Lucene search
K

13 matches found

NVD
NVD
added 2026/06/17 10:54 a.m.5 views

CVE-2026-46916

Vulnerability in the Oracle Process Manufacturing Product Development product of Oracle E-Business Suite component: Quality Management Specs. Supported versions that are affected are 12.2.3-12.2.15. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to...

8.8CVSS0.00301EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/07 7:0 a.m.36 views

CVE-2026-11455 FoundationAgents MetaGPT common.py check_cmd_exists command injection

A vulnerability was determined in FoundationAgents MetaGPT up to 0.8.2. Affected by this issue is the function checkcmdexists of the file metagpt/utils/common.py. This manipulation of the argument mermaid.path causes command injection. The attack may be initiated remotely. A high degree of...

5CVSS0.00936EPSS
Exploits0References7
IBM Security Bulletins
IBM Security Bulletins
added 2026/05/05 4:38 p.m.8 views

Security Bulletin: Vulnerability in IBM's Common Cryptographic Architecture (CCA) (CVE-2025-13375)

Summary IBM Common Cryptographic Architecture CCA is used to interface with the IBM Hardware Security Module HSM. A security vulnerability exists that has a high confidentiality, integrity and availability impact on card and consuming applications. Vulnerability Details CVEID:CVE-2025-13375...

9.8CVSS6.1AI score0.00506EPSS
Exploits0Affected Software3
Positive Technologies
Positive Technologies
added 2026/04/01 12:0 a.m.4 views

PT-2026-29559

A vulnerability in the web-based management interface of Cisco IMC could allow an authenticated, remote attacker with admin-level privileges to perform command injection attacks on an affected system and execute arbitrary commands as the root user. This vulnerability is due to improper validation...

6.5CVSS6.1AI score0.00719EPSS
Exploits0References4
UbuntuCve
UbuntuCve
added 2026/01/20 10:16 p.m.5 views

CVE-2026-21990

Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization component: Core. Supported versions that are affected are 7.1.14 and 7.2.4. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromis...

8.2CVSS7AI score0.00196EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2018-14330

Malware in sbrugna...

8.5CVSS8.6AI score0.01348EPSS
Exploits0References6
Vulnrichment
Vulnrichment
added 2025/04/25 3:4 p.m.36 views

CVE-2025-32432 Craft CMS Allows Remote Code Execution

Craft is a flexible, user-friendly CMS for creating custom digital experiences on the web and beyond. Starting from version 3.0.0-RC1 to before 3.9.15, 4.0.0-RC1 to before 4.14.15, and 5.0.0-RC1 to before 5.6.17, Craft is vulnerable to remote code execution. This is a high-impact, low-complexity...

10CVSS9.9AI score0.99803EPSS
Exploits14References5
Exploit DB
Exploit DB
added 2025/04/11 12:0 a.m.266 views

LearnPress WordPress LMS Plugin 4.2.7 - SQL Injection

Exploit Title: LearnPress WordPress LMS Plugin 4.2.7 - SQL Injection Google Dork: inurl:"/wp-json/learnpress/v1/" OR inurl:"/wp-content/plugins/learnpress/" OR "powered by LearnPress" AND "version 4.2.7" Date: Current Date, e.g., October 30, 2024 Exploit Author: Your Name or Username Vendor...

10CVSS9.6AI score0.61355EPSS
Exploits6
Circl
Circl
added 2024/12/06 4:4 p.m.6 views

GHSA-GPF4-VRRW-R8V7

creationtimestamp| type| source ---|---|--- 2024-12-06 16:04:44+00:00| seen| https://infosec.exchange/users/cve/statuses/113606727044472926...

7.2AI score
Exploits0References1
OSV
OSV
added 2024/11/01 9:39 p.m.12 views

GHSA-CWGG-57XJ-G77R changedetection.io Path Traversal

Summary When a WebDriver is used to fetch files source:file:///etc/passwd can be used to retrieve local system files, where the more traditional file:///etc/passwd gets blocked Details The root cause is the payload source:file:///etc/passwdpasses the regex here and also passes the check here wher...

6.9CVSS6.1AI score0.0229EPSS
Exploits0References6
NCSC
NCSC
added 2022/10/18 12:0 a.m.4 views

Vulnerabilities fixed in Mozilla Firefox and Firefox ESR

Mozilla has fixed several vulnerabilities in Firefox and Firefox ESR. A malicious party could potentially exploit the vulnerabilities to collect system data or cause a denial-of-service. To the vulnerability with attribute CVE-2022-42928, Mozilla assigns the impact 'High' and could lead to memory...

8.8CVSS7.1AI score0.0083EPSS
Exploits0
Packet Storm
Packet Storm
added 2008/03/26 12:0 a.m.84 views

linksys-bypass.txt

regurgitated by: meathive url: kinqpinz.info ; Tue, 05 Feb 2008 07:51:41 -0700 CVE-2008-1247 WRT54G firmware version: v1.00.9 Default LAN IP: 192.168.1.1 Default auth: user:blank - pass:admin Authorization: Basic OmFkbWlu php print base64decode"OmFkbWlu"; :admin https://kinqpinz.info/lib/wrt54g/...

10CVSS6.5AI score0.05164EPSS
Exploits10
securityvulns
securityvulns
added 2002/04/22 12:0 a.m.31 views

[UNIX] Suid Application Execution May Give Local Root

The following security advisory is sent to the securiteam mailing list, and can be found at the SecuriTeam web site: http://www.securiteam.com - - promotion When was the last time you checked your server's security? How about a monthly report? http://www.AutomatedScanning.com - Know that you're...

7.4AI score
Exploits0
Rows per page
Query Builder