Lucene search
+L

319 matches found

SUSE Linux
SUSE Linux
added 2025/10/24 3:35 p.m.2 views

Security update for xen

This update for xen fixes the following issues: CVE-2025-58147, CVE-2025-58148: fixed input sanitisation in Viridian hypercalls XSA-475, bsc1251271 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively...

6.8CVSS7AI score0.00347EPSS
Exploits0References6
OSV
OSV
added 2025/10/24 3:35 p.m.2 views

SUSE-SU-2025:3793-1 Security update for xen

This update for xen fixes the following issues: - CVE-2025-58147, CVE-2025-58148: fixed input sanitisation in Viridian hypercalls XSA-475, bsc1251271...

7.5CVSS7AI score0.00347EPSS
Exploits0References4
EUVD
EUVD
added 2025/10/07 12:30 a.m.8 views

EUVD-2021-11888

Malware in sbrugna...

6.1CVSS6.2AI score0.00917EPSS
Exploits2References3
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2021-25141

Malware in sbrugna...

9CVSS8.6AI score0.0432EPSS
Exploits1References3
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2020-29296

Malware in sbrugna...

9CVSS8.6AI score0.01697EPSS
Exploits1References3
EUVD
EUVD
added 2025/10/07 12:30 a.m.8 views

EUVD-2021-11147

Malware in sbrugna...

6.1CVSS6.1AI score0.01749EPSS
Exploits3References4
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2023-43733

Malicious code in bioql PyPI...

6.1CVSS7AI score0.00458EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/10/03 6:42 a.m.12 views

CVE-2025-9697

The Ajax WooSearch WordPress plugin through 1.0.0 does not properly sanitise and escape a parameter before using it in a SQL statement via an AJAX action available to unauthenticated users, leading to a SQL injection...

9.8CVSS7.6AI score0.00337EPSS
Exploits0References1
Xen Project
Xen Project
added 2025/09/09 12:0 p.m.14 views

XAPI UTF-8 string handling

ISSUE DESCRIPTION There are multiple issues. 1. Updates to the XAPI database sanitise input strings, but try generating the notification using the unsanitised input. This causes the database's event thread to terminate and cease further processing. 2. XAPI's UTF-8 encoder implements v3.0 of the...

9.4CVSS6.8AI score0.00137EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2025/05/23 3:0 a.m.5 views

CVE-2023-1596

The tagDiv Composer WordPress plugin before 4.0 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin...

6.1CVSS6.1AI score0.00506EPSS
Exploits2References1
RedhatCVE
RedhatCVE
added 2025/05/23 2:55 a.m.6 views

CVE-2023-0603

The Sloth Logo Customizer WordPress plugin through 2.0.2 does not have CSRF check when updating its settings, and is missing sanitisation as well as escaping, which could allow attackers to make logged in admin add Stored XSS payloads via a CSRF attack...

8.8CVSS7.5AI score0.13871EPSS
Exploits2References1
RedhatCVE
RedhatCVE
added 2025/05/22 11:29 p.m.6 views

CVE-2022-1241

The Ask me WordPress theme before 6.8.2 does not properly sanitise and escape several of the fields in the Edit Profile page, leading to Reflected Cross-Site Scripting issues...

6.1CVSS6.2AI score0.00757EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/22 11:24 p.m.3 views

CVE-2022-3925

The buddybadges WordPress plugin through 1.0.0 does not sanitise and escape a parameter before using it in a SQL statement, leading to a SQL injection exploitable by high privilege users...

7.2CVSS7.3AI score0.00964EPSS
Exploits2References1
RedhatCVE
RedhatCVE
added 2025/05/22 8:4 p.m.13 views

CVE-2021-37350

Nagios XI before version 5.8.5 is vulnerable to SQL injection vulnerability in Bulk Modifications Tool due to improper input sanitisation...

9.8CVSS7.9AI score0.7925EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 7:21 p.m.11 views

CVE-2021-24233

The Cooked Pro WordPress plugin before 1.7.5.6 was affected by unauthenticated reflected Cross-Site Scripting issues, due to improper sanitisation of user input while being output back in pages as an arbitrary attribute...

6.1CVSS6.3AI score0.01749EPSS
Exploits3References1
RedhatCVE
RedhatCVE
added 2025/05/22 6:24 p.m.10 views

CVE-2021-24505

The Forms WordPress plugin before 1.12.3 did not sanitise its input fields, leading to Stored Cross-Site scripting issues. The plugin was vulnerable to an Authenticated Stored Cross-Site Scripting XSS vulnerability within the Forms "Add new" field...

5.4CVSS5.3AI score0.0062EPSS
Exploits2References1
RedhatCVE
RedhatCVE
added 2025/05/22 6:23 p.m.10 views

CVE-2021-24326

The tab parameter of the settings page of the All 404 Redirect to Homepage WordPress plugin before 1.21 was vulnerable to an authenticated reflected Cross-Site Scripting XSS issue as user input was not properly sanitised before being output in an attribute...

5.4CVSS5.7AI score0.0062EPSS
Exploits2References1
RedhatCVE
RedhatCVE
added 2025/05/22 5:13 p.m.9 views

CVE-2020-8429

The Admin web application in Kinetica 7.0.9.2.20191118151947 does not properly sanitise the input for the function getLogs. This lack of sanitisation could be exploited to allow an authenticated attacker to run remote code on the underlying operating system. The logFile parameter in the getLogs...

9CVSS7.5AI score0.01697EPSS
Exploits1References1
OSV
OSV
added 2025/05/15 8:15 p.m.5 views

CVE-2024-6712

The MapFig Studio WordPress plugin through 0.2.1 does not have CSRF check in some places, and is missing sanitisation as well as escaping, which could allow attackers to make logged in admin add Stored XSS payloads via a CSRF attack...

6.1CVSS5.8AI score0.00152EPSS
Exploits1References1
OSV
OSV
added 2025/04/02 5:3 p.m.40 views

DRUPAL-CONTRIB-2025-029

This module enables you to obfuscate email addresses, to avoid them being easily available to spammers. The module doesn't sufficiently sanitise input when ROT13 encoding is used. This vulnerability is mitigated by the fact that an attacker must have a role with the ability to enter specific HTML...

5.4CVSS6.6AI score0.00217EPSS
Exploits0References1
Rows per page
Query Builder