Lucene search
K

21 matches found

Tenable Nessus
Tenable Nessus
added 2026/06/03 12:0 a.m.15 views

RockyLinux 9 : nginx:1.24 (RLSA-2026:19371)

The remote RockyLinux 9 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2026:19371 advisory. nginx: NGINX: Arbitrary Code Execution Vulnerability CVE-2026-42945 Tenable has extracted the preceding description block directly from the RockyLinux security...

9.2CVSS6.1AI score0.61469EPSS
Exploits40References3
Fedora
Fedora
added 2026/03/28 1:7 a.m.10 views

[SECURITY] Fedora 42 Update: htslib-1.23.1-1.fc42

HTSlib is an implementation of a unified C library for accessing common file formats, such as SAM, CRAM and VCF, used for high-throughput sequencing data, and is the core library used by samtools and bcftools...

8.8CVSS5.8AI score0.00373EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2026/03/05 12:0 a.m.3 views

AlmaLinux 9 : nginx:1.24 (ALSA-2026:3638)

The remote AlmaLinux 9 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2026:3638 advisory. nginx: NGINX: Data injection via man-in-the-middle attack on TLS proxied connections CVE-2026-1642 Tenable has extracted the preceding description block directly...

8.2CVSS6.1AI score0.00339EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/02/05 12:0 a.m.9 views

Edimax EW-7438RPn-v3 Mini 安全漏洞

The Edimax EW-7438RPn-v3 Mini is a mini wireless signal extender produced by Edimax of Taiwan, China. Version 1.27 of the Edimax EW-7438RPn-v3 Mini contains a security vulnerability. This vulnerability allows unverified attackers to access the /wizardreboot.asp page, potentially leading to the...

8.7CVSS5.8AI score0.00709EPSS
Exploits1References3
Cvelist
Cvelist
added 2025/12/30 10:47 a.m.25 views

CVE-2025-69025 WordPress Poptics plugin <= 1.0.20 - Sensitive Data Exposure vulnerability

Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in Aethonic Poptics poptics allows Retrieve Embedded Sensitive Data.This issue affects Poptics: from n/a through = 1.0.20...

4.3CVSS0.00176EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2025-31208

Malicious code in bioql PyPI...

6.4CVSS6.5AI score0.00239EPSS
Exploits0References7
Vulnrichment
Vulnrichment
added 2025/06/11 9:22 a.m.5 views

CVE-2025-4315 CubeWP – All-in-One Dynamic Content Framework <= 1.1.23 - Authenticated (Subscriber+) Privilege Escalation

The CubeWP – All-in-One Dynamic Content Framework plugin for WordPress is vulnerable to Privilege Escalation in all versions up to, and including, 1.1.23. This is due to the plugin allowing a user to update arbitrary user meta through the updateusermeta function. This makes it possible for...

8.8CVSS7AI score0.00447EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2025/05/22 11:4 p.m.5 views

CVE-2022-34593

DPTech VPN v8.1.28.0 was discovered to contain an arbitrary file read vulnerability...

7.5CVSS7.5AI score0.00648EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 3:41 p.m.7 views

CVE-2020-6622

stb stbtruetype.h through 1.22 has a heap-based buffer over-read in stbttbufpeek8...

8.8CVSS7AI score0.01446EPSS
Exploits1References1
CVE
CVE
added 2025/05/06 3:55 p.m.70 views

CVE-2025-22478

Dell Storage Center / Dell Storage Manager version 20.1.20 is affected by an XML External Entity (XXE) vulnerability caused by improper restriction of external entity references in XML processing. An unauthenticated attacker with adjacent network access could trigger information disclosure and da...

8.1CVSS8AI score0.00235EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2025/04/01 2:52 p.m.23 views

CVE-2025-31910 WordPress BookingPress plugin <= 1.1.28 - SQL Injection vulnerability

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in reputeinfosystems BookingPress bookingpress-appointment-booking allows SQL Injection.This issue affects BookingPress: from n/a through = 1.1.28...

7.6CVSS0.00351EPSS
Exploits0References1
CVE
CVE
added 2025/04/01 2:52 p.m.64 views

CVE-2025-31910

Technical details for CVE-2025-31910 are not provided in the Connected documents. The Initial Description notes a SQL Injection in BookingPress

7.6CVSS7.3AI score0.00351EPSS
Exploits0References1Affected Software1
OpenVAS
OpenVAS
added 2025/02/25 12:0 a.m.2 views

openSUSE Security Advisory (SUSE-SU-2024:1163-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.7CVSS8AI score0.00598EPSS
Exploits0References4
CNNVD
CNNVD
added 2025/02/07 12:0 a.m.3 views

WordPress plugin URL-Preview-Box 跨站请求伪造漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers running PHP and MySQL. WordPress plugin is an application plugin. A cross-site request forgery...

7.1CVSS8.7AI score0.00144EPSS
Exploits0References1
SUSE Linux
SUSE Linux
added 2025/02/03 8:50 a.m.7 views

Security update for unbound

This update for unbound fixes the following issues: Update to 1.20.0: Features: The config for discard-timeout, wait-limit, wait-limit-cookie, wait-limit-netblock and wait-limit-cookie-netblock was added, for the fix to the DNSBomb issue. Merge GH1027: Introduce 'cache-min-negative-ttl' option...

7.5CVSS7.3AI score0.99995EPSS
Exploits2References16
OSV
OSV
added 2023/05/09 4:15 p.m.2 views

UBUNTU-CVE-2023-30087

Buffer Overflow vulnerability found in Cesanta MJS v.1.26 allows a local attacker to cause a denial of service via the mjsmkstring function in mjs.c...

5.5CVSS5.7AI score0.00255EPSS
Exploits1References3
Positive Technologies
Positive Technologies
added 2023/04/04 12:0 a.m.6 views

PT-2023-8807

Name of the Vulnerable Software and Affected Versions: Go versions prior to 1.21 Description: The issue is related to the improper handling of backticks as Javascript string delimiters in templates, which can lead to the injection of arbitrary Javascript code into the Go template. This occurs whe...

10CVSS9.7AI score0.99999EPSS
Exploits35References358
CNVD
CNVD
added 2019/07/15 12:0 a.m.3 views

SAP BusinessObjects Business Intelligence Platform Cross-Site Scripting Vulnerability

SAP BusinessObjects Business Intelligence platform is a suite of bookstore intelligence software and enterprise performance solutions from SAP Germany. The product features report generation, analytics and data visualization. A cross-site scripting vulnerability in the SAP BusinessObjects Busines...

5.4CVSS6.7AI score0.00968EPSS
Exploits0References1
CNVD
CNVD
added 2019/03/29 12:0 a.m.2 views

Portainer has an unspecified vulnerability

Portainer is a lightweight user management interface for managing Docker environments and Docker hosts. A security vulnerability exists in Portainer versions prior to 1.20.0. An attacker can exploit the vulnerability to retrieve stored LDAP certificates...

9.8CVSS6.7AI score0.03721EPSS
Exploits1References1
CNVD
CNVD
added 2018/01/08 12:0 a.m.1 views

Denial of Service Vulnerability in INVT Studio

INVT Studio is a serial and Ethernet based inverter monitoring system. A denial of service vulnerability exists in INVT Studio version 1.20 due to a failure to follow the specification for code behavior at the INVT Studio import function. An attacker can exploit this vulnerability to cause a deni...

5.5CVSS7AI score0.00382EPSS
Exploits0
Rows per page
Query Builder