Lucene search
+L

1062 matches found

Patchstack
Patchstack
added 2026/02/03 4:26 a.m.8 views

WordPress Simple Locator plugin <= 2.0.3 - Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting vulnerability discovered by Muhammad Yudha - DJ in WordPress Plugin Simple Locator versions = 2.0.3...

6.4CVSS8.3AI score0.00345EPSS
Exploits0References1Affected Software1
Packet Storm News
Packet Storm News
added 2026/02/02 12:0 a.m.4 views

Benchmarking Large Language Models for Zero-Shot and Few-Shot Phishing URL Detection

The Uniform Resource Locator URL, introduced in a connectivity-first era to define access and locate resources, remains historically limited, lacking future-proof mechanisms for security, trust, or resilience against fraud and abuse, despite the introduction of reactive protections like HTTPS...

5.6AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2026/01/26 12:0 a.m.4 views

TencentOS Server 3: python3.12 (TSSA-2026:0033)

The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2026:0033 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities...

6.3CVSS6.9AI score0.00708EPSS
Exploits0References3
CVE
CVE
added 2026/01/19 7:42 p.m.18 views

CVE-2026-23846

CVE-2026-23846 — Tugtainer password exposure : Tugtainer (self-hosted Docker updater) before version 1.16.1 transmits passwords via URL query parameters instead of the HTTP request body. This enables passwords to be logged in server access logs and potentially exposed through browser history, Ref...

9.1CVSS5.5AI score0.00403EPSS
Exploits1References2Affected Software1
NVD
NVD
added 2026/01/15 9:16 p.m.24 views

CVE-2026-1002

The Vert.x Web static handler component cache can be manipulated to deny the access to static files served by the handler using specifically crafted request URI. The issue comes from an improper implementation of the C. rule of section 5.2.4 of RFC3986 and is fixed in Vert.x Core component used b...

6.9CVSS0.00343EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2026/01/13 12:0 a.m.2 views

MiracleLinux 8 : python3.12-3.12.12-1.el8_10 (AXSA:2026-013:01)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2026-013:01 advisory. cpython: python: Python zipfile End of Central Directory EOCD Locator record offset not checked CVE-2025-8291 cpython: python: cpython: Quadratic...

6.3CVSS6.8AI score0.00708EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2026/01/13 12:0 a.m.5 views

RHEL 10 : python3.12 (RHSA-2026:0353)

The remote Redhat Enterprise Linux 10 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2026:0353 advisory. Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic da...

4.3CVSS6.9AI score0.00353EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2026/01/13 12:0 a.m.4 views

RHEL 9 : python3.12 (RHSA-2026:0355)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2026:0355 advisory. Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic dat...

4.3CVSS6.9AI score0.00353EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2026/01/13 12:0 a.m.4 views

MiracleLinux 9 : python3.12-3.12.12-1.el9_7 (AXSA:2025-11585:16)

The remote MiracleLinux 9 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2025-11585:16 advisory. cpython: python: Python zipfile End of Central Directory EOCD Locator record offset not checked CVE-2025-8291 Tenable has extracted the preceding descriptio...

4.3CVSS6.9AI score0.00353EPSS
Exploits0References2
OSV
OSV
added 2026/01/10 4:16 a.m.5 views

UBUNTU-CVE-2026-22610

Angular is a development platform for building mobile and desktop web applications using TypeScript/JavaScript and other languages. Prior to versions 19.2.18, 20.3.16, 21.0.7, and 21.1.0-rc.0, a cross-site scripting XSS vulnerability has been identified in the Angular Template Compiler. The...

8.5CVSS6.4AI score0.00444EPSS
Exploits1References6
RedhatCVE
RedhatCVE
added 2026/01/09 12:31 p.m.9 views

CVE-2023-4151

The Store Locator WordPress plugin before 1.4.13 does not sanitise and escape an invalid nonce before outputting it back in an AJAX response, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin...

6.1CVSS6.1AI score0.00645EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2026/01/09 12:31 p.m.7 views

CVE-2023-4476

The Locatoraid Store Locator WordPress plugin before 3.9.24 does not sanitise and escape the lpr-search parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin...

6.1CVSS6.1AI score0.0042EPSS
Exploits2References1
RedhatCVE
RedhatCVE
added 2026/01/09 11:48 a.m.12 views

CVE-2009-4948

Cross-site scripting XSS vulnerability in the Store Locator extension before 1.2.8 for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

4.3CVSS6AI score0.01022EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 10:44 a.m.6 views

CVE-2022-0493

The String locator WordPress plugin before 2.5.0 does not properly validate the path of the files to be searched, allowing high privilege users such as admin to query arbitrary files on the web server via a path traversal vector. Furthermore, due to a flaw in the search, allowing a pattern to be...

4.9CVSS6.8AI score0.0136EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2026/01/09 9:31 a.m.10 views

CVE-2023-25709

Cross-Site Request Forgery CSRF vulnerability in Plainware Locatoraid Store Locator plugin = 3.9.11 versions...

8.8CVSS7AI score0.00248EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 9:29 a.m.9 views

CVE-2023-50885

Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in AGILELOGIX Store Locator WordPress.This issue affects Store Locator WordPress: from n/a through 1.4.14...

6.8CVSS8.6AI score0.00617EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 8:48 a.m.8 views

CVE-2025-23519

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Jas Saran G Web Pro Store Locator gwebpro-store-locator allows Reflected XSS.This issue affects G Web Pro Store Locator: from n/a through = 2.0.1...

7.1CVSS5.9AI score0.00342EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 8:47 a.m.9 views

CVE-2025-23422

Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in moaluko Store Locator store-locator allows PHP Local File Inclusion.This issue affects Store Locator: from n/a through = 3.98.10...

7.5CVSS7.2AI score0.00601EPSS
Exploits0References1
RedHat Linux
RedHat Linux
added 2026/01/08 2:45 p.m.8 views

cpython: python: Python zipfile End of Central Directory (EOCD) Locator record offset not checked

A zip file handling flaw has been discovered in the python standard library zipfile module. The 'zipfile' module would not check the validity of the ZIP64 End of Central Directory EOCD Locator record offset value would not be used to locate the ZIP64 EOCD record, instead the ZIP64 EOCD record wou...

4.3CVSS6.2AI score0.00353EPSS
Exploits0References9
RedHat Linux
RedHat Linux
added 2026/01/08 2:45 p.m.8 views

Moderate: Red Hat Security Advisory: python3.12 security update

An update for python3.12 is now available for Red Hat Enterprise Linux 9.6 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available f...

4.3CVSS6.6AI score0.00353EPSS
Exploits0References2
Rows per page
Query Builder