Lucene search
K

383 matches found

Tenable Nessus
Tenable Nessus
added 2025/12/15 12:0 a.m.7 views

SUSE SLES15: libnss_slurm2 / libpmi0 / libslurm36 / perl-slurm / slurm / etc (SUSE-SU-2025:02779-1)

The remote SUSE Linux SLES15 host has packages installed that are affected by a vulnerability as referenced in the SUSE- SU-2025:02779-1 advisory. - CVE-2025-43904: an issue with permission handling for Coordinators within the accounting system allowed Coordinators to promote a user to...

4.2CVSS5.8AI score0.00218EPSS
Exploits0References4
EUVD
EUVD
added 2025/11/25 12:16 a.m.4 views

EUVD-2025-199495

Malicious code in @kvytech/medusa-plugin-promotion npm...

6.6AI score
Exploits0References4
Cvelist
Cvelist
added 2025/11/18 8:27 a.m.6 views

CVE-2025-11620 Multiple Roles per User <= 1.0 - Missing Authorization to Authenticated (Custom+) Privilege Escalation

The Multiple Roles per User plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'mrpuaddmultiplerolesui' and 'mrpusavemultipleuserroles' functions in all versions up to, and including, 1.0. This makes it possible for authenticated...

7.2CVSS0.00315EPSS
Exploits0References3
EUVD
EUVD
added 2025/11/18 8:27 a.m.4 views

EUVD-2025-197949

The Multiple Roles per User plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'mrpuaddmultiplerolesui' and 'mrpusavemultipleuserroles' functions in all versions up to, and including, 1.0. This makes it possible for authenticated...

7.2CVSS4.7AI score0.00315EPSS
Exploits0References4
Wordfence Blog
Wordfence Blog
added 2025/11/13 3:35 p.m.20 views

Wordfence Intelligence Weekly WordPress Vulnerability Report (November 3, 2025 to November 9, 2025)

Calling all Vulnerability Researchers and Bug Bounty Hunters! The LFInder Challenge:Refine your LFI hunting skills with an expanded scope. Now through November 24, 2025, all LFI vulnerabilities in software with at least 25 active installs are considered in-scope for all researchers, regardless of...

9.8CVSS9.6AI score0.75759EPSS
Exploits9
OSV
OSV
added 2025/11/12 8:46 p.m.1 views

MAL-2025-180757 Malicious code in teate-thy-sonic-nowef (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e6b8c079c9905441bf93f58dccc9a644e0414bbf14ba6101370bffecf50b95a8 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

6.8AI score
Exploits0
OSV
OSV
added 2025/11/12 11:15 a.m.7 views

UBUNTU-CVE-2025-40159

In the Linux kernel, the following vulnerability has been resolved: xsk: Harden userspace-supplied xdpdesc validation Turned out certain clearly invalid values passed in xdpdesc from userspace can pass xp,unalignedvalidatedesc and then lead to UBs or just invalid frames to be queued for xmit...

5.8AI score0.00164EPSS
Exploits0References20
CVE
CVE
added 2025/11/12 10:24 a.m.18 views

CVE-2025-40159

The CVE-2025-40159 entry concerns the Linux kernel XDP/AF_XDP path (xsk) where unsafely constructed xdp_desc values from userspace could bypass validation in xp_{,un}aligned_validate_desc() and cause overflows to queue invalid frames. Root cause details from the description: desc-&gt;len near U32...

6.3AI score0.00164EPSS
Exploits0References3
OSV
OSV
added 2025/11/11 10:56 p.m.2 views

MAL-2025-137315 Malicious code in tiara-ruwet6-sluey (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 526802fa15e31bbb9b3f643c9b6f31a9a8d738ee0a0cda8989cb790df485e5e4 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

6.8AI score
Exploits0
OSV
OSV
added 2025/11/11 4:25 a.m.2 views

MAL-2025-90733 Malicious code in sporting_caterpillar_z3n (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7589ca112338abf6bcad91da1db2dc3a319643686568bebf7a6ae71f82091cfa This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

6.8AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/11/10 4:5 a.m.2 views

Malicious code in budi-keripik37-breki (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 869eba999d57242086375394d84a012d11b7e7017cbe59020b81ad78f2073bb4 The package budi-keripik37-breki was found to contain malicious code. This package appears to be part of the tea.xyz token reward campaign that flood...

6.9AI score
Exploits0
Packet Storm News
Packet Storm News
added 2025/10/14 12:0 a.m.22 views

PromoGuardian: Detecting Promotion Abuse Fraud with Multi-Relation Fused Graph Neural Networks

As e-commerce platforms develop, fraudulent activities are increasingly emerging, posing significant threats to the security and stability of these platforms. Promotion abuse is one of the fastest-growing types of fraud in recent years and is characterized by users exploiting promotional activiti...

6.8AI score
Exploits0
Schneier on Security
Schneier on Security
added 2025/10/13 4:36 p.m.3 views

Rewiring Democracy is Coming Soon

My latest book, Rewiring Democracy: How AI Will Transform Our Politics, Government, and Citizenship , will be published in just over a week. No reviews yet, but you can read chapters 12 and 34 of 43 chapters total. You can order the book pretty much everywhere, and a copy signed by me here. Pleas...

6.8AI score
Exploits0
Packet Storm News
Packet Storm News
added 2025/10/08 12:0 a.m.7 views

Are LLMs Reliable Rankers? Rank Manipulation Via Two-Stage Token Optimization

Large language models LLMs are increasingly used as rerankers in information retrieval, yet their ranking behavior can be steered by small, natural-sounding prompts. To expose this vulnerability, we present Rank Anything First RAF, a two-stage token optimization method that crafts concise textual...

7AI score
Exploits0
EUVD
EUVD
added 2025/10/07 12:30 a.m.7 views

EUVD-2020-29948

Malware in sbrugna...

6.2CVSS6.4AI score0.00224EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2020-6868

Malware in sbrugna...

3.5CVSS5.9AI score0.0083EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2007-6609

Malware in sbrugna...

6.5CVSS6.3AI score0.0195EPSS
Exploits1References7
EUVD
EUVD
added 2025/10/07 12:30 a.m.3 views

EUVD-2014-8505

Malware in sbrugna...

10CVSS6.4AI score0.05481EPSS
Exploits0References4
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2021-10345

Malware in sbrugna...

7.5CVSS7.5AI score0.00933EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2022-3446

Malicious code in bioql PyPI...

4.3CVSS4.9AI score0.00642EPSS
Exploits0References2
Rows per page
Query Builder