Lucene search
K

533 matches found

CNNVD
CNNVD
added 2026/05/05 12:0 a.m.12 views

Gambio 安全漏洞

Gambio is an integrated e-commerce solution developed by the Gambio company. Version Gambio 4.9.2.0 contains a security vulnerability. This vulnerability arises from the possibility of bypassing the password reset function; as long as the ID is known, any password for any account can be set...

9.1CVSS5.8AI score0.00256EPSS
Exploits0References2
Patchstack
Patchstack
added 2026/05/01 2:45 p.m.6 views

WordPress Simple Link Directory plugin <= 8.9.2 - Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting vulnerability discovered by zaim in WordPress Plugin Simple Link Directory versions = 8.9.2...

6.4CVSS5.8AI score0.00195EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2026/05/01 9:33 a.m.8 views

WordPress AEH Speed Optimization: Browser Cache, Optimized Minify, Lazy Loading & Image Optimization plugin <= 2.9.2 - Unauthenticated Reflected Cross-Site Scripting vulnerability

Unauthenticated Reflected Cross-Site Scripting vulnerability discovered by Asaf Mozes in WordPress Plugin Add Expires Headers & Optimized Minify versions = 2.9.2...

6.1CVSS5.8AI score0.00276EPSS
Exploits0References1Affected Software1
Debian CVE
Debian CVE
added 2026/04/24 4:51 p.m.10 views

CVE-2026-41411

Vim is an open source, command line text editor. Prior to 9.2.0357, A command injection vulnerability exists in Vim's tag file processing. When resolving a tag, the filename field from the tags file is passed through wildcard expansion to resolve environment variables and wildcards. If the filena...

6.6CVSS5.4AI score0.00501EPSS
Exploits0
Packet Storm
Packet Storm
added 2026/04/24 12:0 a.m.156 views

📄 NLTK 3.9.2 Path Traversal / File Disclosure

NLTK version 3.9.2 suffers from a path traversal vulnerability that allows for file disclosure. ================================================================================================================================== | Title : NLTK 3.9.2 Path Traversal - File Disclosure Exploit | | Auth...

8.6CVSS5.4AI score0.00924EPSS
Exploits3
Positive Technologies
Positive Technologies
added 2026/04/22 12:0 a.m.8 views

PT-2026-37159

Name of the Vulnerable Software and Affected Versions pgx versions prior to 5.9.2 Description SQL injection can occur when the non-default simple protocol is used in conjunction with a dollar quoted string literal in the SQL query. If that string literal contains text that would be interpreted as...

9.8CVSS5.8AI score0.00356EPSS
Exploits0References271
EUVD
EUVD
added 2026/04/21 9:31 p.m.6 views

EUVD-2026-24309

Vulnerability in the PeopleSoft Enterprise HCM Human Resources product of Oracle PeopleSoft component: Employee Snapshot. The supported version that is affected is 9.2. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise PeopleSoft Enterprise...

5.4CVSS5.7AI score0.00169EPSS
Exploits0References2
NVD
NVD
added 2026/04/21 9:16 p.m.7 views

CVE-2026-34301

Vulnerability in the PeopleSoft Enterprise FIN Maintenance Management product of Oracle PeopleSoft component: Work Order Management. The supported version that is affected is 9.2. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise PeopleSoft...

6.5CVSS0.00261EPSS
Exploits0References1
NVD
NVD
added 2026/04/21 9:16 p.m.7 views

CVE-2026-22019

Vulnerability in the PeopleSoft Enterprise HCM Shared Components product of Oracle PeopleSoft component: Person Search. The supported version that is affected is 9.2. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise PeopleSoft Enterprise H...

5.4CVSS0.00152EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/04/21 8:35 p.m.5 views

CVE-2026-34295

Vulnerability in the PeopleSoft Enterprise SCM Purchasing product of Oracle PeopleSoft component: Purchasing. The supported version that is affected is 9.2. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise PeopleSoft Enterprise SCM...

6.5CVSS5.7AI score0.00261EPSS
Exploits0References2Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/04/21 8:35 p.m.8 views

CVE-2026-34280

Vulnerability in the PeopleSoft Enterprise HCM Human Resources product of Oracle PeopleSoft component: Job Profile Manager. The supported version that is affected is 9.2. Easily exploitable vulnerability allows high privileged attacker with network access via HTTP to compromise PeopleSoft...

6.5CVSS5.7AI score0.00373EPSS
Exploits0References2Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/04/21 8:35 p.m.6 views

CVE-2026-22019

Vulnerability in the PeopleSoft Enterprise HCM Shared Components product of Oracle PeopleSoft component: Person Search. The supported version that is affected is 9.2. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise PeopleSoft Enterprise H...

5.4CVSS5.7AI score0.00152EPSS
Exploits0References2Affected Software1
CNNVD
CNNVD
added 2026/04/21 12:0 a.m.9 views

Oracle PeopleSoft Enterprise FIN Contracts 安全漏洞

Oracle PeopleSoft Enterprise FIN Contracts is an enterprise contract financial management system developed by Oracle Corporation. Version 9.2 of Oracle PeopleSoft Enterprise FIN Contracts contains a security vulnerability. This vulnerability stems from issues with the Contracts component, which m...

6.5CVSS7.2AI score0.00291EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 2026/04/16 7:46 p.m.8 views

Important: Red Hat Security Advisory: nghttp2 security update

An update for nghttp2 is now available for Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...

7.5CVSS7.1AI score0.00775EPSS
Exploits0References2
EUVD
EUVD
added 2026/04/11 3:30 a.m.3 views

EUVD-2026-21660

The LifterLMS plugin for WordPress is vulnerable to SQL Injection via the 'order' parameter in all versions up to, and including, 9.2.1. This is due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for...

6.5CVSS6AI score0.00372EPSS
Exploits0References6
Atlassian
Atlassian
added 2026/04/10 10:29 p.m.24 views

HTTP Request Smuggling io.netty:netty-codec-http Dependency in Confluence Data Center

This High severity HTTP Request Smuggling vulnerability was introduced in version 8.9.0, 9.0.1, 9.1.0, 9.2.0, 9.3.1, 9.4.0, 9.5.1, 10.0.2, 10.1.0, 10.2.0 of Confluence Data Center. This HTTP Request Smuggling vulnerability, with a CVSS Score of 7.5 and a CVSS Vector of...

7.5CVSS5.8AI score0.0064EPSS
Exploits1
EUVD
EUVD
added 2026/04/10 12:30 a.m.3 views

EUVD-2026-21193

A Weak Password Requirements vulnerability in the password management function of Juniper Networks CTP OS might allow an unauthenticated, network-based attacker to exploit weak passwords of local accounts and potentially take full control of the device. The password management menu enables the...

9.1CVSS5.8AI score0.00264EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/04/09 9:33 p.m.3 views

CVE-2026-33771 CTP OS: Configuring password requirements does not work which permits the use of weak passwords

A Weak Password Requirements vulnerability in the password management function of Juniper Networks CTP OS might allow an unauthenticated, network-based attacker to exploit weak passwords of local accounts and potentially take full control of the device. The password management menu enables the...

9.1CVSS5.7AI score0.00264EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2026/04/08 12:0 a.m.9 views

Juniper Junos OS Vulnerability (JSA107822)

The version of Junos OS installed on the remote host is affected by a vulnerability as referenced in the JSA107822 advisory. - net-snmp provides various tools relating to the Simple Network Management Protocol. Prior to version 5.9.2, a buffer overflow in the handling of the INDEX of...

8.8CVSS6.2AI score0.01299EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/04/06 3:16 p.m.39 views

CVE-2026-34982 Vim modeline bypass via various options affects Vim < 9.2.0276

Vim is an open source, command line text editor. Prior to version 9.2.0276, a modeline sandbox bypass in Vim allows arbitrary OS command execution when a user opens a crafted file. The complete, guitabtooltip and printheader options are missing the PMLE flag, allowing a modeline to be executed...

8.2CVSS0.0047EPSS
Exploits0References3
Rows per page
Query Builder