Lucene search
K

16 matches found

ATTACKERKB
ATTACKERKB
added 2026/05/03 10:0 p.m.8 views

CVE-2026-7705

A flaw has been found in JD Cloud JDCOS 4.5.1.r4518. This vulnerability affects the function setiptvinfo of the file /jdcap of the component Service Interface. Executing a manipulation of the argument vid can lead to command injection. It is possible to launch the attack remotely. The exploit has...

6.5CVSS6.3AI score0.01158EPSS
Exploits0References4Affected Software1
RedhatCVE
RedhatCVE
added 2026/01/09 10:42 a.m.11 views

CVE-2022-26748

An out-of-bounds write issue was addressed with improved input validation. This issue is fixed in Security Update 2022-004 Catalina, macOS Monterey 12.4, macOS Big Sur 11.6.6. Processing maliciously crafted web content may lead to arbitrary code execution...

8.8CVSS7AI score0.01371EPSS
Exploits0References1
Debian CVE
Debian CVE
added 2025/09/15 2:21 p.m.4 views

CVE-2022-50267

In the Linux kernel, the following vulnerability has been resolved: mmc: rtsxpci: fix return value check of mmcaddhost mmcaddhost may return error, if we ignore its return value, the memory that allocated in mmcallochost will be leaked and it will lead a kernel crash because of deleting not added...

5.5CVSS5.3AI score0.00145EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2025/05/23 6:5 a.m.5 views

CVE-2023-30956

A security defect was identified in Foundry Comments that enabled a user to discover the contents of an attachment submitted to another comment if they knew the internal UUID of the target attachment. This defect was resolved with the release of Foundry Comments 2.267.0...

5.3CVSS6.8AI score0.00377EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/04/01 12:0 a.m.2 views

WordPress plugin WooCommerce Fattureincloud 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting...

7.1CVSS7.9AI score0.00293EPSS
Exploits0References2
Cvelist
Cvelist
added 2025/03/10 2:34 p.m.13 views

CVE-2025-26933 WordPress Place Order Without Payment for WooCommerce plugin <= 2.6.7 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Nitin Prakash WC Place Order Without Payment wc-place-order-without-payment allows PHP Local File Inclusion.This issue affects WC Place Order Without Payment: from n/a through =...

7.5CVSS0.00517EPSS
Exploits0References1
Patchstack
Patchstack
added 2025/01/15 11:2 a.m.7 views

WordPress ApplyOnline plugin <= 2.6.7.1 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Trương Hữu Phúc truonghuuphuc in WordPress Plugin ApplyOnline versions = 2.6.7.1...

4.3CVSS8.2AI score0.00243EPSS
Exploits0Affected Software1
Positive Technologies
Positive Technologies
added 2023/07/01 12:0 a.m.9 views

PT-2023-24941 · WordPress · Ultimate Member

Name of the Vulnerable Software and Affected Versions: Ultimate Member WordPress plugin versions prior to 2.6.7 Description: The issue allows attackers to create user accounts with arbitrary capabilities, effectively enabling them to create administrator accounts at will. This is being actively...

9.8CVSS9.7AI score0.72306EPSS
Exploits12References17
SUSE CVE
SUSE CVE
added 2023/02/15 3:39 a.m.2 views

SUSE CVE-2021-36782

A Cleartext Storage of Sensitive Information vulnerability in SUSE Rancher allows authenticated Cluster Owners, Cluster Members, Project Owners, Project Members and User Base to use the Kubernetes API to retrieve plaintext version of sensitive data. This issue affects: SUSE Rancher Rancher versio...

9.9CVSS8.7AI score0.0293EPSS
Exploits3References7
Positive Technologies
Positive Technologies
added 2022/12/08 12:0 a.m.5 views

PT-2022-36479 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v4.19.267 Description: The issue is related to a potential security problem in the net/x25 component, specifically in the x25 lapb receive frame function, where a skb leak may occur. The actual impact and attack...

7.3AI score
Exploits0References1
OSV
OSV
added 2022/08/05 5:15 p.m.5 views

CVE-2022-2675

Using off-the-shelf commodity hardware, the Unitree Go 1 robotics platform version H0.1.7 and H0.1.9 using firmware version 0.1.35 can be powered down by an attacker within normal RF range without authentication. Other versions may be affected, such as the A1...

6.5CVSS5.8AI score0.00455EPSS
Exploits0References3
Circl
Circl
added 2022/05/27 12:14 a.m.5 views

CVE-2022-26756

creationtimestamp| type| source ---|---|--- 2022-05-27 00:14:36+00:00| seen| https://t.me/cibsecurity/43455...

9.3CVSS7.4AI score0.00922EPSS
Exploits0References1
OSV
OSV
added 2021/02/15 5:15 p.m.7 views

AZL-6437 CVE-2021-27218 affecting package glib for versions less than 2.60.1-5

An issue was discovered in GNOME GLib before 2.66.7 and 2.67.x before 2.67.4. If gbytearraynewtake was called with a buffer of 4GB or more on a 64-bit platform, the length would be truncated modulo 232, causing unintended length truncation...

7.5CVSS7AI score0.04193EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2021/01/01 12:0 a.m.13 views

PT-2021-3164

Name of the Vulnerable Software and Affected Versions FasterXML jackson-databind versions 2.x before 2.9.10.8 FasterXML jackson-databind versions 2.6.x before 2.6.7.5 Description The issue is related to the interaction between serialization gadgets and typing, specifically with the...

9.3CVSS6.8AI score0.20929EPSS
Exploits11References44
Positive Technologies
Positive Technologies
added 2020/02/10 12:0 a.m.6 views

PT-2020-9918 · Apache · Apache Dubbo

Name of the Vulnerable Software and Affected Versions: Apache Dubbo versions 2.5.x Apache Dubbo versions 2.6.0 through 2.6.7 Apache Dubbo versions 2.7.0 through 2.7.4 Description: Unsafe deserialization occurs within a Dubbo application which has HTTP remoting enabled. An attacker may submit a PO...

9.8CVSS7.3AI score0.35564EPSS
Exploits2References15
CNVD
CNVD
added 2019/08/01 12:0 a.m.3 views

CImg Heap Buffer Overflow Vulnerability

CImg Library is an open source C++ library for image processing . A buffer overflow vulnerability exists in the loadbmp file in the CImg.h file in CImg Library versions 2.6.7 and earlier. The vulnerability stems from a networked system or product performing operations in memory without properly...

8.8CVSS7.3AI score0.01749EPSS
Exploits0References1
Rows per page
Query Builder