Lucene search
+L

854 matches found

Patchstack
Patchstack
added 2026/05/01 9:31 a.m.9 views

WordPress MapGeo – Interactive Geo Maps plugin <= 1.6.22 - Unauthenticated Reflected Cross-Site Scripting vulnerability

Unauthenticated Reflected Cross-Site Scripting vulnerability discovered by Asaf Mozes in WordPress Plugin Interactive Geo Maps versions = 1.6.22...

6.1CVSS5.8AI score0.00276EPSS
Exploits0References1Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/05/01 12:0 a.m.4 views

CVE-2026-37554

An issue was discovered in Vanetza V2X v26.02 allowing remote unauthorized attackers to cause a denial of service. The vulnerability exists in the GeoNetworking packet processing pipeline where OpenSSL exceptions from ECC point validation invalid compressed point, point not on curve are not...

7.5CVSS5.8AI score0.0035EPSS
Exploits0References5
EUVD
EUVD
added 2026/05/01 12:0 a.m.7 views

EUVD-2026-26671

An issue was discovered in Vanetza V2X v26.02 allowing remote unauthorized attackers to cause a denial of service. The vulnerability exists in the GeoNetworking packet processing pipeline where OpenSSL exceptions from ECC point validation invalid compressed point, point not on curve are not...

7.5CVSS5.8AI score0.0035EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2026/04/26 12:0 a.m.11 views

PT-2026-35277

Name of the Vulnerable Software and Affected Versions GeoVision GV-IP Device Utility version 9.0.5 Description Insufficient encryption in the Device Authentication functionality allows for the leakage of administrator credentials. When the utility sends privileged commands to devices over UDP...

9.3CVSS5.4AI score0.00186EPSS
Exploits0References14
RedhatCVE
RedhatCVE
added 2026/04/22 7:22 a.m.6 views

CVE-2026-3517

OS Command Injection Remote Code Execution Vulnerability in API in Progress ADC Products allows an authenticated attacker with “Geo Administration” permissions to execute arbitrary commands on the LoadMaster appliance by exploiting unsanitized input in the 'addcountry' command...

8.4CVSS6.2AI score0.18238EPSS
Exploits0References1
NVD
NVD
added 2026/04/20 2:16 p.m.8 views

CVE-2026-3517

OS Command Injection Remote Code Execution Vulnerability in API in Progress ADC Products allows an authenticated attacker with “Geo Administration” permissions to execute arbitrary commands on the LoadMaster appliance by exploiting unsanitized input in the 'addcountry' command...

8.4CVSS0.18238EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/04/20 1:22 p.m.5 views

CVE-2026-3517 OS Command Injection Remote Code Execution Vulnerability in Progress LoadMaster, ECS Connection Manager, Object Scale Connection Manager & MOVEit WAF

OS Command Injection Remote Code Execution Vulnerability in API in Progress ADC Products allows an authenticated attacker with “Geo Administration” permissions to execute arbitrary commands on the LoadMaster appliance by exploiting unsanitized input in the 'addcountry' command...

8.4CVSS6.4AI score0.18238EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/04/20 1:22 p.m.9 views

CVE-2026-3517

OS Command Injection Remote Code Execution Vulnerability in API in Progress ADC Products allows an authenticated attacker with “Geo Administration” permissions to execute arbitrary commands on the LoadMaster appliance by exploiting unsanitized input in the 'addcountry' command...

9.3CVSS6.2AI score0.18238EPSS
Exploits4References2Affected Software4
Cvelist
Cvelist
added 2026/04/20 1:22 p.m.138 views

CVE-2026-3517 OS Command Injection Remote Code Execution Vulnerability in Progress LoadMaster, ECS Connection Manager, Object Scale Connection Manager & MOVEit WAF

OS Command Injection Remote Code Execution Vulnerability in API in Progress ADC Products allows an authenticated attacker with “Geo Administration” permissions to execute arbitrary commands on the LoadMaster appliance by exploiting unsanitized input in the 'addcountry' command...

8.4CVSS0.18238EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/04/20 12:0 a.m.10 views

Progress LoadMaster 安全漏洞

Progress LoadMaster is a high-performance application delivery controller ADC and load balancer developed by the American company Progress. There is a security vulnerability in Progress LoadMaster, which stems from uncleaned input for the addcountry command. This vulnerability could allow...

8.4CVSS7.6AI score0.18238EPSS
Exploits0References2
Patchstack
Patchstack
added 2026/04/16 11:53 a.m.11 views

WordPress Events Calendar for GeoDirectory plugin <= 2.3.25 - PHP Object Injection vulnerability

PHP Object Injection vulnerability discovered by daroo in WordPress Plugin Events Calendar for GeoDirectory versions = 2.3.25...

5.8AI score0.00344EPSS
Exploits0Affected Software1
RedhatCVE
RedhatCVE
added 2026/04/13 7:25 p.m.5 views

CVE-2026-39697

Missing Authorization vulnerability in HBSS Technologies MAIO – The new AI GEO / SEO tool maio-the-new-ai-geo-seo-tool allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects MAIO – The new AI GEO / SEO tool: from n/a through = 6.2.8...

5.3CVSS5.1AI score0.00176EPSS
Exploits0References1
EUVD
EUVD
added 2026/04/10 9:31 p.m.7 views

EUVD-2026-21579

GeoNode versions 4.0 before 4.4.5 and 5.0 before 5.0.2 contain a server-side request forgery vulnerability that allows authenticated users with document upload permissions to trigger arbitrary outbound HTTP requests by providing a malicious URL via the docurl parameter during document upload...

5.3CVSS5.9AI score0.00222EPSS
Exploits0References4
OSV
OSV
added 2026/04/10 7:52 p.m.5 views

CVE-2026-39921 GeoNode < 4.4.5, 5.0.2 SSRF via Document Upload

GeoNode versions 4.0 before 4.4.5 and 5.0 before 5.0.2 contain a server-side request forgery vulnerability that allows authenticated users with document upload permissions to trigger arbitrary outbound HTTP requests by providing a malicious URL via the docurl parameter during document upload...

5.3CVSS6.1AI score0.00222EPSS
Exploits0References9
Positive Technologies
Positive Technologies
added 2026/04/10 12:0 a.m.11 views

PT-2026-32033

GeoNode versions 4.0 before 4.4.5 and 5.0 before 5.0.2 contain a server-side request forgery vulnerability that allows authenticated users with document upload permissions to trigger arbitrary outbound HTTP requests by providing a malicious URL via the doc url parameter during document upload...

5.3CVSS5.9AI score0.00222EPSS
Exploits0References4
EUVD
EUVD
added 2026/04/08 9:31 a.m.3 views

EUVD-2026-20394

Missing Authorization vulnerability in HBSS Technologies MAIO The new AI GEO / SEO tool maio-the-new-ai-geo-seo-tool allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects MAIO The new AI GEO / SEO tool: from n/a through = 6.2.8...

5.9AI score0.00176EPSS
Exploits0References2
NVD
NVD
added 2026/04/08 9:16 a.m.6 views

CVE-2026-39697

Missing Authorization vulnerability in HBSS Technologies MAIO – The new AI GEO / SEO tool maio-the-new-ai-geo-seo-tool allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects MAIO – The new AI GEO / SEO tool: from n/a through = 6.2.8...

5.3CVSS0.00176EPSS
Exploits0References1
CVE
CVE
added 2026/04/08 8:30 a.m.13 views

CVE-2026-39697

CVE-2026-39697 affects the WordPress plugin MAIO – The new AI GEO / SEO tool by HBSS Technologies, version range n/a through 6.2.8. The root cause is missing/incorrectly configured access control (broken access control) allowing unauthorized access due to insufficient authorization checks. Public...

5.3CVSS5.1AI score0.00176EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/04/08 12:0 a.m.11 views

WordPress plugin MAIO – The new AI GEO / SEO tool 安全漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...

5.3CVSS5.8AI score0.00176EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/03/26 3:16 p.m.8 views

CVE-2026-32368

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in delphiknight Geo to Lat geo-to-lat allows Blind SQL Injection.This issue affects Geo to Lat: from n/a through = 1.0.19...

8.5CVSS5.9AI score0.00228EPSS
Exploits0References1
Rows per page
Query Builder