Lucene search
K

383 matches found

CNNVD
CNNVD
added 2026/02/09 12:0 a.m.9 views

PlaciPy 安全漏洞

PlaciPy is an open-source employment management system developed by Praskla Technology. It aims to simplify the employment processes for students, trainers, and administrators in educational institutions. Version 1.0.0 of PlaciPy contains a security vulnerability. This vulnerability arises from t...

6.5CVSS5.8AI score0.00212EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/02/09 12:0 a.m.11 views

PlaciPy 安全漏洞

PlaciPy is an open-source employment management system developed by Praskla Technology. It aims to simplify the employment processes for students, trainers, and administrators in educational institutions. Version 1.0.0 of PlaciPy contains a security vulnerability. This vulnerability stems from th...

9.1CVSS5.8AI score0.00246EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/02/09 12:0 a.m.8 views

PlaciPy 安全漏洞

PlaciPy is an open-source employment management system developed by Praskla Technology. It aims to simplify the employment processes for students, trainers, and managers in educational institutions. Version 1.0.0 of PlaciPy contains a security vulnerability. This vulnerability stems from the...

9.1CVSS5.8AI score0.00246EPSS
Exploits0References1
EUVD
EUVD
added 2026/02/08 12:30 a.m.6 views

EUVD-2026-5713

macrozheng mall version 1.0.3 and prior contains an authentication vulnerability in the mall-portal password reset workflow that allows an unauthenticated attacker to reset arbitrary user account passwords using only a victim’s telephone number. The password reset flow exposes the one-time passwo...

9.3CVSS5.7AI score0.00615EPSS
Exploits0References4
Wired Threat Level
Wired Threat Level
added 2026/02/05 8:28 p.m.4 views

ICE and CBP’s Face-Recognition App Can’t Actually Verify Who People Are

ICE has used Mobile Fortify to identify immigrants and citizens alike over 100,000 times, by one estimate. It wasn't built to work like that—and only got approved after DHS abandoned its own privacy rules...

5.4AI score
Exploits0
CNNVD
CNNVD
added 2026/01/27 12:0 a.m.10 views

TP-Link Tapo C220 and TP-Link Tapo C520WS have security vulnerabilities

Both the TP-Link Tapo C220 and TP-Link Tapo C520WS are WiFi cameras produced by the Chinese company TP-Link. The TP-Link Tapo C220 v1 and TP-Link Tapo C520WS v2 have security vulnerabilities. These vulnerabilities stem from the fact that firmware updates terminate core services without verifying...

7.5CVSS5.8AI score0.00577EPSS
Exploits0References6
NVD
NVD
added 2026/01/26 10:15 p.m.7 views

CVE-2026-22696

dcap-qvl implements the quote verification logic for DCAP Data Center Attestation Primitives. A vulnerability present in versions prior to 0.3.9 involves a critical gap in the cryptographic verification process within the dcap-qvl. The library fetches QE Identity collateral including qeidentity,...

9.3CVSS0.00208EPSS
Exploits0References1
CVE
CVE
added 2026/01/26 9:28 p.m.15 views

CVE-2026-22696

CVE-2026-22696 concerns the dcap-qvl library used for SGX/TDX quote verification. The issue is a gap in cryptographic verification where QE Identity collateral is fetched from PCCS but the QE Identity signature is not verified against its certificate chain, and QE Report policy checks are not enf...

9.3CVSS5.9AI score0.00208EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/07 9:11 a.m.8 views

CVE-2025-1564

The SetSail Membership plugin for WordPress is vulnerable to in all versions up to, and including, 1.0.3. This is due to the plugin not properly verifying a users identity through the social login. This makes it possible for unauthenticated attackers to log in as any user, including administrator...

9.8CVSS6.8AI score0.00515EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/01/02 12:0 a.m.8 views

WordPress plugin Branda 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A security...

9.8CVSS6.5AI score0.00541EPSS
Exploits1References4
RedhatCVE
RedhatCVE
added 2025/10/29 9:12 p.m.9 views

CVE-2025-43017

HP ThinPro 8.1 System management application failed to verify user's true id. HP has released HP ThinPro 8.1 SP8, which includes updates to mitigate potential vulnerabilities...

8.5CVSS7AI score0.00245EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/28 9:30 p.m.4 views

EUVD-2025-36557

HP ThinPro 8.1 System management application failed to verify user's true id. HP has released HP ThinPro 8.1 SP8, which includes updates to mitigate potential vulnerabilities...

8.5CVSS6.7AI score0.00245EPSS
Exploits0References2
OSV
OSV
added 2025/10/28 9:15 p.m.4 views

CVE-2025-43017

HP ThinPro 8.1 System management application failed to verify user's true id. HP has released HP ThinPro 8.1 SP8, which includes updates to mitigate potential vulnerabilities...

9.8CVSS5.8AI score0.00245EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/10/28 8:40 p.m.3 views

CVE-2025-43017 HP ThinPro 8.1 SP8 Security Updates

HP ThinPro 8.1 System management application failed to verify user's true id. HP has released HP ThinPro 8.1 SP8, which includes updates to mitigate potential vulnerabilities...

8.5CVSS6.8AI score0.00245EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/10/28 8:40 p.m.7 views

CVE-2025-43017 HP ThinPro 8.1 SP8 Security Updates

HP ThinPro 8.1 System management application failed to verify user's true id. HP has released HP ThinPro 8.1 SP8, which includes updates to mitigate potential vulnerabilities...

8.5CVSS0.00245EPSS
Exploits0References1
CVE
CVE
added 2025/10/28 8:40 p.m.14 views

CVE-2025-43017

HP ThinPro 8.1 has a vulnerability in its system management application where user identity verification can fail. Multiple sources (HP advisories and various CVE trackers) indicate the issue affects HP ThinPro 8.1 prior to SP8 and that HP released HP ThinPro 8.1 SP8 to mitigate potential vulnera...

9.8CVSS6.8AI score0.00245EPSS
Exploits0References1Affected Software1
The Hacker News
The Hacker News
added 2025/10/14 11:55 a.m.3 views

Moving Beyond Awareness: How Threat Hunting Builds Readiness

Every October brings a familiar rhythm - pumpkin-spice everything in stores and cafés, alongside a wave of reminders, webinars, and checklists in my inbox. Halloween may be just around the corner, yet for those of us in cybersecurity, Security Awareness Month is the true seasonal milestone. Make ...

6.7AI score
Exploits0
Hacker One
Hacker One
added 2025/10/10 10:33 a.m.11 views

HackerOne: Lack of Validation in Reward Redemption Allows Unlimited Burp Suite License Abuse

A vulnerability was discovered in the reward redemption process of a points and rewards system. The vulnerability allowed an attacker to obtain multiple valid Burp Suite Pro licenses by using different email addresses, without any validation or verification tied to the user's account. The email...

5.8AI score
Exploits0
EUVD
EUVD
added 2025/10/07 12:30 a.m.11 views

EUVD-2020-6288

Malware in sbrugna...

9.8CVSS9.2AI score0.00911EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2021-23605

Malware in sbrugna...

5.3CVSS5.5AI score0.00645EPSS
Exploits0References2
Rows per page
Query Builder