Lucene search
K

11 matches found

Cvelist
Cvelist
added 5 days ago33 views

CVE-2026-55886 Jodit Editor: Prototype Pollution in Jodit via Jodit.modules.Helpers.set()

Jodit Editor is a WYSIWYG editor with written in pure TypeScript file and image editing capabilities. Versions prior to 4.12.26 are vulnerable to Prototype Pollution through Jodit.modules.Helpers.setchain, value, obj, which walks the dot-separated chain, creating and following each path segment...

6.3CVSS0.00315EPSS
Exploits0References1
CVE
CVE
added 2026/06/16 9:0 a.m.13 views

CVE-2025-68045

CVE-2025-68045 concerns the WordPress WP Event Solution plugin, affected versions

7.5CVSS5.1AI score0.00232EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/04/09 12:0 a.m.7 views

Joomla VirtueMart Shopping-Cart 跨站脚本漏洞

Joomla VirtueMart Shopping-Cart is an open-source e-commerce shopping cart and online store management extension for VirtueMart. Version 4.0.12 of Joomla VirtueMart Shopping-Cart contains a cross-site scripting vulnerability, which stems from improper handling of the keyword parameter. This...

6.1CVSS5.6AI score0.00194EPSS
Exploits0References4
Github Security Blog
Github Security Blog
added 2026/03/04 10:51 p.m.5 views

ZITADEL: Login V2 UI Policy Bypass Allows Unauthorized Self-Registration and Authentication

Summary A vulnerability in Zitadel's login V2 UI allowed users to bypass login behavior and security policies and self-register new accounts or sign in using password even if corresponding options were disabled in their organizaton. Impact Zitadel enables administrators to configure their...

8.2CVSS5.9AI score0.00312EPSS
Exploits0References4Affected Software2
Cvelist
Cvelist
added 2025/12/11 12:21 a.m.30 views

CVE-2025-67716 Auth0 Next.js SDK has Improper Validation of Query Parameters

The Auth0 Next.js SDK is a library for implementing user authentication in Next.js applications. Versions 4.9.0 through 4.12.1 contain an input-validation flaw in the returnTo parameter, which could allow attackers to inject unintended OAuth query parameters into the Auth0 authorization request...

5.7CVSS0.00226EPSS
Exploits0References2
OSV
OSV
added 2024/02/02 8:15 a.m.6 views

CVE-2021-22281

: Relative Path Traversal vulnerability in B&R Industrial Automation Automation Studio allows Relative Path Traversal.This issue affects Automation Studio: from 4.0 through 4.12...

7.5CVSS5.8AI score0.00376EPSS
Exploits0References1
OSV
OSV
added 2023/11/18 10:15 p.m.2 views

CVE-2023-47551

Cross-Site Request Forgery CSRF vulnerability in RedNao Donations Made Easy – Smart Donations.This issue affects Donations Made Easy – Smart Donations: from n/a through 4.0.12...

8.8CVSS7.3AI score0.00286EPSS
Exploits0References1
NCSC
NCSC
added 2021/02/18 12:0 a.m.5 views

Vulnerability fixed in Xen

The developers of the Xen hypervisor have fixed a vulnerability fixed. A local malicious party within a guest system could potentially exploit the vulnerability potentially exploit it to cause a denial-of-service cause on the host or to obtain elevated privileges. Versions of Xen equal to or high...

6.5AI score
Exploits0
OSV
OSV
added 2020/06/29 6:20 p.m.5 views

OPENSUSE-SU-2020:0914-1 Security update for squid

This update for squid fixes the following issues: squid was updated to version 4.12 Security issue fixed: - CVE-2020-14059: Fixed an issue where a client could potentially deny the service of a server during TLS Handshake bsc1173304. Other issues addressed: - Reverted to slow search for new SMP s...

6.5CVSS7.2AI score0.04408EPSS
Exploits0References3
CNVD
CNVD
added 2019/12/12 12:0 a.m.4 views

Xen Denial of Service Vulnerability (CNVD-2020-07294)

Xen is an open source virtual machine monitor product. A denial of service vulnerability exists in Xen 4.12. and earlier versions. The vulnerability stems from improper handling of certain bit iterations. An attacker could exploit this vulnerability to cause a denial of service...

6.5CVSS8.6AI score0.00378EPSS
Exploits0References1
OSV
OSV
added 2017/01/10 3:59 p.m.4 views

UBUNTU-CVE-2016-6830

The "process-execute" and "process-spawn" procedures in CHICKEN Scheme used fixed-size buffers for holding the arguments and environment variables to use in its execve call. This would allow user-supplied argument/environment variable lists to trigger a buffer overrun. This affects all releases o...

9.8CVSS7.4AI score0.02148EPSS
Exploits0References4
Rows per page
Query Builder