Lucene search
K

259 matches found

CNNVD
CNNVD
added 2026/05/12 12:0 a.m.13 views

Kura Sushi Official App 信任管理问题漏洞

Kura Sushi Official App is a mobile reservation and membership service app for Kura Sushi restaurants across Japan. The app has vulnerabilities related to trust management, stemming from improper certificate verification. These vulnerabilities may allow for interception by intermediaries or the...

9.1CVSS7.1AI score0.0016EPSS
Exploits0References1
Malwarebytes
Malwarebytes
added 2026/02/27 11:29 a.m.11 views

Inside a fake Google security check that becomes a browser RAT

A website styled to resemble a Google Account security page is distributing what may be one of the most fully featured browser-based surveillance toolkits we have observed in the wild. Disguised as a routine security checkup, it walks victims through a four-step flow that grants the attacker push...

6.3AI score
Exploits0
RedhatCVE
RedhatCVE
added 2026/02/05 1:22 p.m.6 views

CVE-2026-0816

The All push notification for WP plugin for WordPress is vulnerable to time-based SQL Injection via the 'deleteid' parameter in all versions up to, and including, 1.5.3 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This...

4.9CVSS5.8AI score0.00339EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/02/04 8:25 a.m.2 views

CVE-2026-0816 All push notification for WP <= 1.5.3 - Authenticated (Administrator+) SQL Injection via 'delete_id' Parameter

The All push notification for WP plugin for WordPress is vulnerable to time-based SQL Injection via the 'deleteid' parameter in all versions up to, and including, 1.5.3 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This...

4.9CVSS5.8AI score0.00339EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2026/02/04 8:25 a.m.3 views

CVE-2026-0816

The All push notification for WP plugin for WordPress is vulnerable to time-based SQL Injection via the 'deleteid' parameter in all versions up to, and including, 1.5.3 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This...

4.9CVSS5.8AI score0.00339EPSS
Exploits0References4
Cvelist
Cvelist
added 2026/02/04 8:25 a.m.28 views

CVE-2026-0816 All push notification for WP <= 1.5.3 - Authenticated (Administrator+) SQL Injection via 'delete_id' Parameter

The All push notification for WP plugin for WordPress is vulnerable to time-based SQL Injection via the 'deleteid' parameter in all versions up to, and including, 1.5.3 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This...

4.9CVSS0.00339EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/02/04 12:0 a.m.4 views

PT-2026-6022

Name of the Vulnerable Software and Affected Versions All push notification for WP versions up to and including 1.5.3 Description The All push notification for WP plugin for WordPress is susceptible to time-based SQL Injection via the delete id parameter. This is due to inadequate escaping of...

4.9CVSS5.8AI score0.00339EPSS
Exploits0References5
CVE
CVE
added 2026/01/22 1:55 a.m.17 views

CVE-2026-23964

Mastodon vendor: Mastodon server (ActivityPub). Vulnerability CVE-2026-23964 is an insecure direct object reference in the web push subscription update endpoint affecting versions &lt; 4.5.5, &lt; 4.4.12, and

6.5CVSS5.6AI score0.00195EPSS
Exploits0References4Affected Software1
RedhatCVE
RedhatCVE
added 2026/01/09 9:18 a.m.6 views

CVE-2025-23771

Missing Authorization vulnerability in Murali Push Notification for Post and BuddyPress push-notification-for-post-and-buddypress allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Push Notification for Post and BuddyPress: from n/a through = 2.11...

6.5CVSS7.2AI score0.00373EPSS
Exploits0References1
Patchstack
Patchstack
added 2025/12/31 12:0 a.m.6 views

WordPress Push Notification for Post and BuddyPress plugin <= 2.07 - Reflected Cross-Site Scripting vulnerability

Reflected Cross-Site Scripting vulnerability discovered by vgo0 in WordPress Plugin Push Notification for Post and BuddyPress versions = 2.07...

6.1CVSS5.5AI score0.00342EPSS
Exploits0References1Affected Software1
RedhatCVE
RedhatCVE
added 2025/10/15 5:44 p.m.4 views

CVE-2025-59209

Exposure of sensitive information to an unauthorized actor in Windows Push Notification Core allows an authorized attacker to disclose information locally...

5.5CVSS6.5AI score0.00426EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/14 6:30 p.m.6 views

EUVD-2025-34291

Exposure of sensitive information to an unauthorized actor in Windows Push Notification Core allows an authorized attacker to disclose information locally...

5.5CVSS8.8AI score0.00426EPSS
Exploits0References2
OSV
OSV
added 2025/10/14 5:16 p.m.4 views

CVE-2025-59211

Exposure of sensitive information to an unauthorized actor in Windows Push Notification Core allows an authorized attacker to disclose information locally...

5.5CVSS5.7AI score0.00554EPSS
Exploits0References1
NVD
NVD
added 2025/10/14 5:16 p.m.3 views

CVE-2025-59209

Exposure of sensitive information to an unauthorized actor in Windows Push Notification Core allows an authorized attacker to disclose information locally...

5.5CVSS0.00426EPSS
Exploits0References1
CVE
CVE
added 2025/10/14 5:1 p.m.27 views

CVE-2025-59209

CVE-2025-59209 is listed by NCSC as a vulnerability in Windows Push Notification Core that can lead to unauthorized disclosure of sensitive data locally. The advisory table assigns it a base impact of access to sensitive data (CVSS-like 5.5) with local attack vector. No specific patch/version rem...

5.5CVSS6.1AI score0.00426EPSS
Exploits0References1Affected Software15
Vulnrichment
Vulnrichment
added 2025/10/14 5:1 p.m.3 views

CVE-2025-59209 Windows Push Notification Information Disclosure Vulnerability

...

5.5CVSS6.6AI score0.00426EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/10/14 5:1 p.m.5 views

CVE-2025-59209 Windows Push Notification Information Disclosure Vulnerability

...

5.5CVSS0.00426EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/10/14 5:0 p.m.2 views

CVE-2025-59211 Windows Push Notification Information Disclosure Vulnerability

...

5.5CVSS9.1AI score0.00554EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/10/14 5:0 p.m.6 views

CVE-2025-59211 Windows Push Notification Information Disclosure Vulnerability

...

5.5CVSS0.00554EPSS
Exploits0References1
CVE
CVE
added 2025/10/14 5:0 p.m.462 views

CVE-2025-59211

CVE-2025-59211 concerns exposure of sensitive information to an unauthorized actor in Windows Push Notification Core, enabling an attacker with local access to disclose information. The initial entry identifies a local attack vector with a medium base score (CVSS 3.1: AV=L, AC=L, PR=L, UI=N, S=U,...

5.5CVSS6.1AI score0.00554EPSS
Exploits0References1Affected Software15
Rows per page
Query Builder