Lucene search
K

397 matches found

RedhatCVE
RedhatCVE
added 2025/10/10 4:26 a.m.3 views

CVE-2025-6038

The Lisfinity Core - Lisfinity Core plugin used for pebas® Lisfinity WordPress theme plugin for WordPress is vulnerable to privilege escalation via password update in all versions up to, and including, 1.4.0. This is due to the plugin not properly validating a user's identity prior to updating...

8.8CVSS6.4AI score0.00293EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2007-2469

Malware in sbrugna...

10CVSS6.4AI score0.02347EPSS
Exploits0References7
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2015-6038

Malware in sbrugna...

4.9CVSS6.2AI score0.04001EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2013-3206

Malware in sbrugna...

6.8CVSS6.4AI score0.00643EPSS
Exploits0References6
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2008-7242

Malware in sbrugna...

4CVSS6.4AI score0.00883EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2020-30095

Malware in sbrugna...

6.5CVSS6.5AI score0.0052EPSS
Exploits1References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.7 views

EUVD-2025-10872

Malicious code in bioql PyPI...

8.8CVSS9.2AI score0.0106EPSS
Exploits0References4
EUVD
EUVD
added 2025/10/03 8:7 p.m.3 views

EUVD-2025-31655

Malicious code in bioql PyPI...

6.7CVSS6.5AI score0.00307EPSS
Exploits1References3
EUVD
EUVD
added 2025/10/03 8:7 p.m.28 views

EUVD-2025-27262

Malicious code in bioql PyPI...

6.3CVSS6.4AI score0.00275EPSS
Exploits1References4
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2025-25601

Malicious code in bioql PyPI...

6.5CVSS6.6AI score0.002EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/09/30 12:0 a.m.3 views

Polska Akademia Dostępności CMS 安全漏洞

Polska Akademia Dostępności CMS is an accessible web content management system from Polska Akademia Dostępności, Poland. A security vulnerability exists in Polska Akademia Dostępności CMS that stems from improper initialization of password recovery parameters, which could lead to arbitrary user...

10CVSS6.6AI score0.00583EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/09/22 12:0 a.m.3 views

CubeCart 安全漏洞

CubeCart is an e-commerce software from CubeCart Open Source. A security vulnerability exists in CubeCart versions prior to 6.5.11, which stems from a password change that does not automatically expire the session, which could cause an unauthorized user to maintain access...

7.1CVSS6.7AI score0.0019EPSS
Exploits1References3
RedhatCVE
RedhatCVE
added 2025/09/10 9:17 p.m.8 views

CVE-2025-57766

Fides is an open-source privacy engineering platform. Prior to version 2.69.1, admin UI user password changes in Fides do not invalidate active user sessions, creating a vulnerability chaining opportunity where attackers who have obtained session tokens through other attack vectors such as XSS ca...

6.3CVSS6.8AI score0.00275EPSS
Exploits1References1
Tenable Nessus
Tenable Nessus
added 2025/09/10 12:0 a.m.6 views

Linux Distros Unpatched Vulnerability : CVE-2016-7038

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In Moodle 2.x and 3.x, web service tokens are not invalidated when the user password is changed or forced to be changed. CVE-2016-7038 Note that Nessus relies o...

7.3CVSS7.2AI score0.00972EPSS
Exploits0References2
CVE
CVE
added 2025/09/08 6:23 p.m.31 views

CVE-2025-9114

CVE-2025-9114 affects the Doccure WordPress theme. Versions up to and including 1.4.8 are vulnerable due to user-controlled access to objects that bypasses authorization, enabling unauthenticated attackers to change user passwords and potentially take over administrator accounts. The issue has a ...

9.8CVSS5.9AI score0.0037EPSS
Exploits0References2
CNNVD
CNNVD
added 2025/09/08 12:0 a.m.2 views

WordPress plugin Doccure 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security...

9.8CVSS6.7AI score0.0037EPSS
Exploits0References3
NVD
NVD
added 2025/08/26 5:15 a.m.4 views

CVE-2025-5931

The Dokan Pro plugin for WordPress is vulnerable to privilege escalation via account takeover in all versions up to, and including, 4.0.5. This is due to the plugin not properly validating a user's identity prior to updating their password during a staff password reset. This makes it possible for...

8.8CVSS0.00414EPSS
Exploits0References2
Cvelist
Cvelist
added 2025/08/26 5:7 a.m.7 views

CVE-2025-5931 Dokan Pro <= 4.0.5 - Authenticated (Vendor+) Privilege Escalation

The Dokan Pro plugin for WordPress is vulnerable to privilege escalation via account takeover in all versions up to, and including, 4.0.5. This is due to the plugin not properly validating a user's identity prior to updating their password during a staff password reset. This makes it possible for...

8.8CVSS0.00414EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/08/25 12:0 a.m.3 views

Linux Distros Unpatched Vulnerability : CVE-2019-3467

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Debian-edu-config all versions 2.11.10, a set of configuration files used for Debian Edu, and debian- lan-config 0.26, configured too permissive ACLs for the...

7.8CVSS7.3AI score0.00503EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2025/08/25 12:0 a.m.4 views

Linux Distros Unpatched Vulnerability : CVE-2016-10206

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Cross-site request forgery CSRF vulnerability in Zoneminder 1.30 and earlier allows remote attackers to hijack the authentication of users for requests that...

8.8CVSS8.1AI score0.0069EPSS
Exploits1References2
Rows per page
Query Builder