Lucene search
K

2840 matches found

Vulnrichment
Vulnrichment
added 2026/01/22 4:51 p.m.4 views

CVE-2025-48094 WordPress Magic Slider plugin <= 2.2 - Reflected Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in LambertGroup Magic Slider magicslider allows Reflected XSS.This issue affects Magic Slider: from n/a through = 2.2...

7.1CVSS5.9AI score0.00237EPSS
Exploits0References1
EUVD
EUVD
added 2026/01/21 6:28 p.m.4 views

EUVD-2025-206323

EVerest is an EV charging software stack. Prior to version 2025.12.0, ismessagecrccorrect in the DZGGSH01 powermeter SLIP parser reads vecvec.size-1 and vecvec.size-2 without checking that at least two bytes are present. Malformed SLIP frames on the serial link can reach ismessagecrccorrect with...

2.4CVSS5.6AI score0.00243EPSS
Exploits1References2
CVE
CVE
added 2026/01/20 2:49 p.m.11 views

CVE-2025-57786

CVE-2025-57786 is a post-authenticated, reflected XSS in MedDream PACS Premium 7.3.6.870, specifically in the Pacs/notifynewstudy.php script where the value of the user parameter is written into HTML output without sanitization. Talos details confirm the vulnerability can trigger arbitrary JavaSc...

6.1CVSS5.6AI score0.00235EPSS
Exploits1References2Affected Software1
Tenable Nessus
Tenable Nessus
added 2026/01/15 12:0 a.m.3 views

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-003130)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-003130 advisory. Linux Kernel version 3.18 to 4.16 incorrectly handles an SGIO ioctl on /dev/sg0 with dxferdirection=SGDXFERFROMDEV and an empty 6-byte cmdp. This may lead to copying...

6.3CVSS6.3AI score0.01912EPSS
Exploits0References16
Positive Technologies
Positive Technologies
added 2026/01/12 12:0 a.m.8 views

PT-2026-4682

Name of the Vulnerable Software and Affected Versions Sangfor Operation and Maintenance Security Management System versions up to 3.0.12 Description A flaw exists in Sangfor Operation and Maintenance Security Management System. The issue is due to command injection within the HTTP POST Request...

9.8CVSS7.4AI score0.03946EPSS
Exploits1References10
RedhatCVE
RedhatCVE
added 2026/01/09 12:37 p.m.7 views

CVE-2023-50671

In exiftags 1.01, nikonprop1 in nikon.c has a heap-based buffer overflow write of size 28 because snprintf can write to an unexpected address...

7.8CVSS7.2AI score0.00361EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2026/01/09 12:36 p.m.17 views

CVE-2023-49954

The CRM Integration in 3CX before 18.0.9.23 and 20 before 20.0.0.1494 allows SQL Injection via a first name, search string, or email address...

9.8CVSS8.2AI score0.02239EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 12:35 p.m.8 views

CVE-2023-49473

Shenzhen JF6000 Cloud Media Collaboration Processing Platform firmware version V1.2.0 and software version V2.0.0 build 6245 is vulnerable to Incorrect Access Control...

9.8CVSS7.1AI score0.00523EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 12:10 p.m.6 views

CVE-2018-18802

The Tubigan "Welcome to our Resort" 1.0 software allows CSRF via admin/modusers/controller.php?action=edit...

8.8CVSS7AI score0.00877EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2026/01/09 11:27 a.m.15 views

CVE-2021-33725

A vulnerability has been identified in SINEC NMS All versions V1.0 SP2 Update 1. The affected system allows to delete arbitrary files or directories under a user controlled path and does not correctly check if the relative path is still within the intended target directory...

9.1CVSS6.8AI score0.00999EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 11:19 a.m.8 views

CVE-2021-22988

On BIG-IP versions 16.0.x before 16.0.1.1, 15.1.x before 15.1.2.1, 14.1.x before 14.1.4, 13.1.x before 13.1.3.6, 12.1.x before 12.1.5.3, and 11.6.x before 11.6.5.3, TMUI, also referred to as the Configuration utility, has an authenticated remote command execution vulnerability in undisclosed page...

9CVSS6.9AI score0.10444EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2026/01/09 11:19 a.m.15 views

CVE-2021-22982

On BIG-IP DNS and GTM version 13.1.x before 13.1.0.4, and all versions of 12.1.x and 11.6.x, big3d does not securely handle and parse certain payloads resulting in a buffer overflow. Note: Software versions which have reached End of Software Development EoSD are not evaluated...

7.2CVSS7.2AI score0.00991EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 11:10 a.m.6 views

CVE-2016-10864

NETGEAR EX7000 V1.0.0.421.0.94 devices allow XSS via the SSID...

5.2CVSS6AI score0.00635EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2026/01/09 10:12 a.m.9 views

CVE-2019-11546

An issue was discovered in GitLab Community and Enterprise Edition before 11.8.9, 11.9.x before 11.9.10, and 11.10.x before 11.10.2. It has a Race Condition which could allow users to approve a merge request multiple times and potentially reach the approval count required to merge...

5.3CVSS6.4AI score0.00644EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2026/01/09 10:10 a.m.7 views

CVE-2019-11000

An issue was discovered in GitLab Enterprise Edition before 11.7.11, 11.8.x before 11.8.7, and 11.9.x before 11.9.7. It allows Information Disclosure...

6.5CVSS6.5AI score0.01821EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 10:10 a.m.10 views

CVE-2019-11943

A remote code execution vulnerability was identified in HPE Intelligent Management Center IMC PLAT earlier than version 7.3 E0506P09...

9CVSS7.8AI score0.0364EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 10:10 a.m.10 views

CVE-2019-11969

A remote code execution vulnerability was identified in HPE Intelligent Management Center IMC PLAT earlier than version 7.3 E0506P09...

9CVSS7.9AI score0.0364EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2026/01/09 10:8 a.m.5 views

CVE-2019-20777

An issue was discovered on LG mobile devices with Android OS 7.0, 7.1, 7.2, 8.0, 8.1, and 9.0 software. WapService mishandles OTA Provisioning on V40 and G7 devices. The LG ID is LVE-SMP-190006 July 2019...

9.8CVSS7.2AI score0.00443EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 10:8 a.m.19 views

CVE-2019-20025

Certain builds of NEC SV9100 software could allow an unauthenticated, remote attacker to log into a device running an affected release with a hardcoded username and password, aka a Static Credential Vulnerability. The vulnerability is due to an undocumented user account with manufacturer privileg...

10CVSS7.1AI score0.02925EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 10:7 a.m.8 views

CVE-2019-20538

An issue was discovered on Samsung mobile devices with P9.0 software. There is a heap overflow in the knoxkap driver. The Samsung ID is SVE-2019-14857 November 2019...

7.8CVSS7.4AI score0.00136EPSS
Exploits0References1
Rows per page
Query Builder