Lucene search
+L

1062 matches found

RedHat Linux
RedHat Linux
added 2026/04/17 7:24 p.m.3 views

cpython: python: Python zipfile End of Central Directory (EOCD) Locator record offset not checked

A zip file handling flaw has been discovered in the python standard library zipfile module. The 'zipfile' module would not check the validity of the ZIP64 End of Central Directory EOCD Locator record offset value would not be used to locate the ZIP64 EOCD record, instead the ZIP64 EOCD record wou...

4.3CVSS6.4AI score0.00353EPSS
Exploits0References9
RedHat Linux
RedHat Linux
added 2026/04/17 6:54 p.m.3 views

cpython: python: Python zipfile End of Central Directory (EOCD) Locator record offset not checked

A zip file handling flaw has been discovered in the python standard library zipfile module. The 'zipfile' module would not check the validity of the ZIP64 End of Central Directory EOCD Locator record offset value would not be used to locate the ZIP64 EOCD record, instead the ZIP64 EOCD record wou...

4.3CVSS6.4AI score0.00353EPSS
Exploits0References9
EUVD
EUVD
added 2026/04/16 9:31 a.m.6 views

EUVD-2025-209491

The WP Maps – Store Locator,Google Maps,OpenStreetMap,Mapbox,Listing,Directory & Filters plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'putwpgm' shortcode in all versions up to, and including, 4.8.7. This is due to insufficient input sanitization and output escaping on...

6.4CVSS5.9AI score0.00267EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/04/16 6:44 a.m.41 views

CVE-2025-13364 WP Maps – Store Locator,Google Maps,OpenStreetMap,Mapbox,Listing,Directory & Filters <= 4.8.7 - Authenticated (Contributor+) Stored Cross-Site Scripting via 'put_wpgm' Shortcode

The WP Maps – Store Locator,Google Maps,OpenStreetMap,Mapbox,Listing,Directory & Filters plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'putwpgm' shortcode in all versions up to, and including, 4.8.7. This is due to insufficient input sanitization and output escaping on...

6.4CVSS0.00267EPSS
Exploits0References2
CVE
CVE
added 2026/04/16 6:44 a.m.19 views

CVE-2025-13364

CVE-2025-13364 affects the WordPress plugin “WP Maps – Store Locator, Google Maps, OpenStreetMap, Mapbox, Listing, Directory & Filters” up to version 4.8.7. The issue is a Stored Cross-Site Scripting (stored‑XSS) flaw caused by insufficient input sanitization and output escaping on user‑supplied ...

6.4CVSS5.9AI score0.00267EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/04/16 6:44 a.m.4 views

CVE-2025-13364

The WP Maps – Store Locator,Google Maps,OpenStreetMap,Mapbox,Listing,Directory & Filters plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'putwpgm' shortcode in all versions up to, and including, 4.8.7. This is due to insufficient input sanitization and output escaping on...

6.4CVSS5.9AI score0.00267EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/04/16 12:0 a.m.11 views

WordPress plugin WP Maps – Store Locator,Google Maps,OpenStreetMap,Mapbox,Listing,Directory & Filters 安全漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. The...

6.4CVSS5.8AI score0.00267EPSS
Exploits0References1
Amazon
Amazon
added 2026/04/14 12:0 a.m.11 views

Important: amazon-cloudwatch-agent

Issue Overview: url.Parse insufficiently validated the host/authority component and accepted some invalid URLs. CVE-2026-25679 On Unix platforms, when listing the contents of a directory using File.ReadDir or File.Readdir the returned FileInfo could reference a file outside of the Root in which t...

9.1CVSS7.3AI score0.01557EPSS
Exploits1
Vulnrichment
Vulnrichment
added 2026/04/13 11:55 p.m.3 views

CVE-2026-34069 nimiq-consensus panics via RequestMacroChain micro-block locator

nimiq/core-rs-albatross is a Rust implementation of the Nimiq Proof-of-Stake protocol based on the Albatross consensus algorithm. In versions 1.2.2 and below, an unauthenticated p2p peer can cause the RequestMacroChain message handler task to panic. Sending a RequestMacroChain message where the...

5.3CVSS5.8AI score0.00297EPSS
Exploits0References4
OSV
OSV
added 2026/04/13 11:55 p.m.4 views

CVE-2026-34069 nimiq-consensus panics via RequestMacroChain micro-block locator

nimiq/core-rs-albatross is a Rust implementation of the Nimiq Proof-of-Stake protocol based on the Albatross consensus algorithm. In versions 1.2.2 and below, an unauthenticated p2p peer can cause the RequestMacroChain message handler task to panic. Sending a RequestMacroChain message where the...

5.3CVSS5.9AI score0.00297EPSS
Exploits0References6
CVE
CVE
added 2026/04/13 11:55 p.m.19 views

CVE-2026-34069

CVE-2026-34069 affects the Rust implementation of Nimiq’s PoS consensus (nimiq/core-rs-albatross). In versions 1.2.2 and earlier, an unauthenticated p2p peer can trigger a panic in the RequestMacroChain message handler when the first locator hash on the victim’s main chain is a micro block hash (...

5.3CVSS5.8AI score0.00297EPSS
Exploits0References4Affected Software1
Cvelist
Cvelist
added 2026/04/13 11:55 p.m.30 views

CVE-2026-34069 nimiq-consensus panics via RequestMacroChain micro-block locator

nimiq/core-rs-albatross is a Rust implementation of the Nimiq Proof-of-Stake protocol based on the Albatross consensus algorithm. In versions 1.2.2 and below, an unauthenticated p2p peer can cause the RequestMacroChain message handler task to panic. Sending a RequestMacroChain message where the...

5.3CVSS0.00297EPSS
Exploits0References4
EUVD
EUVD
added 2026/04/13 4:36 p.m.8 views

EUVD-2026-22160

nimiq-consensus panics via RequestMacroChain micro-block locator...

5.3CVSS5.8AI score0.00297EPSS
Exploits0References4
OSV
OSV
added 2026/04/13 4:36 p.m.5 views

GHSA-48M6-486P-9J8P nimiq-consensus panics via RequestMacroChain micro-block locator

Impact An unauthenticated p2p peer can cause the RequestMacroChain message handler task to panic by sending a RequestMacroChain message where the first locator hash that is on the victim’s main chain is a micro block hash not a macro block hash. In RequestMacroChain::handle, the handler selects t...

5.3CVSS5.8AI score0.00297EPSS
Exploits0References6
Github Security Blog
Github Security Blog
added 2026/04/13 4:36 p.m.10 views

nimiq-consensus panics via RequestMacroChain micro-block locator

Impact An unauthenticated p2p peer can cause the RequestMacroChain message handler task to panic by sending a RequestMacroChain message where the first locator hash that is on the victim’s main chain is a micro block hash not a macro block hash. In RequestMacroChain::handle, the handler selects t...

5.3CVSS5.8AI score0.00297EPSS
Exploits0References6Affected Software1
RedHat Linux
RedHat Linux
added 2026/04/13 2:29 a.m.8 views

Important: Red Hat Security Advisory: rhc security update

An update for rhc is now available for Red Hat Enterprise Linux 9.6 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for eac...

7.5CVSS5.8AI score0.00728EPSS
Exploits0References2
Amazon
Amazon
added 2026/04/13 12:0 a.m.24 views

Medium: docker

Issue Overview: url.Parse insufficiently validated the host/authority component and accepted some invalid URLs. CVE-2026-25679 On Unix platforms, when listing the contents of a directory using File.ReadDir or File.Readdir the returned FileInfo could reference a file outside of the Root in which t...

7.5CVSS7.3AI score0.00728EPSS
Exploits0
RedHat Linux
RedHat Linux
added 2026/04/11 7:41 p.m.2 views

cpython: python: Python zipfile End of Central Directory (EOCD) Locator record offset not checked

A zip file handling flaw has been discovered in the python standard library zipfile module. The 'zipfile' module would not check the validity of the ZIP64 End of Central Directory EOCD Locator record offset value would not be used to locate the ZIP64 EOCD record, instead the ZIP64 EOCD record wou...

4.3CVSS6.4AI score0.00353EPSS
Exploits0References9
RedHat Linux
RedHat Linux
added 2026/04/10 7:25 p.m.2 views

cpython: python: Python zipfile End of Central Directory (EOCD) Locator record offset not checked

A zip file handling flaw has been discovered in the python standard library zipfile module. The 'zipfile' module would not check the validity of the ZIP64 End of Central Directory EOCD Locator record offset value would not be used to locate the ZIP64 EOCD record, instead the ZIP64 EOCD record wou...

4.3CVSS6.4AI score0.00353EPSS
Exploits0References9
EUVD
EUVD
added 2026/03/30 6:31 p.m.9 views

EUVD-2026-17127

Smoothwall Express versions prior to 3.1 Update 13 contain a reflected cross-site scripting vulnerability in the /redirect.cgi endpoint due to improper sanitation of the url parameter. Attackers can craft malicious URLs with javascript: schemes that execute arbitrary JavaScript in victims' browse...

5.4CVSS6AI score0.00155EPSS
Exploits0References3
Rows per page
Query Builder