Portal

Name of the Vulnerable Software and Affected Versions: WP Job Portal plugin for WordPress versions up to, and including, 2.2.2 Description: The issue is related to SQL Injection via the page id parameter of the wpjobportal deactivate function due to insufficient escaping on the user-supplied...

4.9CVSS7.8AI score0.0046EPSS
Exploits0References12
Positive Technologies
Positive Technologies
added 2024/11/15 12:0 a.m.4 views

PT-2024-16598 · WordPress · The Popup Box – Create Countdown

Name of the Vulnerable Software and Affected Versions: The Popup Box – Create Countdown, Coupon, Video, Contact Form Popups plugin for WordPress versions up to, and including, 4.9.7 Description: The issue is related to a missing capability check on the deactivate plugin option function, which...

5.3CVSS9.5AI score0.00378EPSS
Exploits0References8
CNNVD
CNNVD
added 2024/11/13 12:0 a.m.6 views

WordPress plugin Styler for Ninja Forms 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security...

6.5CVSS8.1AI score0.00398EPSS
Exploits0References3
Patchstack
Patchstack
added 2024/11/12 4:4 p.m.7 views

WordPress Styler for Ninja Forms plugin <= 3.3.4 - Authenticated (Subscriber+) Arbitrary Option Deletion via deactivate_license vulnerability

Authenticated Subscriber+ Arbitrary Option Deletion via deactivatelicense vulnerability discovered by Arkadiusz Hydzik in WordPress Plugin Styler for Ninja Forms versions = 3.3.4...

6.5CVSS7AI score0.00398EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder