Lucene search
K

574 matches found

CNNVD
CNNVD
added 2026/01/28 12:0 a.m.6 views

WordPress Plugin Forms Bridge – Infinite integrations Cross-site scripting vulnerabilities

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...

6.4CVSS5.7AI score0.00251EPSS
Exploits0References5
Vulnrichment
Vulnrichment
added 2026/01/27 6:43 p.m.5 views

CVE-2026-24883

In GnuPG before 2.5.17, a long signature packet length causes parsesignature to return success with sig-data set to a NULL value, leading to a denial of service application crash...

3.7CVSS5.9AI score0.00447EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2026/01/26 12:0 a.m.4 views

openSUSE Security Advisory (SUSE-SU-2026:0256-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

4.6CVSS5.9AI score0.00127EPSS
Exploits0References4
OSV
OSV
added 2026/01/22 4:8 p.m.3 views

SUSE-SU-2026:0256-1 Security update for openldap2_5

This update for openldap25 fixes the following issues: Security fixes: - CVE-2026-22185: Fixed possible crash in malicious DB bsc1256297 Other fixes: - Update to version 2.5.20+11: ITS10421 mdbload: check for malicious input...

4.6CVSS5.8AI score0.00127EPSS
Exploits0References3
Circl
Circl
added 2026/01/22 11:21 a.m.7 views

CVE-2024-53252

creationtimestamp| type| source ---|---|--- 2026-01-22 11:21:06+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mcz2yblmdo2t...

5AI score
Exploits0References1
EUVD
EUVD
added 2026/01/21 9:40 p.m.6 views

EUVD-2026-3773

CVAT is an open source interactive video and image annotation tool for computer vision. In versions 1.0.0 through 2.54.0, users that have the staff status may freely change their permissions, including giving themselves superuser status and joining the admin group, which gives them full access to...

8.5CVSS5.6AI score0.00255EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/01/20 9:38 p.m.4 views

CVE-2025-58744 Hard-Coded Default Credentials Enable Document Archive Decryption in Milner ImageDirector Capture

Use of Default Credentials, Hard-coded Credentials vulnerability in C2SGlobalSettings.dll in Milner ImageDirector Capture on Windows allows decryption of document archive files using credentials decrypted with hard-coded application encryption key. This issue affects ImageDirector Capture: from...

6.9CVSS5.3AI score0.0013EPSS
Exploits0References1
Circl
Circl
added 2026/01/20 8:4 a.m.6 views

CVE-2022-25732

creationtimestamp| type| source ---|---|--- 2026-01-20 08:04:56+00:00| seen| https://infosec.exchange/users/certvde/statuses/115926387351405846...

8.2CVSS5AI score0.00375EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2026/01/20 12:0 a.m.6 views

MiracleLinux 9 : kernel-5.14.0-70.30.1.el9_0 (AXSA:2023-5105:05)

The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2023-5105:05 advisory. posix cpu timer use-after-free may lead to local privilege escalation CVE-2022-2585 Unprivileged users may use PTRACESEIZE to set...

7.8CVSS6.8AI score0.01284EPSS
Exploits4References3
Vulnrichment
Vulnrichment
added 2026/01/17 4:34 a.m.4 views

CVE-2025-12825 User Registration Using Contact Form 7 <= 2.5 - Authenticated (Subscriber+) Information Exposure

The User Registration Using Contact Form 7 plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the 'getcf7formdata' function in all versions up to, and including, 2.5. This makes it possible for unauthenticated attackers to retrieve form settings...

5.3CVSS5.5AI score0.00535EPSS
Exploits0References2
EUVD
EUVD
added 2026/01/14 3:5 p.m.5 views

EUVD-2026-2515

In the Linux kernel, the following vulnerability has been resolved: KVM: x86: Fix VM hard lockup after prolonged inactivity with periodic HV timer When advancing the target expiration for the guest's APIC timer in periodic mode, set the expiration to "now" if the target expiration is in the past...

6.1AI score0.00095EPSS
Exploits0References6
SUSE CVE
SUSE CVE
added 2026/01/13 12:53 a.m.6 views

SUSE CVE-2025-15506

A vulnerability was found in AcademySoftwareFoundation OpenColorIO up to 2.5.0. This issue affects the function ConvertToRegularExpression of the file src/OpenColorIO/FileRules.cpp. Performing a manipulation results in out-of-bounds read. The attack needs to be approached locally. The exploit has...

4.8CVSS6.5AI score0.00165EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2026/01/13 12:0 a.m.5 views

MiracleLinux 8 : kernel-4.18.0-553.37.1.el8_10 (AXSA:2025-9659:11)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2025-9659:11 advisory. kernel: scsi: core: Fix unremoved procfs host directory regression CVE-2024-26935 kernel: arm64/sve: Discard stale CPU state when handling SVE traps...

7CVSS6.9AI score0.00242EPSS
Exploits0References3
UbuntuCve
UbuntuCve
added 2026/01/11 11:15 a.m.3 views

CVE-2025-15506

A vulnerability was found in AcademySoftwareFoundation OpenColorIO up to 2.5.0. This issue affects the function ConvertToRegularExpression of the file src/OpenColorIO/FileRules.cpp. Performing a manipulation results in out-of-bounds read. The attack needs to be approached locally. The exploit has...

4.8CVSS5.5AI score0.00165EPSS
Exploits0References9
RedhatCVE
RedhatCVE
added 2026/01/09 10:53 a.m.17 views

CVE-2022-23898

MCMS v5.2.5 was discovered to contain a SQL injection vulnerability via the categoryId parameter in the file IContentDao.xml...

9.8CVSS8.2AI score0.07734EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2026/01/09 8:47 a.m.12 views

CVE-2025-23705

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Terry Zielke Zielke Design Project Gallery zielke-design-project-gallery allows Reflected XSS.This issue affects Zielke Design Project Gallery: from n/a through = 2.5.0...

7.1CVSS7.2AI score0.00149EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/01/09 12:0 a.m.6 views

GESTSUP SQL注入漏洞

GESTSUP is a software application from the French company GESTSUP. It is 100% web-based SUPport MANAGEMENT software that manages tickets and devices. A SQL injection vulnerability exists in GESTSUP 3.2.56 and prior versions, which arises from user-controlled search input in the search bar feature...

8.1CVSS7.7AI score0.00294EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2026/01/07 9:44 a.m.8 views

CVE-2017-6363

In the GD Graphics Library aka LibGD through 2.2.5, there is a heap-based buffer over-read in tiffWriter in gdtiff.c. NOTE: the vendor says "In my opinion this issue should not have a CVE, since the GD and GD2 formats are documented to be 'obsolete, and should only be used for development and...

8.1CVSS6.9AI score0.01267EPSS
Exploits1References1
SUSE CVE
SUSE CVE
added 2026/01/06 12:25 a.m.6 views

SUSE CVE-2025-65799

A lack of file name validation or verification in the Attachment service of usememos memos v0.25.2 allows attackers to execute a path traversal...

4.3CVSS7.2AI score0.00182EPSS
Exploits1References2
IBM Security Bulletins
IBM Security Bulletins
added 2026/01/05 7:9 a.m.7 views

Security Bulletin: IBM Maximo Application Suite uses java 17.0.13,github.com/go-viper/mapstructure/v2 v2.2.1 and github.com/docker/docker v27.3.1 which is vulnerable to GHSA-2464-8j7c-4cjm,CVE-2025-21502 and CVE-2025-54410

Summary IBM Maximo Application Suite uses java 17.0.13,github.com/go-viper/mapstructure/v2 v2.2.1 and github.com/docker/docker v27.3.1 which is vulnerable to GHSA-2464-8j7c-4cjm,CVE-2025-21502 and CVE-2025-54410. This bulletin contains information regarding the vulnerability and its fixture...

5.2CVSS5.4AI score0.00971EPSS
Exploits0Affected Software1
Rows per page
Query Builder