Lucene search
K

57 matches found

Microsoft Security Update
Microsoft Security Update
added 2 days ago4 views

2026-07 Security and Quality Rollup for .NET Framework 3.5, 4.6.2, 4.7, 4.7.1, 4.7.2, 4.8 for Windows Server 2012 R2 for x64 (KB5102205)

2026-07 Security and Quality Rollup for .NET Framework 3.5, 4.6.2, 4.7, 4.7.1, 4.7.2, 4.8 for Windows Server 2012 R2 for x64 KB5102205...

6.1AI score
Exploits0
CVE
CVE
added 2026/06/25 1:12 p.m.16 views

CVE-2026-57429

CVE-2026-57429 is associated with the WordPress plugin Slim SEO (versions ≤ 4.6.2). The vulnerability is described as Broken Access Control in the available connected documents (Patchstack listing and CVE records). Public details in the connected sources confirm the affected software/component an...

6.5CVSS5.8AI score0.00248EPSS
Exploits0References1
Patchstack
Patchstack
added 2026/06/25 8:14 a.m.6 views

WordPress Slim SEO plugin <= 4.6.2 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Abu Hurayra in WordPress Plugin Slim SEO versions = 4.6.2...

6.5CVSS5.8AI score0.00248EPSS
Exploits0Affected Software1
NVD
NVD
added 2026/05/22 2:16 p.m.8 views

CVE-2025-32747

Dell PowerFlex Manager, versions =4.6.2, contains an Incorrect Privilege Assignment vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Elevation of privileges...

7.8CVSS0.0009EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/05/22 1:52 p.m.24 views

CVE-2025-32751

Dell PowerFlex Manager, versions =4.6.2, contains an Insecure Storage of Sensitive Information vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to unauthorized access to sensitive information...

5.5CVSS0.00102EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/05/22 1:2 p.m.32 views

CVE-2025-32747

Dell PowerFlex Manager, versions =4.6.2, contains an Incorrect Privilege Assignment vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Elevation of privileges...

5.3CVSS0.0009EPSS
Exploits0References2
EUVD
EUVD
added 2026/05/14 2:48 p.m.9 views

EUVD-2026-30301

vCluster Platform provides a Kubernetes platform for managing virtual clusters, multi-tenancy, and cluster sharing. Prior to 4.4.3, 4.5.5, 4.6.2, 4.7.1, and 4.8.0, there is a Stored XSS attack vulnerability via the name field of a templateRef. This can lead to the execution of arbitrary external...

9CVSS6AI score0.00312EPSS
Exploits0References1
Microsoft KB
Microsoft KB
added 2026/05/12 12:0 a.m.22 views

May 12, 2026-Security and Quality Rollup for .NET Framework 3.5, 4.6.2, 4.7, 4.7.1, 4.7.2, 4.8 for Windows Server 2012 (KB5088860)

None None...

7.3CVSS7AI score0.00662EPSS
Exploits0
NVD
NVD
added 2026/03/07 6:16 a.m.15 views

CVE-2026-30828

Wallos is an open-source, self-hostable personal subscription tracker. Prior to version 4.6.2, the url parameter can be used to retrieve local system files. This issue has been patched in version 4.6.2...

8.7CVSS0.00533EPSS
Exploits1References3
Cvelist
Cvelist
added 2026/03/07 5:40 a.m.34 views

CVE-2026-30841 Wallos: Reflected XSS via unescaped token and email parameters in passwordreset.php

Wallos is an open-source, self-hostable personal subscription tracker. Prior to version 4.6.2, passwordreset.php outputs $GET"token" and $GET"email" directly into HTML input value attributes using and without calling htmlspecialchars. This allows reflected XSS by breaking out of the attribute...

6.9CVSS0.00283EPSS
Exploits1References3
EUVD
EUVD
added 2026/03/07 5:39 a.m.6 views

EUVD-2026-10120

Wallos is an open-source, self-hostable personal subscription tracker. Prior to version 4.6.2, there is a server-side request forgery vulnerability in notification testers. This issue has been patched in version 4.6.2...

8.8CVSS5.7AI score0.00497EPSS
Exploits1References3
Cvelist
Cvelist
added 2026/03/07 5:27 a.m.42 views

CVE-2026-30828 Wallos: SSRF via url parameter leading to File Traversal

Wallos is an open-source, self-hostable personal subscription tracker. Prior to version 4.6.2, the url parameter can be used to retrieve local system files. This issue has been patched in version 4.6.2...

8.7CVSS0.00533EPSS
Exploits1References3
ATTACKERKB
ATTACKERKB
added 2026/03/07 5:27 a.m.5 views

CVE-2026-30828

Wallos is an open-source, self-hostable personal subscription tracker. Prior to version 4.6.2, the url parameter can be used to retrieve local system files. This issue has been patched in version 4.6.2...

8.7CVSS5.7AI score0.00533EPSS
Exploits1References4Affected Software1
EUVD
EUVD
added 2026/03/07 5:27 a.m.7 views

EUVD-2026-10116

Wallos is an open-source, self-hostable personal subscription tracker. Prior to version 4.6.2, the url parameter can be used to retrieve local system files. This issue has been patched in version 4.6.2...

8.7CVSS5.7AI score0.00533EPSS
Exploits1References3
ATTACKERKB
ATTACKERKB
added 2026/01/14 8:23 p.m.6 views

CVE-2026-0961

BLF file parser crash in Wireshark 4.6.0 to 4.6.2 and 4.4.0 to 4.4.12 allows denial of service...

6.5CVSS5.6AI score0.00174EPSS
Exploits1References3Affected Software1
OSV
OSV
added 2025/12/05 12:0 a.m.5 views

OPENSUSE-SU-2025:15799-1 libwireshark19-4.6.2-1.1 on GA media

These are all security issues fixed in the libwireshark19-4.6.2-1.1 package on the GA media of openSUSE Tumbleweed...

5.5CVSS5.8AI score0.00132EPSS
Exploits2References2
Cvelist
Cvelist
added 2025/10/27 12:0 a.m.11 views

CVE-2025-54965

An XSS issue was discovered in BAE SOCET GXP before 4.6.0.2. The SOCET GXP Job Status Service does not properly sanitize the job ID parameter before using it in the job status page. An attacker who is able to social engineer a user into clicking a malicious link may be able to execute arbitrary...

0.00184EPSS
Exploits0References2
Microsoft KB
Microsoft KB
added 2025/10/14 12:0 a.m.11 views

October 14, 2025-Security Only Update for .NET Framework 3.5.1, 4.6.2, 4.7, 4.7.1, 4.7.2, 4.8 for Windows Server 2008 R2 SP1 (KB5066748)

None None...

8.8CVSS7AI score0.02262EPSS
Exploits0
CNNVD
CNNVD
added 2025/05/16 12:0 a.m.4 views

Flask App Builder 输入验证错误漏洞

Flask App Builder is a simple and fast application development framework by Daniel Vaz Gaspar Personal Developer. An input validation error vulnerability exists in Flask App Builder versions prior to 4.6.2, which stems from an unvalidated host header and could lead to an open redirect...

6.1CVSS6.3AI score0.00191EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2025/01/04 12:0 a.m.11 views

PT-2025-1800 · WordPress · Wp Social Autoconnect

Name of the Vulnerable Software and Affected Versions: WP Social AutoConnect plugin for WordPress versions up to, and including, 4.6.2 Description: The issue is due to missing or incorrect nonce validation on a function, making it possible for unauthenticated attackers to inject malicious web...

6.1CVSS9.4AI score0.00191EPSS
Exploits0References10
Rows per page
Query Builder