Lucene search
K

15095 matches found

Positive Technologies
Positive Technologies
added 2026/05/10 12:0 a.m.16 views

PT-2026-39489

uBidAuction 2.0.1 contains a reflected cross-site scripting vulnerability in the auctions/myAuctions/status/loose module. The date created, date from, date to, and created at parameters in the filter functionality are not properly sanitized, allowing remote attackers to inject malicious scripts v...

6.1CVSS5.7AI score0.00252EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2026/05/10 12:0 a.m.12 views

PT-2026-39488

uBidAuction 2.0.1 contains a reflected cross-site scripting vulnerability in the auctions/myAuctions/status/active module. The date created, date from, date to, and created at parameters in the filter functionality are not properly sanitized, allowing remote attackers to inject malicious scripts...

6.1CVSS5.7AI score0.00247EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2026/05/10 12:0 a.m.16 views

PT-2026-39493

uBidAuction 2.0.1 contains a reflected cross-site scripting vulnerability in the auctions/manage module. The date created, date from, date to, and created at parameters in the filter functionality are not properly sanitized, allowing remote attackers to inject malicious scripts via crafted GET...

6.1CVSS5.7AI score0.00252EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2026/05/10 12:0 a.m.9 views

PT-2026-39478

WordPress Plugin Videos sync PDF 1.7.4 contains a stored cross-site scripting vulnerability that allows authenticated attackers to inject malicious scripts by exploiting unsanitized nom, pdf, mp4, webm, and ogg parameters. Attackers can inject payloads like autofocus onfocus event handlers throug...

6.4CVSS5.9AI score0.00191EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/05/10 12:0 a.m.8 views

Linux Distros Unpatched Vulnerability : CVE-2026-45184

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Kdenlive before 26.04.1 allows dangerous proxy parameters when an attacker-controlled project file is used. CVE-2026-45184 Note that Nessus relies on the presen...

6.5CVSS5.5AI score0.00149EPSS
Exploits0References3
NVD
NVD
added 2026/05/09 11:16 p.m.16 views

CVE-2026-45184

Kdenlive before 26.04.1 allows dangerous proxy parameters when an attacker-controlled project file is used...

6.5CVSS0.00149EPSS
Exploits0References3
OSV
OSV
added 2026/05/09 11:16 p.m.6 views

DEBIAN-CVE-2026-45184

Kdenlive before 26.04.1 allows dangerous proxy parameters when an attacker-controlled project file is used...

6.5CVSS5.8AI score0.00149EPSS
Exploits0References1
UbuntuCve
UbuntuCve
added 2026/05/09 11:16 p.m.8 views

CVE-2026-45184

Kdenlive before 26.04.1 allows dangerous proxy parameters when an attacker-controlled project file is used...

6.5CVSS5.8AI score0.00149EPSS
Exploits0References6
OSV
OSV
added 2026/05/09 11:16 p.m.4 views

UBUNTU-CVE-2026-45184

Kdenlive before 26.04.1 allows dangerous proxy parameters when an attacker-controlled project file is used...

6.5CVSS5.8AI score0.00149EPSS
Exploits0References7
Cvelist
Cvelist
added 2026/05/09 10:25 p.m.34 views

CVE-2026-45184

Kdenlive before 26.04.1 allows dangerous proxy parameters when an attacker-controlled project file is used...

6.5CVSS0.00149EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2026/05/09 10:25 p.m.8 views

CVE-2026-45184

Kdenlive before 26.04.1 allows dangerous proxy parameters when an attacker-controlled project file is used...

6.5CVSS5.8AI score0.00149EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2026/05/09 10:25 p.m.6 views

CVE-2026-45184

Kdenlive before 26.04.1 allows dangerous proxy parameters when an attacker-controlled project file is used...

6.5CVSS5.8AI score0.00149EPSS
Exploits0References3
Debian CVE
Debian CVE
added 2026/05/09 10:25 p.m.6 views

CVE-2026-45184

Kdenlive before 26.04.1 allows dangerous proxy parameters when an attacker-controlled project file is used...

6.5CVSS5.8AI score0.00149EPSS
Exploits0
CVE
CVE
added 2026/05/09 10:25 p.m.28 views

CVE-2026-45184

Kdenlive has a vulnerability in versions prior to 26.04.1 where dangerous proxy parameters can be introduced via an attacker-controlled project file. The issue affects handling of proxies within the project file, with potential impacts to confidentiality and integrity (per CVSS: LOCAL, HIGH impac...

6.5CVSS5.8AI score0.00149EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2026/05/09 2:43 a.m.11 views

SUSE CVE-2026-39825

ReverseProxy can forward queries containing parameters not visible to Rewrite functions. When used with a Rewrite function, or a Director function which parses query parameters, ReverseProxy sanitizes the forwarded request to remove query parameters which are not parsed by url.ParseQuery...

5.3CVSS5.8AI score0.0039EPSS
Exploits0References14
SUSE CVE
SUSE CVE
added 2026/05/09 2:42 a.m.6 views

SUSE CVE-2026-43135

In the Linux kernel, the following vulnerability has been resolved: media: cx23885: Add missing unmap in sndcx23885hwparams In error path, add cx23885alsadmaunmap to release the resource acquired by cx23885alsadmamap...

5.5CVSS5.8AI score0.00123EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2026/05/09 2:21 a.m.11 views

CVE-2025-63704

NPM package query-parser-string 1.0.0 is vulnerable to Prototype Pollution. The package does not properly sanitize user supplied query parameters and merges them to the newly created object...

9.8CVSS5.8AI score0.00476EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/09 12:0 a.m.10 views

Wavlink NU516U1 命令注入漏洞

Wavlink NU516U1 is a wireless print server developed by Wavlink Corporation. The Wavlink NU516U1 M16U1V240425 version has a command injection vulnerability. This vulnerability stems from the direct passing of parameters pppusername/ppppasswd/rwanip/rwanmask/rwangateway through the wan function in...

8.8CVSS6.6AI score0.05344EPSS
Exploits1References1
CNNVD
CNNVD
added 2026/05/09 12:0 a.m.10 views

Kdenlive 安全漏洞

Kdenlive is a video editing software from the Kdenlive organization that supports multi-track editing with rich effects processing. A security vulnerability exists in Kdenlive versions prior to 26.04.1 that stems from allowing dangerous proxy parameters when using an attacker-controlled project...

6.5CVSS5.8AI score0.00149EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/05/09 12:0 a.m.10 views

PT-2026-39422

Name of the Vulnerable Software and Affected Versions Kdenlive versions prior to 26.04.1 Description An issue exists where the software allows the injection of dangerous proxy parameters when a project file controlled by an attacker is used. Recommendations Update to version 26.04.1...

6.5CVSS5.8AI score0.00149EPSS
Exploits0References7
Rows per page
Query Builder