Lucene search
K

7 matches found

OSV
OSV
added 2026/03/08 2:16 a.m.6 views

CVE-2026-30910

Crypt::Sodium::XS versions through 0.001000 for Perl has potential integer overflows. Combined aead encryption, combined signature creation, and bin2hex functions do not check that output size will be less than SIZEMAX, which could lead to integer wraparound causing an undersized output buffer...

7.5CVSS6AI score0.00287EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/02/18 6:0 a.m.4 views

CVE-2026-1368

The Video Conferencing with Zoom WordPress plugin before 4.6.6 contains an AJAX handler that has its nonce verification commented out, allowing unauthenticated attackers to generate valid Zoom SDK signatures for any meeting ID and retrieve the site's Zoom SDK key...

5.5AI score0.01211EPSS
Exploits0References1
CNNVD
CNNVD
added 2024/10/24 12:0 a.m.3 views

WordPress plugin Extra Product Options Builder for WooCommerce 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site scripting vulnerability exists...

6.1CVSS6AI score0.00368EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2024/01/02 12:0 a.m.52 views

Ubuntu 20.04 LTS / 22.04 LTS / 23.04 / 23.10 : Thunderbird vulnerabilities (USN-6563-1)

The remote Ubuntu 20.04 LTS / 22.04 LTS / 23.04 / 23.10 host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-6563-1 advisory. Multiple security issues were discovered in Thunderbird. If a user were tricked into opening a specially crafted website in a...

8.8CVSS7.7AI score0.20472EPSS
Exploits0References12
Prion
Prion
added 2023/12/19 2:15 p.m.23 views

Design/Logic Flaw

The signature of a digitally signed S/MIME email message may optionally specify the signature creation date and time. If present, Thunderbird did not compare the signature creation date with the message date and time, and displayed a valid signature despite a date or time mismatch. This could be...

4.3CVSS6.5AI score0.00633EPSS
Exploits0References4Affected Software2
NVD
NVD
added 2023/07/14 1:15 p.m.15 views

CVE-2023-3433

The "nickname" field within Savoir-faire Linux's Jami application is susceptible to a failed state when a user inserts special characters into the field. When present, these special characters, make it so the application cannot create the signature for the user and results in a local denial of...

5.5CVSS0.00202EPSS
Exploits0References3
CNVD
CNVD
added 2016/08/04 12:0 a.m.3 views

F5 WebSafe Dashboard Cross-Site Scripting Vulnerability

F5 WebSafe is a suite of web fraud protection solutions from F5 USA. The solution provides malware and fraud detection, client-side mobile threat protection, etc. F5 WebSafe Dashboard is one of the configuration management tools. A cross-site scripting vulnerability exists in F5 WebSafe Dashboard...

5.4CVSS5.9AI score0.00636EPSS
Exploits0References1
Rows per page
Query Builder