Lucene search
K

2988 matches found

Nuclei
Nuclei
added 18 hours ago12 views

WordPress Simple Job Board - Unauthorized Data Access

The Simple Job Board plugin for WordPress is vulnerable to unauthorized data access due to insufficient authorization checking in the fetchquickjob function in all versions up to and including 2.10.8. This makes it possible for unauthenticated attackers to fetch arbitrary posts, which can be...

5.3CVSS6.7AI score0.00909EPSS
Exploits0References3
Nuclei
Nuclei
added 18 hours ago47 views

Quick Event Manager < 9.7.5 - Cross-Site Scripting

The Quick Event Manager WordPress Plugin, version 9.7.5, is affected by a reflected cross-site scripting vulnerability in the 'category' parameter of its 'qemajaxcalendar' action. id: CVE-2023-23491 info: name: Quick Event Manager 9.7.5 - Cross-Site Scripting author: ritikchaddha severity: medium...

6.1CVSS6.4AI score0.01179EPSS
Exploits2References4
EUVD
EUVD
added 2026/07/08 8:24 p.m.11 views

EUVD-2026-36117

Sharp Missing Authorization Check in Quick Creation Command Endpoints...

4.3CVSS5.9AI score0.00213EPSS
Exploits0References5
Chainguard
Chainguard
added 2026/07/08 2:17 a.m.10 views

GHSA-GVRM-XH5G-W8V6 vulnerabilities

Vulnerabilities for packages: linux-vmware, linux-azure, linux-qemu, linux-qemu-melange, linux-gcp, linux-aws...

6.1AI score
Exploits0
Chainguard
Chainguard
added 2026/07/08 2:17 a.m.8 views

GHSA-CM56-MVX6-66QM vulnerabilities

Vulnerabilities for packages: linux-vmware, linux-azure, linux-qemu, linux-qemu-melange, linux-gcp, linux-aws...

6.1AI score
Exploits0
Chainguard
Chainguard
added 2026/07/08 2:17 a.m.8 views

GHSA-QHPR-79XW-32M8 vulnerabilities

Vulnerabilities for packages: linux-vmware, linux-azure, linux-qemu, linux-qemu-melange, linux-gcp, linux-aws...

6.1AI score
Exploits0
Fedora
Fedora
added 2026/07/06 3:10 p.m.18 views

[SECURITY] Fedora 43 Update: rust-quick-xml-0.41.0-1.fc43

High performance xml reader and writer...

5.9AI score
Exploits0
Fedora
Fedora
added 2026/07/06 2:55 p.m.19 views

[SECURITY] Fedora 44 Update: rust-quick-xml-0.41.0-1.fc44

High performance xml reader and writer...

5.9AI score
Exploits0
RedHat Linux
RedHat Linux
added 2026/07/02 3:43 p.m.3 views

curl: libcurl: curl/libcurl: Remote denial of service via QUIC UDP receive function vulnerability

A flaw was found in curl and libcurl. A malicious HTTP/3 server can exploit an issue in the QUIC UDP receive function by continuously streaming empty UDP datagrams. This can lead to a remote denial of service DoS against a curl or libcurl client, as the helper function discards zero-length UDP...

7.5CVSS6.1AI score0.0101EPSS
Exploits1References7
NVD
NVD
added 2026/06/26 3:16 p.m.6 views

CVE-2026-56039

Unauthenticated Cross Site Scripting XSS in Quick Interest Slider = 3.1.6 versions...

7.1CVSS0.0018EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/26 2:52 p.m.6 views

EUVD-2026-39701

Unauthenticated Cross Site Scripting XSS in Quick Interest Slider = 3.1.6 versions...

7.1CVSS5.8AI score0.0018EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/26 2:52 p.m.33 views

CVE-2026-56039 WordPress Quick Interest Slider plugin <= 3.1.6 - Reflected Cross Site Scripting (XSS) vulnerability

Unauthenticated Cross Site Scripting XSS in Quick Interest Slider = 3.1.6 versions...

7.1CVSS0.0018EPSS
Exploits0References1
CVE
CVE
added 2026/06/26 2:52 p.m.12 views

CVE-2026-56039

The provided connected sources confirm a vulnerability in the WordPress Quick Interest Slider plugin, version

7.1CVSS5.8AI score0.0018EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/25 1:12 p.m.7 views

EUVD-2026-39378

Customer Broken Access Control in UPI QR Code Payment Gateway for WooCommerce = 1.6.2 versions...

5.4CVSS5.9AI score0.00203EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.3 views

Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: net/sched: schqfq: Fixed a NULL dereference when deactivating an inactive aggregate in qfqreset. qfqclass-leafqdisc-q.qlen 0 does not imply that the class itself is active. Two qfqclass objects may point to the same leafqdisc. Th...

5.5CVSS5.9AI score0.00118EPSS
Exploits0References3
Patchstack
Patchstack
added 2026/06/24 2:37 p.m.6 views

WordPress Quick Interest Slider plugin <= 3.1.6 - Reflected Cross Site Scripting (XSS) vulnerability

Reflected Cross Site Scripting XSS vulnerability discovered by hivesec in WordPress Plugin Quick Interest Slider versions = 3.1.6...

7.1CVSS5.8AI score0.0018EPSS
Exploits0Affected Software1
EUVD
EUVD
added 2026/06/19 4:23 p.m.34 views

EUVD-2026-38043

A flaw was found in QEMU. When reading input audio in the virtio-snd device input callback, the virtiosndpcmincb function did not check whether the iov could fit the data buffer, potentially leading to a heap out-of-bounds write. This issue exists due to an incomplete fix for CVE-2024-7730...

7.8CVSS7AI score0.00273EPSS
Exploits0References2
CVE
CVE
added 2026/06/15 9:57 a.m.32 views

CVE-2026-11860

CVE-2026-11860 affects Quick.CMS. The issue is insecure deserialization of user-controlled data over plaintext HTTP, allowing an attacker to tamper serialized payloads and trigger gadget chains that enable arbitrary code execution when an administrator accesses the admin panel. The root cause is ...

7.5CVSS6.3AI score0.00235EPSS
Exploits0References2
EUVD
EUVD
added 2026/06/15 9:57 a.m.14 views

EUVD-2026-36703

Quick.CMS deserializes user-controlled data received over plaintext HTTP without ensuring integrity or authenticity. This allows attackers to tamper with serialized payloads in transit and inject malicious objects. Because deserialization is performed without proper validation or class...

7.5CVSS6.2AI score0.00235EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/06/15 9:57 a.m.11 views

CVE-2026-11860 Insecure Deserialisation via Plaintext HTTP leading to Remote Code Execution in Quick.CMS

Quick.CMS deserializes user-controlled data received over plaintext HTTP without ensuring integrity or authenticity. This allows attackers to tamper with serialized payloads in transit and inject malicious objects. Because deserialization is performed without proper validation or class...

7.5CVSS6.2AI score0.00235EPSS
Exploits0References2
Rows per page
Query Builder