Lucene search
K

65 matches found

RedHat Linux
RedHat Linux
added 2025/10/20 2:25 a.m.6 views

Important: Red Hat Security Advisory: firefox security update

An update for firefox is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from t...

9.8CVSS6.8AI score0.00465EPSS
Exploits0References8
Tenable Nessus
Tenable Nessus
added 2025/10/20 12:0 a.m.2 views

RHEL 10 : thunderbird (RHSA-2025:18320)

The remote Redhat Enterprise Linux 10 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2025:18320 advisory. Mozilla Thunderbird is a standalone mail and newsgroup client. Security Fixes: thunderbird: firefox: Memory safety bugs CVE-2025-11714...

9.8CVSS7.2AI score0.00465EPSS
Exploits0References16
Tenable Nessus
Tenable Nessus
added 2025/10/20 12:0 a.m.2 views

RHEL 9 : thunderbird (RHSA-2025:18321)

The remote Redhat Enterprise Linux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2025:18321 advisory. Mozilla Thunderbird is a standalone mail and newsgroup client. Security Fixes: thunderbird: firefox: Memory safety bugs CVE-2025-11714...

9.8CVSS7.2AI score0.00465EPSS
Exploits0References16
Tenable Nessus
Tenable Nessus
added 2025/10/18 12:0 a.m.3 views

RockyLinux 10 : firefox (RLSA-2025:18154)

The remote RockyLinux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2025:18154 advisory. thunderbird: firefox: Memory safety bugs CVE-2025-11714 thunderbird: firefox: Out of bounds read/write in a privileged process triggered by WebGL...

9.8CVSS7.2AI score0.00465EPSS
Exploits0References15
RedHat Linux
RedHat Linux
added 2025/10/15 4:41 p.m.6 views

Important: Red Hat Security Advisory: firefox security update

An update for firefox is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from t...

9.8CVSS6.8AI score0.00465EPSS
Exploits0References8
EUVD
EUVD
added 2025/10/08 12:43 p.m.4 views

EUVD-2025-31822

FuelVM is vulnerable to heap memory allocation re-use bug...

6.5AI score
Exploits0References4
RedhatCVE
RedhatCVE
added 2025/05/23 8:22 a.m.6 views

CVE-2024-1988

The Post Grid, Form Maker, Popup Maker, WooCommerce Blocks, Post Blocks, Post Carousel – Combo Blocks plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'tag' attribute in blocks in all versions up to, and including, 2.2.80 due to insufficient input sanitization and output...

6.4CVSS4.9AI score0.00263EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/01/23 12:0 a.m.5 views

WordPress plugin The Events Calendar 跨站脚本漏洞

WordPress and the WordPress plugin are both products of the WordPress Foundation. WordPress is a blogging platform developed in the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting...

6.4CVSS7.7AI score0.00279EPSS
Exploits0References4
OSV
OSV
added 2024/09/06 2:15 p.m.6 views

CVE-2024-7611

The Enter Addons – Ultimate Template Builder for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'tag' attribute of the Events Card widget in all versions up to, and including, 2.1.8 due to insufficient input sanitization and output escaping on user supplied...

5.4CVSS5.9AI score
Exploits0References2
OSV
OSV
added 2024/07/02 8:15 a.m.6 views

CVE-2024-5504

The Rife Elementor Extensions & Templates plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'tag' attribute within the plugin's Writing Effect Headline widget in all versions up to, and including, 1.2.1 due to insufficient input sanitization and output escaping on user...

5.4CVSS6AI score0.00349EPSS
Exploits0References4
CNNVD
CNNVD
added 2024/07/02 12:0 a.m.5 views

WordPress plugin Rife Elementor Extensions & Templates Security Vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

6.4CVSS6.1AI score0.00349EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2024/07/02 12:0 a.m.5 views

PT-2024-36463 · WordPress · Rife Elementor Extensions & Templates

Name of the Vulnerable Software and Affected Versions: Rife Elementor Extensions & Templates plugin for WordPress versions up to, and including, 1.2.1 Description: The issue arises from insufficient input sanitization and output escaping on user-supplied attributes, specifically the tag attribute...

6.4CVSS7.2AI score0.00349EPSS
Exploits0References7
OSV
OSV
added 2024/06/07 4:15 a.m.5 views

CVE-2024-1988

The Post Grid, Form Maker, Popup Maker, WooCommerce Blocks, Post Blocks, Post Carousel – Combo Blocks plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'tag' attribute in blocks in all versions up to, and including, 2.2.80 due to insufficient input sanitization and output...

5.4CVSS5.9AI score0.00263EPSS
Exploits0References2
CNNVD
CNNVD
added 2024/06/07 12:0 a.m.5 views

WordPress plugin Combo Blocks security vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers running PHP and MySQL. WordPress plugin is an application plugin. A security vulnerability exists in...

6.4CVSS6.1AI score0.00263EPSS
Exploits0References3
OSV
OSV
added 2024/05/02 5:15 p.m.4 views

CVE-2024-3725

The Otter Blocks – Gutenberg Blocks, Page Builder for Gutenberg Editor & FSE plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Post Grid widget in all versions up to, and including, 2.6.9 due to insufficient input sanitization and output escaping on user supplied...

5.4CVSS5.9AI score0.00423EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2024/05/02 12:0 a.m.6 views

PT-2024-15183 · WordPress · Collapse-O-Matic

Name of the Vulnerable Software and Affected Versions: Collapse-O-Matic plugin for WordPress versions up to, and including, 1.8.5.5 Description: The issue is related to Stored Cross-Site Scripting via the plugin's 'expand' shortcode due to insufficient input sanitization and output escaping on th...

6.4CVSS5.9AI score0.00333EPSS
Exploits0References7
BDU FSTEC
BDU FSTEC
added 2024/04/30 12:0 a.m.6 views

The vulnerability of the Jeg Elementor Kit plugin for WordPress content management system allows attackers to perform cross-site scripting attacks.

The vulnerability of the Jeg Elementor Kit plugin for the WordPress content management system is related to the lack of protection for website structure during the processing of the htmltag attribute. Exploiting this vulnerability allows a remote attacker to perform cross-site scripting attacks...

6.4CVSS7.5AI score0.00505EPSS
Exploits0References2Affected Software1
Positive Technologies
Positive Technologies
added 2024/03/30 12:0 a.m.8 views

PT-2024-20660 · WordPress · Powerpack Addons For Elementor

Name of the Vulnerable Software and Affected Versions: PowerPack Addons for Elementor plugin for WordPress versions up to, and including, 2.7.17 Description: The issue is related to Stored Cross-Site Scripting via the html tag attribute of multiple widgets due to insufficient input sanitization a...

6.4CVSS7.9AI score0.0034EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2024/03/12 12:0 a.m.7 views

PT-2024-18008 · WordPress · Ht Mega – Absolute Addons For Elementor

Name of the Vulnerable Software and Affected Versions: HT Mega – Absolute Addons For Elementor plugin for WordPress versions up to, and including, 2.4.6 Description: The issue is related to Stored Cross-Site Scripting via the plugin's blocks due to insufficient input sanitization and output...

6.4CVSS8AI score0.00478EPSS
Exploits0References13
OSV
OSV
added 2024/02/05 10:16 p.m.6 views

CVE-2024-0382

The WP Recipe Maker plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's shortcodes in all versions up to, and including, 9.1.0 due to unrestricted use of the 'headertag' attribute. This makes it possible for authenticated attackers with contributor-level and above...

5.4CVSS7.4AI score0.00561EPSS
Exploits0References2
Rows per page
Query Builder