Lucene search
+L

88 matches found

CNNVD
CNNVD
added 2025/04/09 12:0 a.m.5 views

WordPress plugin WP shop 跨站请求伪造漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site request...

9.6CVSS8.8AI score0.00248EPSS
Exploits0References1
OSV
OSV
added 2025/03/31 4:15 p.m.6 views

PYSEC-2025-195

A vulnerability classified as critical was found in PyTorch 2.6.0. This vulnerability affects the function torch.lstmcell. The manipulation leads to memory corruption. The attack needs to be approached locally. The exploit has been disclosed to the public and may be used...

4.8CVSS5.5AI score0.00183EPSS
Exploits0References6
Patchstack
Patchstack
added 2025/01/16 6:42 p.m.4 views

WordPress WP Service Payment Form With Authorize.net Plugin <= 2.6.0 - CSRF to Reflected Cross Site Scripting (XSS) vulnerability

CSRF to Reflected Cross Site Scripting XSS vulnerability discovered by 0xd4rk5id3 in WordPress Plugin WP Service Payment Form With Authorize.net versions = 2.6.0...

7.1CVSS6.1AI score0.00197EPSS
Exploits0Affected Software1
Positive Technologies
Positive Technologies
added 2025/01/01 12:0 a.m.9 views

PT-2025-49260

Name of the Vulnerable Software and Affected Versions urllib3 versions 1.24 through 2.5.9 Description urllib3 is a user-friendly HTTP client library for Python. In versions starting from 1.24 and prior to 2.6.0, the decompression chain had an unbounded number of links. This allowed a malicious...

8.9CVSS7.7AI score0.00633EPSS
Exploits0References170
OSV
OSV
added 2024/06/25 12:0 a.m.6 views

UBUNTU-CVE-2024-28882

OpenVPN from 2.6.0 through 2.6.10 in a server role accepts multiple exit notifications from authenticated clients which will extend the validity of a closing session...

4.3CVSS7.2AI score0.00665EPSS
Exploits0References3
OSV
OSV
added 2024/01/08 6:15 p.m.4 views

BELL-CVE-2022-2602 CVE-2022-2602 does not affect BellSoft software

Bulletin has no description...

7CVSS7.3AI score0.01433EPSS
Exploits2References1
CNNVD
CNNVD
added 2024/01/03 12:0 a.m.4 views

PaddlePaddle Operating System Command Injection Vulnerability

PaddlePaddle is an independent R&D deep learning platform open-sourced by China's PaddlePaddle. PaddlePaddle 2.6.0 version of the previous security vulnerability, the vulnerability stems from may lead to remote code execution vulnerability...

9.8CVSS8AI score0.01172EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2023/12/04 5:15 p.m.4 views

CVE-2023-48967

Ssolon = 2.6.0 and =2.5.12 is vulnerable to Deserialization of Untrusted Data...

9.8CVSS5.8AI score0.00916EPSS
Exploits1References2
CNNVD
CNNVD
added 2023/10/25 12:0 a.m.5 views

Netgate pfSense CE Security Vulnerability

Netgate pfSense CE is a free and open source FreeBSD-based firewall and router software. A security vulnerability exists in Netgate pfSense CE version 2.6.0, which stems from the vulnerability to receive an unrate-limited attack that allows an attacker to create multiple malicious users in the...

4.9CVSS6.8AI score0.0163EPSS
Exploits1References2
CNNVD
CNNVD
added 2023/07/17 12:0 a.m.5 views

WordPress Plugin Ultimate Member 跨站请求伪造漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site request forgery vulnerability...

8.8CVSS7.7AI score0.00227EPSS
Exploits0References2
CNNVD
CNNVD
added 2023/05/02 12:0 a.m.6 views

J2eeFAST 跨站脚本漏洞

J2eeFAST is a Java EE enterprise-class rapid development platform , is committed to building the best small and medium-sized open source free backend framework platform . A cross-site scripting vulnerability exists in J2eeFAST version 2.6.0 and earlier versions. An attacker can exploit this...

5.4CVSS4.8AI score0.00522EPSS
Exploits1References5
OSV
OSV
added 2023/02/16 6:19 p.m.7 views

CLSA-2023-1676571549 Update of nss

Update to CKBI 2.60 from NSS 3.86 - Removed: - Certificate "Camerfirma Global Chambersign Root" - Certificate "Cybertrust Global Root" - Certificate "DST Root CA X3" - Certificate "EC-ACC" - Certificate "Explicitly Distrusted DigiNotar PKIoverheid G2" - Certificate "GlobalSign Root CA - R2" -...

5.8AI score
Exploits0References1
SUSE CVE
SUSE CVE
added 2023/02/15 3:39 a.m.5 views

SUSE CVE-2021-37635

TensorFlow is an end-to-end open source platform for machine learning. In affected versions the implementation of sparse reduction operations in TensorFlow can trigger accesses outside of bounds of heap allocated data. The implementation fails to validate that each reduction group does not overfl...

7.1CVSS5.8AI score0.00167EPSS
Exploits0References4
SUSE CVE
SUSE CVE
added 2023/02/15 3:39 a.m.5 views

SUSE CVE-2021-37642

TensorFlow is an end-to-end open source platform for machine learning. In affected versions the implementation of tf.rawops.ResourceScatterDiv is vulnerable to a division by 0 error. The implementation uses a common class for all binary operations but fails to treat the division by 0 case...

5.5CVSS4.9AI score0.00154EPSS
Exploits0References4
SUSE CVE
SUSE CVE
added 2023/02/15 3:39 a.m.3 views

SUSE CVE-2021-37687

TensorFlow is an end-to-end open source platform for machine learning. In affected versions TFLite's GatherNd implementation does not support negative indices but there are no checks for this situation. Hence, an attacker can read arbitrary data from the heap by carefully crafting a model with...

5.5CVSS5AI score0.00191EPSS
Exploits0References4
SUSE CVE
SUSE CVE
added 2023/02/15 3:39 a.m.5 views

SUSE CVE-2021-37690

TensorFlow is an end-to-end open source platform for machine learning. In affected versions when running shape functions, some functions such as MutableHashTableShape produce extra output information in the form of a ShapeAndType struct. The shapes embedded in this struct are owned by an inferenc...

6.6CVSS5.3AI score0.00163EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2023/01/16 12:0 a.m.3 views

PT-2023-14940 · WordPress · Real Testimonials

Name of the Vulnerable Software and Affected Versions: The Real Testimonials WordPress plugin versions prior to 2.6.0 Description: The issue arises from the plugin's failure to validate and escape some of its shortcode attributes before outputting them back in the page. This could allow users wit...

5.4CVSS6.1AI score0.00471EPSS
Exploits2References6
NCSC
NCSC
added 2022/02/24 12:0 a.m.8 views

Vulnerability fixed in pfSense

NetGate has fixed a vulnerability in pfSense versions lower than and equal to 2.5.2. A malicious person with user privileges within the same network is able to write arbitrary code to the system. Due to the lack of Cross-Site Request Forgery Protection CSRF on the vulnerable system, it is possibl...

9CVSS6.7AI score0.87113EPSS
Exploits4
vulnersOsv
vulnersOsv
added 2022/02/10 12:15 a.m.4 views

alwakeupword (=1.0.0), armadillin (>=0.0.2 <=0.53.0) +42 more potentially affected by CVE-2022-21725 via tensorflow (>=2.6.0 <=2.6.2)

tensorflow PYPI version =2.6.0, =0.0.2, =1.0.1, =0.0.9, =0.2.0, =4.4.0, =1.1.2, =0.2.0, =0.0.1, =1.0.0, =1.1.2 - imgtovar =0.8.5 and more Source cves: CVE-2022-21725 Source advisory: OSV:GHSA-V3F7-J968-4H5F...

6.5CVSS6.5AI score0.00783EPSS
Exploits1
vulnersOsv
vulnersOsv
added 2022/02/09 11:57 p.m.6 views

alwakeupword (=1.0.0), armadillin (>=0.0.2 <=0.53.0) +42 more potentially affected by CVE-2022-23584 via tensorflow (>=2.6.0 <=2.6.2)

tensorflow PYPI version =2.6.0, =0.0.2, =1.0.1, =0.0.9, =0.2.0, =4.4.0, =1.1.2, =0.2.0, =0.0.1, =1.0.0, =1.1.2 - imgtovar =0.8.5 and more Source cves: CVE-2022-23584 Source advisory: OSV:GHSA-24X4-6QMH-88QG...

7.6CVSS6.5AI score0.00725EPSS
Exploits1
Rows per page
Query Builder