CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

CNNVD•added 2025/11/06 12:0 a.m.•5 views

WordPress plugin AI ChatBot with ChatGPT and Content Generator by AYS 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A security vulnerabili...

7.5CVSS6.4AI score0.01165EPSS

Exploits0References1

Tenable Nessus•added 2025/11/06 12:0 a.m.•1 views

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-990463)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-990463 advisory. In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Avoid NULL dereference of timing generator Why & How Check whether assigned timi...

5.5CVSS5.9AI score0.0024EPSS

Tenable Nessus•added 2025/11/05 12:0 a.m.•1 views

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-990099)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-990099 advisory. In the Linux kernel, the following vulnerability has been resolved: crypto: qcom-rng - fix infinite loop on requests not multiple of WORDSZ The commit referenced in...

5.5CVSS5.6AI score0.00226EPSS

Tenable Nessus•added 2025/11/05 12:0 a.m.•2 views

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-989407)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-989407 advisory. In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Avoid NULL dereference of timing generator Why & How Check whether assigned timi...

5.5CVSS5.9AI score0.0024EPSS

Tenable Nessus•added 2025/11/05 12:0 a.m.•2 views

Unity Linux 20.1070e Security Update: kernel (UTSA-2025-989865)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-989865 advisory. In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Avoid NULL dereference of timing generator Why & How Check whether assigned timi...

5.5CVSS5.9AI score0.0024EPSS

Fedora•added 2025/11/03 1:7 a.m.•5 views

[SECURITY] Fedora 42 Update: openapi-python-client-0.26.2-4.fc42

The openapi-python-client is a powerful tool designed to generate modern Python clients from OpenAPI 3.0+ documents supporting both synchronous and asynchronous HTTP requests. It automates the creation of Python classes and methods that correspond to the endpoints and schema defined in your OpenA...

8.1CVSS6.9AI score0.00688EPSS

Exploits1

Fedora•added 2025/11/03 1:2 a.m.•6 views

[SECURITY] Fedora 41 Update: openapi-python-client-0.24.3-2.fc41

8.1CVSS6.9AI score0.00688EPSS

Exploits1

AstraLinux•added 2025/11/01 10:54 a.m.•3 views

Astra Linux – Vulnerability in pgagent

When batch jobs are executed by pgAgent, a script is created in a temporary directory and then executed. In versions of pgAgent prior to 4.2.3, an insufficiently seeded random number generator was used when generating the directory name, which allows a local attacker to pre-create the directory a...

7.1CVSS5.4AI score0.00171EPSS

EUVD•added 2025/11/01 3:30 a.m.•3 views

EUVD-2025-37408

The Privacy Policy Generator, Terms & Conditions Generator WordPress Plugin : WP Legal Pages plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the disconnectaccountrequest function in all versions up to, and including, 3.5.1. This makes i...

5.3CVSS4.7AI score0.00249EPSS

Exploits0References5

NVD•added 2025/11/01 2:15 a.m.•4 views

CVE-2025-11816

5.3CVSS0.00249EPSS

Cvelist•added 2025/11/01 1:47 a.m.•5 views

CVE-2025-11816 Privacy Policy Generator, Terms & Conditions Generator WordPress Plugin : WP Legal Pages <= 3.5.1 - Missing Authorization to Unauthenticated API Disconnect

5.3CVSS0.00249EPSS

CVE•added 2025/11/01 1:47 a.m.•19 views

CVE-2025-11816

CVE-2025-11816 concerns the WP Legal Pages (Privacy Policy Generator, Terms & Conditions Generator) WordPress plugin. Wordfence reports that all versions up to and including 3.5.1 are vulnerable due to a missing capability check in disconnect_account_request(), enabling unauthenticated attackers ...

5.3CVSS4.8AI score0.00249EPSS

Positive Technologies•added 2025/11/01 12:0 a.m.•2 views

PT-2025-44696

Name of the Vulnerable Software and Affected Versions WP Legal Pages versions prior to 3.5.2 Description The Privacy Policy Generator, Terms & Conditions Generator WordPress Plugin: WP Legal Pages is susceptible to unauthorized data modification. This is due to a missing capability check within t...

5.3CVSS6.3AI score0.00249EPSS

Exploits0References11

Mageia•added 2025/10/31 11:36 p.m.•6 views

Updated bind packages fix security vulnerabilities

Resource exhaustion via malformed DNSKEY handling CVE-2025-8677. Cache poisoning attacks with unsolicited RRs CVE-2025-40778. Cache poisoning due to weak PRNG CVE-2025-40780...

8.6CVSS7AI score0.1096EPSS

Exploits1References2

OSSF Malicious Packages•added 2025/10/30 5:38 p.m.•3 views

Malicious code in generator-epic-react (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b7ce6d820d3b2380b3b4cba48d41e31b26d0fc74dd18635e0e01ad7a94c8ba0f The package generator-epic-react was found to contain malicious code...

7AI score

EUVD•added 2025/10/30 5:38 p.m.•2 views

EUVD-2025-37069

Malicious code in generator-epic-react npm...

6.6AI score

OSV•added 2025/10/30 5:38 p.m.•2 views

MAL-2025-49224 Malicious code in generator-epic-react (npm)

7AI score