Lucene search
K

214 matches found

EUVD
EUVD
added 2026/01/22 4:52 p.m.4 views

EUVD-2026-3872

Server-Side Request Forgery SSRF vulnerability in SmartDataSoft Electrician - Electrical Service WordPress electrician allows Server Side Request Forgery.This issue affects Electrician - Electrical Service WordPress: from n/a through = 5.6...

5.4AI score0.00171EPSS
Exploits0References2
EUVD
EUVD
added 2026/01/22 4:52 p.m.4 views

EUVD-2026-3977

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in jegtheme JNews - Pay Writer jnews-pay-writer allows PHP Local File Inclusion.This issue affects JNews - Pay Writer: from n/a through = 11.0.0...

5.5AI score0.00397EPSS
Exploits0References2
EUVD
EUVD
added 2026/01/22 4:51 p.m.5 views

EUVD-2026-4098

Unrestricted Upload of File with Dangerous Type vulnerability in blazethemes Blogmatic blogmatic.This issue affects Blogmatic: from n/a through = 1.0.3...

5.4AI score0.00483EPSS
Exploits0References2
EUVD
EUVD
added 2026/01/22 4:51 p.m.5 views

EUVD-2026-4106

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in SEOSEON EUROPE S.L Affiliate Link Tracker affiliate-link-tracker allows Stored XSS.This issue affects Affiliate Link Tracker: from n/a through = 0.2...

5.4AI score0.00252EPSS
Exploits0References2
EUVD
EUVD
added 2026/01/22 1:34 p.m.5 views

EUVD-2026-4151

GitLab has remediated an issue in GitLab CE/EE affecting all versions from 11.9 before 18.6.4, 18.7 before 18.7.2, and 18.8 before 18.8.2 that could have allowed an unauthenticated user to create a denial of service condition by sending crafted requests with malformed authentication data...

7.5CVSS5.5AI score0.00846EPSS
Exploits0References5
EUVD
EUVD
added 2026/01/22 11:57 a.m.5 views

EUVD-2026-4165

Quick.Cart is vulnerable to Local File Inclusion and Path Traversal issues in the theme selection mechanism. Quick.Cart allows a privileged user to upload arbitrary file contents while only validating the filename extension. This allows an attacker to include and execute uploaded PHP code,...

9.4CVSS6.2AI score0.00731EPSS
Exploits0References3
CVE
CVE
added 2026/01/20 9:56 p.m.18 views

CVE-2026-21966

Consolidated details for CVE-2026-21966 show an easily exploitable vulnerability in Oracle Hospitality OPERA 5 Property Services (component: Opera) affecting versions 5.6.19.23–5.6.27.4. The issue allows an unauthenticated attacker with network access via HTTP to compromise the service, with huma...

6.1CVSS5.5AI score0.00174EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2026/01/20 9:56 p.m.16 views

CVE-2026-21956

...

8.2CVSS0.00264EPSS
Exploits0References1
EUVD
EUVD
added 2026/01/20 2:50 p.m.4 views

EUVD-2026-3398

A reflected cross-site scripting xss vulnerability exists in the emailfailedjob functionality of MedDream PACS Premium 7.3.6.870. A specially crafted malicious url can lead to arbitrary javascript code execution. An attacker can provide a crafted URL to trigger this vulnerability...

6.1CVSS5.6AI score0.00286EPSS
Exploits1References3
EUVD
EUVD
added 2026/01/20 2:49 p.m.7 views

EUVD-2026-3415

Multiple reflected cross-site scripting xss vulnerabilities exist in the config.php functionality of MedDream PACS Premium 7.3.6.870. Specially crafted malicious URLs can lead to arbitrary javascript code execution. An attacker can provide a crafted URL to trigger these vulnerabilities.This...

6.1CVSS5.6AI score0.00229EPSS
Exploits1References2
EUVD
EUVD
added 2026/01/20 2:26 p.m.7 views

EUVD-2026-3423

The Creator LMS – The LMS for Creators, Coaches, and Trainers plugin for WordPress is vulnerable to unauthorized modification of data that can lead to privilege escalation due to a missing capability check in the getitemspermissionscheck function in all versions up to, and including, 1.1.12. This...

8.8CVSS5.7AI score0.00271EPSS
Exploits0References3
EUVD
EUVD
added 2026/01/19 10:32 a.m.4 views

EUVD-2026-3227

A security flaw has been discovered in Totolink LR350 9.3.5u.6369B20220309. Impacted is the function setTracerouteCfg of the file /cgi-bin/cstecgi.cgi of the component POST Request Handler. The manipulation of the argument command results in command injection. The attack can be launched remotely...

6.5CVSS5.4AI score0.0235EPSS
Exploits1References7
EUVD
EUVD
added 2026/01/18 12:31 a.m.6 views

EUVD-2026-3192

EUVD-2026-3192...

7.5CVSS6.4AI score0.0044EPSS
Exploits1References5
EUVD
EUVD
added 2026/01/16 12:30 a.m.5 views

EUVD-2026-3020

EUVD-2026-3020...

8.8CVSS6.4AI score0.00531EPSS
Exploits1References5
EUVD
EUVD
added 2026/01/15 1:15 p.m.5 views

EUVD-2026-2793

Certain error messages returned by the application expose internal system details that should not be visible to end users, providing attackers with valuable reconnaissance information like file paths, database errors, or software versions that can be used to map the application's internal structu...

4.3CVSS6.4AI score0.00371EPSS
Exploits0References7
EUVD
EUVD
added 2026/01/15 6:31 a.m.2 views

EUVD-2026-2837

Not used...

6.4AI score
Exploits0References1
EUVD
EUVD
added 2026/01/14 3:7 p.m.4 views

EUVD-2026-2472

In the Linux kernel, the following vulnerability has been resolved: kernel/kexec: fix IMA when allocation happens in CMA area Bug description When I tested kexec with the latest kernel, I ran into the following warning: 40.712410 ------------ cut here ------------ 40.712576 WARNING: CPU: 2 PID:...

6AI score0.00102EPSS
Exploits0References3
EUVD
EUVD
added 2026/01/14 3:5 p.m.4 views

EUVD-2026-2507

In the Linux kernel, the following vulnerability has been resolved: usb: typec: ucsi: Handle incorrect numconnectors capability The UCSI spec states that the numconnectors field is 7 bits, and the 8th bit is reserved and should be set to zero. Some buggy FW has been known to set this bit, and it...

6AI score0.00123EPSS
Exploits0References6
EUVD
EUVD
added 2026/01/14 3:5 p.m.8 views

EUVD-2026-2509

In the Linux kernel, the following vulnerability has been resolved: fs: PM: Fix reverse check in filesystemsfreezecallback The freezeallptr check in filesystemsfreezecallback introduced by commit a3f8f8662771 "power: always freeze efivarfs" is reverse which quite confusingly causes all file syste...

5.9AI score0.00107EPSS
Exploits0References3
EUVD
EUVD
added 2026/01/14 5:28 a.m.5 views

EUVD-2026-2556

The PDF Resume Parser plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.0. This is due to the plugin registering an AJAX action handler that is accessible to unauthenticated users and exposes SMTP configuration data including credentials...

5.3CVSS5.6AI score0.00323EPSS
Exploits0References4
Rows per page
Query Builder