Lucene search
K

1572 matches found

CNNVD
CNNVD
added 2026/01/28 12:0 a.m.8 views

WordPress Plugin: Bitcoin Donation Button – Cross-Site Request Forgery Vulnerability

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...

4.3CVSS5.7AI score0.00124EPSS
Exploits0References4
CNNVD
CNNVD
added 2026/01/24 12:0 a.m.7 views

WordPress plugin ZT Captcha has a cross-site request forgeing vulnerability

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...

4.3CVSS5.7AI score0.00191EPSS
Exploits0References4
CNNVD
CNNVD
added 2026/01/24 12:0 a.m.8 views

WordPress plugin “Set Bulk Post Categories” has a cross-site request forgeing vulnerability

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. Versions...

4.3CVSS5.7AI score0.00155EPSS
Exploits0References4
CNNVD
CNNVD
added 2026/01/24 12:0 a.m.9 views

WordPress plugin Simple Crypto Shortcodes has a cross-site request forgeing vulnerability

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...

4.3CVSS5.7AI score0.00155EPSS
Exploits0References4
CNVD
CNVD
added 2026/01/19 12:0 a.m.4 views

WordPress Sosh Share Buttons plugin cross-site request forgery vulnerability

WordPress Sosh Share Buttons plugin is a social media sharing plugin for WordPress websites. WordPress Sosh Share Buttons plugin suffers from a cross-site request forgery vulnerability that stems from a lack of random number validation in the adminpagecontent function, no details of the...

4.3CVSS5.8AI score0.0014EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2026/01/16 12:0 a.m.5 views

MiracleLinux 3 : drupal-6.30-1.AXS3 (AXSA:2014-234:01)

The remote MiracleLinux 3 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2014-234:01 advisory. Drupal is a free software package that allows an individual or a community of users to easily publish, manage and organize a wide variety of content ...

7.5CVSS6.7AI score0.03072EPSS
Exploits0References4
CNNVD
CNNVD
added 2026/01/14 12:0 a.m.4 views

WordPress plugin Sosh Share Buttons 跨站请求伪造漏洞

WordPress Sosh Share Buttons plugin is a social media sharing plugin for WordPress websites. WordPress Sosh Share Buttons plugin suffers from a cross-site request forgery vulnerability that stems from a lack of random number validation in the adminpagecontent function, no details of the...

4.3CVSS5.7AI score0.0014EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/01/14 12:0 a.m.8 views

WordPress plugin WPBlogSyn 跨站请求伪造漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A cross-site request...

4.3CVSS6.4AI score0.00102EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/01/14 12:0 a.m.4 views

WordPress plugin Stopwords for comments 跨站请求伪造漏洞

The WordPress Stopwords for comments plugin is a pre-screening tool designed to help webmasters filter out user comments that contain certain banned words i.e. "stopwords". comments. The WordPress Stopwords for comments plugin suffers from a cross-site request forgery vulnerability that stems fro...

4.3CVSS5.7AI score0.00102EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/01/14 12:0 a.m.7 views

WordPress plugin SocialChamp with WordPress 跨站请求伪造漏洞

WordPress SocialChamp with WordPress plugin is a plugin called SocialChamp which focuses on social media automation management. WordPress SocialChamp with WordPress plugin suffers from a cross-site request forgery vulnerability that stems from a lack of random number validation in the...

4.3CVSS5.7AI score0.00124EPSS
Exploits0References3
Github Security Blog
Github Security Blog
added 2026/01/13 2:55 p.m.11 views

Jervis Has Weak Random for Timing Attack Mitigation

Vulnerability https://github.com/samrocketman/jervis/blob/157d2b63ffa5c4bb1d8ee2254950fd2231de2b05/src/main/groovy/net/gleske/jervis/tools/SecurityIO.groovyL593-L594 Uses java.util.Random which is not cryptographically secure. Impact If an attacker can predict the random delays, they may still be...

8.2CVSS6.9AI score0.00231EPSS
Exploits0References6Affected Software1
Packet Storm News
Packet Storm News
added 2026/01/13 12:0 a.m.5 views

On-Chip Semi-Device-Independent Quantum Random Number Generator Exploiting Contextuality

We present a semi-device-independent quantum random number generator QRNG based on the violation of a contextuality inequality, implemented by the integration of two silicon photonic chips. Our system combines a heralded single-photon source with a reconfigurable interferometric mesh to implement...

6.8AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2026/01/13 12:0 a.m.3 views

MiracleLinux 9 : bind-9.16.23-31.el9_6.2 (AXSA:2025-11077:11)

The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2025-11077:11 advisory. Prevent cache poisoning due to weak PRNG CVE-2025-40780 Address various spoofing attacks CVE-2025-40778 CVE-2025-40778 Under certain circumstances,...

8.6CVSS6.5AI score0.00509EPSS
Exploits1References3
RedhatCVE
RedhatCVE
added 2026/01/09 10:58 a.m.8 views

CVE-2025-40916

Mojolicious::Plugin::CaptchaPNG version 1.05 for Perl uses a weak random number source for generating the captcha. That version uses the built-in rand function for generating the captcha text as well as image noise, which is insecure...

9.1CVSS9.3AI score0.00332EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 10:58 a.m.5 views

CVE-2025-40915

Mojolicious::Plugin::CSRF 1.03 for Perl uses a weak random number source for generating CSRF tokens. That version of the module generates tokens as an MD5 of the process id, the current time, and a single call to the built-in rand function...

7CVSS6.9AI score0.00242EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 10:10 a.m.6 views

CVE-2019-11808

Ratpack versions before 1.6.1 generate a session ID using a cryptographically weak PRNG in the JDK's ThreadLocalRandom. This means that if an attacker can determine a small window for the server start time and obtain a session ID value, they can theoretically determine the sequence of session IDs...

4.3CVSS6.8AI score0.01315EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 10:9 a.m.9 views

CVE-2019-11842

An issue was discovered in Matrix Sydent before 1.0.3 and Synapse before 0.99.3.1. Random number generation is mishandled, which makes it easier for attackers to predict a Sydent authentication token or a Synapse random ID...

7.5CVSS6.9AI score0.0178EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/01/09 12:0 a.m.5 views

WordPress plugin Clearfy Cache 跨站请求伪造漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A cross-site request...

4.3CVSS6.4AI score0.00124EPSS
Exploits0References4
CNNVD
CNNVD
added 2026/01/09 12:0 a.m.4 views

WordPress plugin Booking Calendar 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A security vulnerabili...

5.3CVSS6.2AI score0.00337EPSS
Exploits0References7
RedhatCVE
RedhatCVE
added 2026/01/07 9:35 a.m.6 views

CVE-2019-7860

A cryptographically weak pseudo-rando number generator is used in multiple security relevant contexts in Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9, Magento 2.3 prior to 2.3.2...

7.5CVSS6.8AI score0.01186EPSS
Exploits0References1
Rows per page
Query Builder