Lucene search
K

332 matches found

EUVD
EUVD
added 2025/12/24 12:30 p.m.4 views

EUVD-2025-205162

In the Linux kernel, the following vulnerability has been resolved: wifi: ath12k: Fix memory leak in rxdesc and txdesc Currently when ath12kdpccdescinit is called we allocate memory to rxdescs and txdescs. In ath12kdpcccleanup, during descriptor cleanup rxdescs and txdescs memory is not freed. Th...

6AI score0.00156EPSS
Exploits0References3
EUVD
EUVD
added 2025/12/22 12:0 a.m.3 views

EUVD-2025-204734

Schlix CMS before v2.2.9-5 is vulnerable to Cross Site Scripting XSS. Due to lack of javascript sanitization in the login form, incorrect login attempts in logs are triggered as XSS in the admin panel...

6.1CVSS5.4AI score0.00158EPSS
Exploits0References3
EUVD
EUVD
added 2025/12/18 9:31 p.m.6 views

EUVD-2025-204329

A reflected cross-site scripting vulnerability in Kentico Xperience allows authenticated users to inject malicious scripts in the administration interface. Attackers can exploit this vulnerability to execute arbitrary scripts within the administrative context...

5.1CVSS6AI score0.00165EPSS
Exploits0References3
EUVD
EUVD
added 2025/12/18 9:31 p.m.5 views

EUVD-2025-204376

A flaw has been found in SourceCodester Client Database Management System 1.0. This affects an unknown part of the file /userleads.php of the component Leads Generation Module. Executing manipulation can lead to unrestricted upload. The attack can be launched remotely. The exploit has been...

6.5CVSS6.2AI score0.00299EPSS
Exploits1References7
EUVD
EUVD
added 2025/12/05 12:31 a.m.6 views

EUVD-2025-201314

A flaw has been found in youlaitech youlai-mall 1.0.0/2.0.0. Affected is the function getById/updateAddress/deleteAddress of the file /mall-ums/app-api/v1/addresses/. Executing manipulation can lead to improper control of dynamically-identified variables. The attack can be executed remotely. The...

6.5CVSS6.3AI score0.00415EPSS
Exploits1References8
Packet Storm
Packet Storm
added 2025/12/04 12:0 a.m.161 views

📄 Microsoft Windows 11 Build 10.0.27898.1000 AiRegistrySync Bypass / Privilege Escalation

Microsoft Windows 11 build 10.0.27898.1000 Metasploit module designed to achieve local privilege escalation on Windows 10/11 by targeting a vulnerability misconfiguration in the AiRegistrySync service...

6.9AI score
Exploits0
EUVD
EUVD
added 2025/12/03 6:30 p.m.5 views

EUVD-2025-200994

A potential security vulnerability has been identified in HP Image Assistant for versions prior to 5.3.3. The vulnerability could potentially allow a local attacker to escalate privileges via a race condition when installing packages...

5.4CVSS6.3AI score0.00072EPSS
Exploits0References2
EUVD
EUVD
added 2025/11/12 7:18 p.m.7 views

EUVD-2025-141092

Malicious code in kapvino-soafsi-vaidas npm...

6.6AI score
Exploits0
EUVD
EUVD
added 2025/11/12 12:0 a.m.5 views

EUVD-2025-131963

An issue was discovered in dvsekhvalnov jose2go 1.5.0 thru 1.7.0 allowing an attacker to cause a Denial-of-Service DoS via crafted JSON Web Encryption JWE token with an exceptionally high compression ratio...

6.3AI score0.00248EPSS
Exploits1References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.7 views

EUVD-2025-32214

Malicious code in bioql PyPI...

6.6AI score
Exploits0References1
OSV
OSV
added 2025/08/25 6:2 a.m.4 views

BELL-CVE-2025-38651

Bulletin has no description...

5.5CVSS6AI score0.00143EPSS
Exploits0References1
Patchstack
Patchstack
added 2025/08/20 12:0 a.m.13 views

WordPress Sala Theme <= 1.1.6 is vulnerable to Local File Inclusion

Software Sala Type Theme Vulnerable versions = 1.1.6 Fixed in 1.1.7 OWASP Top 10 A3: Injection Classification Local File Inclusion CVE CVE-2025-54709 Patch priority High CVSS severity High 8.1 Developer Claim ownership PSID 734caf3a58cf Credits Tran Nguyen Bao Khanh VCI - VNPT Cyber Immunity...

7.2AI score0.00413EPSS
Exploits0References1Affected Software1
OSV
OSV
added 2025/08/14 6:52 p.m.1 views

MAL-2025-41054 Malicious code in zoo-frontend-dependencies (npm)

The package zoo-frontend-dependencies was found to contain malicious code...

7.2AI score
Exploits0
CVE
CVE
added 2025/07/15 7:27 p.m.54 views

CVE-2025-50097

CVE-2025-50097 ties to MySQL Server (Encryption component). Affected: 8.0.0-8.0.42, 8.4.0-8.4.5, 9.0.0-9.3.0. Attack requires network access by high-privileged actor and can cause a hang or complete DOS of MySQL Server. IBM/Guardium advisory notes this CVE as addressed in an update for affected p...

4.9CVSS5.9AI score0.00468EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2025/07/15 7:27 p.m.37 views

CVE-2025-50070

CVE-2025-50070 affects Oracle Database Server JDBC: vulnerable in JDBC component for Oracle Database Server versions 23.4–23.8. Root cause as described is a vulnerability in JDBC that can enable a low-privileged, authenticated OS user with logon to the infrastructure where JDBC runs to access JDB...

5.3CVSS6AI score0.00118EPSS
Exploits0References1Affected Software1
Rapid7 Blog
Rapid7 Blog
added 2025/07/14 8:49 p.m.12 views

Metasploit Wrap-Up 07/11/2025

Active Directory LDAP Library This week Metasploit added a library for working with Active Directory Domain Controllers over LDAP. The library consolidates common functionality and implements a caching mechanism to support common operations such as looking up objects by their DN, sAMAccountName, ...

10CVSS9.1AI score0.95343EPSS
Exploits37
Circl
Circl
added 2025/04/09 3:47 p.m.7 views

CVE-2025-32374

creationtimestamp| type| source ---|---|--- 2025-04-09 15:47:31+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/11086...

7.5CVSS4.8AI score0.00378EPSS
Exploits0References1
Circl
Circl
added 2025/03/31 7:31 p.m.8 views

GHSA-358P-X39M-99MM

creationtimestamp| type| source ---|---|--- 2025-03-31 19:31:24+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/9757...

4.8AI score
Exploits0References1
Chainguard
Chainguard
added 2025/03/17 4:12 a.m.13 views

GHSA-7G95-JMG9-H524 vulnerabilities

Vulnerabilities for packages: jenkins...

7.5AI score
Exploits0
Circl
Circl
added 2025/02/25 6:22 p.m.5 views

GHSA-86CX-HCFC-8MM8

creationtimestamp| type| source ---|---|--- 2025-02-25 18:22:35+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/5341...

4.8AI score
Exploits0References1
Rows per page
Query Builder