Lucene search
K

846 matches found

Patchstack
Patchstack
added 2026/06/03 8:47 a.m.10 views

WordPress Geo Mashup plugin <= 1.13.19 - SQL Injection vulnerability

SQL Injection vulnerability discovered by Baikuya in WordPress Plugin Geo Mashup versions = 1.13.19...

8.5CVSS5.7AI score0.00332EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2026/06/02 8:12 a.m.15 views

WordPress GEO my WP plugin <= 4.5.5 - Unauthenticated SQL Injection vulnerability

Unauthenticated SQL Injection vulnerability discovered by Naoya Takahashi nakko in WordPress Plugin GEO my WordPress versions = 4.5.5...

7.5CVSS5.9AI score0.00344EPSS
Exploits0References1Affected Software1
OSV
OSV
added 2026/06/02 2:56 a.m.15 views

MAL-2026-5151 Malicious code in parsimonius (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 a5ab85a46a37da928774b1885049b71d40d675c54683b13711f4e371d932394a Clone of a legitimate package with an added RAT running through a Telegram bot. It can e.g. exfiltrate env variables and execute remote commands. The malicious...

6AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/02 2:56 a.m.15 views

Malicious code in parsimonius (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 a5ab85a46a37da928774b1885049b71d40d675c54683b13711f4e371d932394a Clone of a legitimate package with an added RAT running through a Telegram bot. It can e.g. exfiltrate env variables and execute remote commands. The malicious...

6AI score
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/05/30 9:28 a.m.10 views

CVE-2026-9757

The GEO my WP plugin for WordPress is vulnerable to SQL Injection via the 'swlatlng' and 'nelatlng' parameters in all versions up to, and including, 4.5.5 The parameters are read from $SERVER'QUERYSTRING' via parsestr bypassing WordPress's wpmagicquotes protection, which only covers...

7.5CVSS5.8AI score0.00344EPSS
Exploits0References9
Vulnrichment
Vulnrichment
added 2026/05/30 9:28 a.m.10 views

CVE-2026-9757 GEO my WP <= 4.5.5 - Unauthenticated SQL Injection via 'swlatlng' / 'nelatlng' Parameters

The GEO my WP plugin for WordPress is vulnerable to SQL Injection via the 'swlatlng' and 'nelatlng' parameters in all versions up to, and including, 4.5.5 The parameters are read from $SERVER'QUERYSTRING' via parsestr bypassing WordPress's wpmagicquotes protection, which only covers...

7.5CVSS5.8AI score0.00344EPSS
Exploits0References8
Cvelist
Cvelist
added 2026/05/30 9:28 a.m.47 views

CVE-2026-9757 GEO my WP <= 4.5.5 - Unauthenticated SQL Injection via 'swlatlng' / 'nelatlng' Parameters

The GEO my WP plugin for WordPress is vulnerable to SQL Injection via the 'swlatlng' and 'nelatlng' parameters in all versions up to, and including, 4.5.5 The parameters are read from $SERVER'QUERYSTRING' via parsestr bypassing WordPress's wpmagicquotes protection, which only covers...

7.5CVSS0.00344EPSS
Exploits0References8
Microsoft CVE
Microsoft CVE
added 2026/05/29 8:4 a.m.9 views

md/raid10: fix divide-by-zero in setup_geo() with zero far_copies

...

5.5CVSS5.4AI score0.00128EPSS
Exploits0
SUSE CVE
SUSE CVE
added 2026/05/29 1:16 a.m.17 views

SUSE CVE-2026-46161

In the Linux kernel, the following vulnerability has been resolved: md/raid10: fix divide-by-zero in setupgeo with zero farcopies setupgeo extracts nearcopies nc and farcopies fc from the user-provided layout parameter without checking for zero. When fc=0 with the "improved" far set layout...

5.5CVSS5.8AI score0.00128EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2026/05/29 12:0 a.m.12 views

Linux Distros Unpatched Vulnerability : CVE-2026-46161

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - md/raid10: fix divide-by-zero in setupgeo with zero farcopies setupgeo extracts nearcopies nc and farcopies fc from the user-provided layout parameter without...

5.5CVSS6AI score0.00128EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2026/05/28 9:11 p.m.16 views

CVE-2026-46161

A flaw was found in the Linux kernel's md/raid10 module. This vulnerability allows a local user to trigger a divide-by-zero error within the setupgeo function by supplying a malformed layout parameter where the farcopies value is set to zero. Successful exploitation of this flaw can lead to a...

5.5CVSS5.8AI score0.00128EPSS
Exploits0References4
NVD
NVD
added 2026/05/28 10:16 a.m.12 views

CVE-2026-46161

In the Linux kernel, the following vulnerability has been resolved: md/raid10: fix divide-by-zero in setupgeo with zero farcopies setupgeo extracts nearcopies nc and farcopies fc from the user-provided layout parameter without checking for zero. When fc=0 with the "improved" far set layout...

5.5CVSS0.00128EPSS
Exploits0References8
OSV
OSV
added 2026/05/28 10:16 a.m.5 views

UBUNTU-CVE-2026-46161

In the Linux kernel, the following vulnerability has been resolved: md/raid10: fix divide-by-zero in setupgeo with zero farcopies setupgeo extracts nearcopies nc and farcopies fc from the user-provided layout parameter without checking for zero. When fc=0 with the "improved" far set layout...

5.5CVSS5.7AI score0.00128EPSS
Exploits0References8
Cvelist
Cvelist
added 2026/05/28 9:36 a.m.34 views

CVE-2026-46161 md/raid10: fix divide-by-zero in setup_geo() with zero far_copies

In the Linux kernel, the following vulnerability has been resolved: md/raid10: fix divide-by-zero in setupgeo with zero farcopies setupgeo extracts nearcopies nc and farcopies fc from the user-provided layout parameter without checking for zero. When fc=0 with the "improved" far set layout...

0.00128EPSS
Exploits0References8
ATTACKERKB
ATTACKERKB
added 2026/05/28 9:36 a.m.11 views

CVE-2026-46161

In the Linux kernel, the following vulnerability has been resolved: md/raid10: fix divide-by-zero in setupgeo with zero farcopies setupgeo extracts nearcopies nc and farcopies fc from the user-provided layout parameter without checking for zero. When fc=0 with the "improved" far set layout...

5.7AI score0.00128EPSS
Exploits0References9Affected Software1
EUVD
EUVD
added 2026/05/28 9:36 a.m.10 views

EUVD-2026-32788

In the Linux kernel, the following vulnerability has been resolved: md/raid10: fix divide-by-zero in setupgeo with zero farcopies setupgeo extracts nearcopies nc and farcopies fc from the user-provided layout parameter without checking for zero. When fc=0 with the "improved" far set layout...

5.8AI score0.00128EPSS
Exploits0References5
CVE
CVE
added 2026/05/28 9:36 a.m.30 views

CVE-2026-46161

CVE-2026-46161 affects the Linux kernel md/raid10 code: setup_geo() may divide by zero when fc (far copies) is 0, since it derives geo-&gt;far_set_size from disks/fc without validating zero. The fix validates nc and fc after extraction and returns -1 if either is zero. Connected OSV entries show ...

5.5CVSS5.8AI score0.00128EPSS
Exploits0References8Affected Software1
Debian CVE
Debian CVE
added 2026/05/28 9:36 a.m.8 views

CVE-2026-46161

In the Linux kernel, the following vulnerability has been resolved: md/raid10: fix divide-by-zero in setupgeo with zero farcopies setupgeo extracts nearcopies nc and farcopies fc from the user-provided layout parameter without checking for zero. When fc=0 with the "improved" far set layout...

5.5CVSS5.7AI score0.00128EPSS
Exploits0
NVD
NVD
added 2026/05/28 8:16 a.m.15 views

CVE-2026-7552

The Geo Mashup plugin for WordPress is vulnerable to authorization bypass in all versions up to, and including, 1.13.19. This is due to the plugin not properly verifying that a user is authorized to perform an action. This makes it possible for unauthenticated attackers to expose sensitive plugin...

5.3CVSS0.00333EPSS
Exploits0References11
Patchstack
Patchstack
added 2026/05/28 7:29 a.m.16 views

WordPress GEO my WP plugin <= 4.5.4 - Unauthenticated SQL Injection vulnerability

Unauthenticated SQL Injection vulnerability discovered by ? in WordPress Plugin GEO my WordPress versions = 4.5.4...

5.9AI score
Exploits0References1Affected Software1
Rows per page
Query Builder