Lucene search
K

295 matches found

Tenable Nessus
Tenable Nessus
added 2025/10/07 12:0 a.m.3 views

Unity Linux 20.1070e Security Update: kernel (UTSA-2025-987104)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-987104 advisory. In the Linux kernel, the following vulnerability has been resolved: nfp: flower: Fix a potential leak in nfptunneladdsharedmac idasimpleget returns an id between min...

5.5CVSS6AI score0.0021EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2025/10/07 12:0 a.m.1 views

Unity Linux 20.1070e Security Update: kernel (UTSA-2025-987205)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-987205 advisory. In the Linux kernel, the following vulnerability has been resolved: net: sched: flower: protect flwalk with rcu Patch that refactored flwalk to use...

7.8CVSS5.9AI score0.00244EPSS
Exploits0References4
EUVD
EUVD
added 2025/10/03 8:7 p.m.15 views

EUVD-2022-24456

Malicious code in bioql PyPI...

4.8CVSS5AI score0.00552EPSS
Exploits2References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2023-39785

Malicious code in bioql PyPI...

7.8CVSS6.8AI score0.00532EPSS
Exploits1References10
Tenable Nessus
Tenable Nessus
added 2025/09/10 12:0 a.m.3 views

Linux Distros Unpatched Vulnerability : CVE-2022-30034

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Flower, a web UI for the Celery Python RPC framework, all versions as of 05-02-2022 is vulnerable to an OAuth authentication bypass. An attacker could then acce...

8.6CVSS7.8AI score0.01339EPSS
Exploits1References2
Microsoft CVE
Microsoft CVE
added 2025/09/04 12:13 a.m.4 views

net/sched: flower: Fix chain template offload

...

7.1CVSS7AI score0.00238EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2025/08/10 12:0 a.m.3 views

Linux Distros Unpatched Vulnerability : CVE-2021-47402

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: net: sched: flower: protect flwalk with rcu Patch that refactored flwalk to use...

7.8CVSS6.2AI score0.00244EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/08/08 12:0 a.m.3 views

Linux Distros Unpatched Vulnerability : CVE-2023-35788

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in flsetgeneveopt in net/sched/clsflower.c in the Linux kernel before 6.3.7. It allows an out-of-bounds write in the flower classifier...

7.8CVSS6.8AI score0.00532EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2025/08/07 12:0 a.m.2 views

Linux Distros Unpatched Vulnerability : CVE-2021-47592

"The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: net: stmmac: fix tc flower deletion for VLAN priority Rx steering To replicate the issue:- ...

5.5CVSS5.6AI score0.00208EPSS
Exploits0References2
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/07/31 7:14 p.m.5 views

Malicious code in celery-flower (PyPI)

--- -= Per source details. Do not edit below this line.=-...

7AI score
Exploits0
OSV
OSV
added 2025/07/31 7:14 p.m.5 views

MAL-2025-6475 Malicious code in celery-flower (PyPI)

--- -= Per source details. Do not edit below this line.=-...

7.1AI score
Exploits0
RedHat Linux
RedHat Linux
added 2025/06/25 12:46 a.m.4 views

kernel: net/sched: flower: Fix chain template offload

In the Linux kernel, the following vulnerability has been resolved: net/sched: flower: Fix chain template offload The Linux kernel CVE team has assigned CVE-2024-26669 to this issue. Upstream advisory: https://lore.kernel.org/linux-cve-announce/2024040237-CVE-2024-26669-ca3c@gregkh/T...

7.1CVSS6.7AI score0.00238EPSS
Exploits0References5
RedhatCVE
RedhatCVE
added 2025/05/23 1:18 a.m.9 views

CVE-2022-30034

Flower, a web UI for the Celery Python RPC framework, all versions as of 05-02-2022 is vulnerable to an OAuth authentication bypass. An attacker could then access the Flower API to discover and invoke arbitrary Celery RPC calls or deny service by shutting down Celery task nodes...

8.6CVSS7.1AI score0.01339EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/22 8:18 a.m.6 views

CVE-2019-16926

Flower 0.9.3 has XSS via a crafted worker name. NOTE: The project author stated that he doesn't think this is a valid vulnerability. Worker name and task name aren’t user facing configuration options. They are internal backend config options and person having rights to change them already has ful...

6.1CVSS5.7AI score0.00818EPSS
Exploits1References1
NVD
NVD
added 2024/12/04 8:15 a.m.10 views

CVE-2024-11769

The Flower Delivery by Florist One plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'flower-delivery' shortcode in all versions up to, and including, 3.9 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possibl...

6.4CVSS0.0026EPSS
Exploits0References2
CVE
CVE
added 2024/12/04 7:32 a.m.51 views

CVE-2024-11769

CVE-2024-11769 – Flower Delivery by Florist One (WordPress) has a stored XSS vulnerability in the Flower Delivery shortcode (flower-delivery). According to connected sources, all versions up to and including 3.9 are affected due to insufficient input sanitization and output escaping on user-suppl...

6.4CVSS5.8AI score0.0026EPSS
Exploits0References2
Cvelist
Cvelist
added 2024/12/04 7:32 a.m.15 views

CVE-2024-11769 Flower Delivery by Florist One <= 3.9 - Authenticated (Contributor+) Stored Cross-Site Scripting

The Flower Delivery by Florist One plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'flower-delivery' shortcode in all versions up to, and including, 3.9 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possibl...

6.4CVSS0.0026EPSS
Exploits0References2
CNNVD
CNNVD
added 2024/12/04 12:0 a.m.4 views

WordPress plugin Flower Delivery by Florist One 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation. WordPress is a blogging platform developed in the PHP language. WordPress plugin is an application plugin that supports personal blogs on PHP and MySQL servers. A cross-site scripting vulnerability exists in WordPress...

6.4CVSS7.4AI score0.0026EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2024/12/04 12:0 a.m.4 views

PT-2024-17245 · WordPress · The Flower Delivery By Florist One

Name of the Vulnerable Software and Affected Versions: Flower Delivery by Florist One plugin for WordPress versions up to and including 3.9 Description: The issue is related to Stored Cross-Site Scripting via the plugin's 'flower-delivery' shortcode due to insufficient input sanitization and outp...

6.4CVSS6.1AI score0.0026EPSS
Exploits0References5
Patchstack
Patchstack
added 2024/12/03 10:1 p.m.3 views

WordPress Flower Delivery by Florist One plugin <= 3.9 - Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting vulnerability discovered by zaim in WordPress Plugin Flower Delivery by Florist One versions = 3.9...

6.4CVSS5.7AI score0.0026EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder