Lucene search
K

30 matches found

Cvelist
Cvelist
added 4 days ago34 views

CVE-2026-14800 imhamzaazam ecommerceFlask cross-site request forgery

A weakness has been identified in imhamzaazam ecommerceFlask up to cb7d9e24c30a99379651b7493b32048126ef402b. The affected element is an unknown function. This manipulation causes cross-site request forgery. The attack may be initiated remotely. The exploit has been made available to the public an...

5.3CVSS0.00159EPSS
Exploits0References6
NVD
NVD
added 2026/05/17 1:16 p.m.20 views

CVE-2026-8755

A flaw has been found in fishaudio Bert-VITS2 up to 8f7fbd8c4770965225d258db548da27dc8dd934c. The affected element is the function getallmodels of the file hiyoriUI.py of the component Model Handler. This manipulation causes path traversal. The attack can be initiated remotely. The exploit has be...

7.5CVSS0.00611EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2026/04/03 12:0 a.m.14 views

PT-2026-30189

A security vulnerability has been detected in mixelpixx Google-Research-MCP 1e062d7bd887bfe5f6e582b6cc288bb897b35cf2/ca613b736ab787bc926932f59cddc69457185a83. This issue affects the function extractContent of the file src/services/content-extractor.service.ts of the component Model Context Protoc...

6.5CVSS5.5AI score0.00206EPSS
Exploits0References5
ATTACKERKB
ATTACKERKB
added 2026/02/20 5:2 p.m.5 views

CVE-2026-2851

A vulnerability was determined in yeqifu warehouse up to aaf29962ba407d22d991781de28796ee7b4670e4. This vulnerability affects the function addInport/updateInport/deleteInport of the file dataset\repos\warehouse\src\main\java\com\yeqifu\bus\controller\InportController.java of the component Inport...

6.5CVSS5.3AI score0.00199EPSS
Exploits1References6
Positive Technologies
Positive Technologies
added 2025/11/23 12:0 a.m.30 views

PT-2025-47837

Name of the Vulnerable Software and Affected Versions ashraf-kabir travel-agency versions prior to 1f25aa03544bc5fb7a9e846f8a7879cecdb0cad3 Description A security issue exists in ashraf-kabir travel-agency. The manipulation of the edit pack argument in the /admin area/index.php file leads to SQL...

7.2CVSS4.7AI score0.00334EPSS
Exploits1References10
RedhatCVE
RedhatCVE
added 2025/11/17 9:7 a.m.18 views

CVE-2025-13208

A security flaw has been discovered in FantasticLBP Hotels Server up to 67b44df162fab26df209bd5d5d542875fcbec1d0. The impacted element is an unknown function of the file controller/api/hotelList.php. The manipulation of the argument subjectId/cityName results in sql injection. The attack can be...

6.5CVSS6.6AI score0.00213EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/10/28 1:34 a.m.7 views

CVE-2025-12202

A security flaw has been discovered in ajayrandhawa User-Management-PHP-MYSQL web up to fedcf58797bf2791591606f7b61fdad99ad8bff1. This vulnerability affects unknown code. Performing manipulation results in cross-site request forgery. The attack can be initiated remotely. The exploit has been...

5.3CVSS6.3AI score0.00265EPSS
Exploits1References1
Positive Technologies
Positive Technologies
added 2025/10/27 12:0 a.m.8 views

PT-2025-43760

Name of the Vulnerable Software and Affected Versions ajayrandhawa User-Management-PHP-MYSQL web affected versions not specified Description A security flaw exists in ajayrandhawa User-Management-PHP-MYSQL web. The issue involves cross-site request forgery, allowing remote attackers to perform...

5.3CVSS6.3AI score0.00265EPSS
Exploits1References6
CVE
CVE
added 2025/08/21 4:32 p.m.19 views

CVE-2025-9310

The CVE-2025-9310 entry concerns yeqifu carRental (Druid component) with vulnerability in an unknown function of the file /carRental_war/druid/login.html. The issue can lead to hard-coded credentials and is exploitable remotely; the exploit has been publicly disclosed. There are no version detail...

7.5CVSS7.1AI score0.00528EPSS
Exploits1References4Affected Software1
Positive Technologies
Positive Technologies
added 2025/01/01 12:0 a.m.5 views

PT-2025-2353 · Undefined · Undefined

Name of the Vulnerable Software and Affected Versions: No vulnerable software or affected versions specified. Description: A CVE record was rejected due to non-usage, following CNA rules. No information is provided about the issue itself, including general details or potential impacts...

6.9AI score
Exploits0References2
Positive Technologies
Positive Technologies
added 2024/11/28 12:0 a.m.4 views

PT-2024-35842 · Unknown · Rohit Harsh Fence Url

Name of the Vulnerable Software and Affected Versions: Rohit Harsh Fence URL versions n/a through 2.0.0 Description: The issue is related to improper neutralization of input during web page generation, leading to a Stored Cross-Site Scripting XSS vulnerability. This allows for Stored XSS attacks...

7.1CVSS7.9AI score0.0032EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2024/11/05 12:0 a.m.5 views

PT-2024-40625 · Git +1 · Clamav

Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided description. Description: The issue is related to a crash reported by OSS-Fuzz, with a Segv on an unknown address. The crash state includes functions such as yara yyparse, yr lex...

6.9AI score
Exploits0References2
Positive Technologies
Positive Technologies
added 2024/07/31 12:0 a.m.5 views

PT-2024-23842 · Plug&Track +1 · Sensor Net Connect V2 +1

Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned. Description: A CWE-79 issue allows malicious users to permanently inject arbitrary Javascript code, enabling cross-site scripting. This issue permits malicious users to inject code into web page...

8.8CVSS6.8AI score0.00315EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2024/05/28 12:0 a.m.5 views

PT-2024-19945 · Hcl · Hcl Dryice Optibot Reset Station

Name of the Vulnerable Software and Affected Versions: HCL DRYiCE Optibot Reset Station affected versions not specified Description: The issue concerns insecure encryption of security questions in the HCL DRYiCE Optibot Reset Station. This could potentially allow an attacker with access to the...

6.5CVSS6.9AI score0.0015EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2024/05/16 12:0 a.m.5 views

PT-2024-13237 · Intel · Intel Power Gadget

Name of the Vulnerable Software and Affected Versions: IntelR Power Gadget software for Windows affected versions not specified Description: The issue is related to improper initialization in the IntelR Power Gadget software, which may allow an authenticated user to potentially enable denial of...

5.5CVSS6.7AI score0.00218EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2024/02/27 12:0 a.m.6 views

PT-2024-11064 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: A issue in the Linux kernel has been resolved, specifically related to the ext4 file system. The fix addresses a check to prevent false positive reports of incorrect used inodes...

6.5AI score
Exploits0References15
Positive Technologies
Positive Technologies
added 2023/12/28 12:0 a.m.8 views

PT-2023-18950 · Huawei · Honor

Name of the Vulnerable Software and Affected Versions: Honor products affected versions not specified Description: The issue is related to an out of bounds read vulnerability. Successful exploitation of this vulnerability could cause an information leak. Recommendations: At the moment, there is n...

6CVSS5.2AI score0.00169EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2023/11/21 12:0 a.m.8 views

PT-2023-31584 · Zephyrproject Rtos +1 · Zephyr

Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned. Description: The issue might be related to a possible variant of a problem in the function le ecred reconf req. Recommendations: At the moment, there is no information about a newer version that...

9.8CVSS9.3AI score0.00751EPSS
Exploits1References3
Positive Technologies
Positive Technologies
added 2023/11/07 12:0 a.m.7 views

PT-2023-18480

Name of the Vulnerable Software and Affected Versions No specific software or versions are mentioned. Description The issue involves memory corruption in a multi-mode call processor when processing a bit mask API. Recommendations At the moment, there is no information about a newer version that...

9.8CVSS9.1AI score0.00353EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2023/08/09 12:0 a.m.3 views

PT-2023-35943 · Git +1 · Pcre2

Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided description. Description: The issue is related to a heap-buffer-overflow WRITE 4 crash type. The crash state involves functions such as get grouplength and get branchlength. No...

6.9AI score
Exploits0References2
Rows per page
Query Builder