Lucene search
+L

216 matches found

euvd
euvd
added 2025/10/03 8:7 p.m.11 views

EUVD-2023-28522

Malicious code in bioql PyPI...

7.5CVSS6.6AI score0.00271EPSS
Exploits0References1
euvd
euvd
added 2025/10/03 8:7 p.m.6 views

EUVD-2024-18864

Malicious code in bioql PyPI...

6.1CVSS8.1AI score0.00309EPSS
Exploits0References1
euvd
euvd
added 2025/10/03 8:7 p.m.6 views

EUVD-2023-24045

Malicious code in bioql PyPI...

6.5CVSS6.5AI score0.00629EPSS
Exploits0References3
euvd
euvd
added 2025/10/03 8:7 p.m.13 views

EUVD-2025-21531

Malicious code in bioql PyPI...

6.1CVSS7.6AI score0.00224EPSS
Exploits0References1
osv
osv
added 2025/09/19 12:17 p.m.7 views

SUSE-SU-2025:03276-1 Security update for mariadb

This update for mariadb fixes the following issues: Update to version 10.6.23. Security issues fixed: - CVE-2025-21490: InnoDB issue allows high privileged attacker with network access to cause a hang or frequently repeatable crash of MySQL Server bsc1243356. - CVE-2025-30693: InnoDB issue allows...

6.8CVSS5.8AI score0.01236EPSS
Exploits0References11
cve
cve
added 2025/09/11 7:25 a.m.18 views

CVE-2025-8425

CVE-2025-8425 affects the WordPress plugin My WP Translate (versions

8.8CVSS5.5AI score0.00284EPSS
Exploits0References2
cvelist
cvelist
added 2025/09/11 7:25 a.m.8 views

CVE-2025-8425 My WP Translate <= 1.1 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Options Update

The My WP Translate plugin for WordPress is vulnerable to unauthorized modification of data that can lead to privilege escalation due to a missing capability check on the ajaximportstrings function in all versions up to, and including, 1.1. This makes it possible for authenticated attackers, with...

8.8CVSS0.00284EPSS
Exploits0References2
vulnrichment
vulnrichment
added 2025/08/21 5:28 a.m.5 views

CVE-2025-7221 GiveWP – Donation Plugin and Fundraising Platform <= 4.5.0 - Missing Authorization to Donation Update

The GiveWP – Donation Plugin and Fundraising Platform plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the giveupdatepaymentstatus function in all versions up to, and including, 4.5.0. This makes it possible for authenticated attackers,...

4.3CVSS6.7AI score0.00227EPSS
Exploits0References3
cvelist
cvelist
added 2025/08/15 4:29 a.m.16 views

CVE-2025-31961 HCL Connections is vulnerable to broken access control

HCL Connections contains a broken access control vulnerability that may allow unauthorized user to update data in certain scenarios...

3.7CVSS0.0014EPSS
Exploits0References1
redhatcve
redhatcve
added 2025/05/23 11:38 a.m.7 views

CVE-2025-21544

Vulnerability in the Oracle Communications Order and Service Management product of Oracle Communications Applications component: Security. Supported versions that are affected are 7.4.0, 7.4.1 and 7.5.0. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP ...

5.4CVSS6.1AI score0.00253EPSS
Exploits0References1
redhatcve
redhatcve
added 2025/05/23 7:50 a.m.5 views

CVE-2024-11851

The NitroPack plugin for WordPress is vulnerable to unauthorized arbitrary transient update due to a missing capability check on the nitropackrmlnotification function in all versions up to, and including, 1.17.0. This makes it possible for authenticated attackers, with subscriber access or higher...

4.3CVSS6.6AI score0.00271EPSS
Exploits0References1
redhatcve
redhatcve
added 2025/05/23 2:59 a.m.5 views

CVE-2023-1335

The RapidLoad Power-Up for Autoptimize plugin for WordPress is vulnerable to unauthorized plugin settings update due to a missing capability check on the ucssconnect function in versions up to, and including, 1.7.1. This makes it possible for authenticated attackers with subscriber-level access t...

4.3CVSS5.2AI score0.00548EPSS
Exploits0References1
redhatcve
redhatcve
added 2025/05/22 9:3 p.m.6 views

CVE-2021-2008

Vulnerability in the Enterprise Manager for Fusion Middleware product of Oracle Enterprise Manager component: FMW Control Plugin. The supported version that is affected are 11.1.1.9 and 12.2.1.3 Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to...

7.5CVSS6AI score0.00907EPSS
Exploits0References1
redhatcve
redhatcve
added 2025/03/02 12:19 a.m.6 views

CVE-2025-1687

The Cardealer theme for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.6.4. This is due to missing nonce validation on the 'updateuserprofile' function. This makes it possible for unauthenticated attackers to update the user email and password via a forg...

8.8CVSS6.5AI score0.00262EPSS
Exploits0References1
redhat
redhat
added 2025/02/19 11:10 a.m.2 views

mysql: Privilege Misuse in MySQL Server Security Component

A flaw was found in MySQL Server component: Security: Privileges. This issue can allow unauthorized update, insert, or delete access to MySQL Server data and unauthorized read access to a subset of data via multiple protocols...

3.8CVSS5.7AI score0.00556EPSS
Exploits0References5
redhat
redhat
added 2025/02/19 10:31 a.m.4 views

mysql: Privilege Misuse in MySQL Server Security Component

A flaw was found in MySQL Server component: Security: Privileges. This issue can allow unauthorized update, insert, or delete access to MySQL Server data and unauthorized read access to a subset of data via multiple protocols...

3.8CVSS5.7AI score0.00556EPSS
Exploits0References5
ptsecurity
ptsecurity
added 2025/02/15 12:0 a.m.26 views

PT-2025-6546 · WordPress · Team Members Showcase Plugin

Name of the Vulnerable Software and Affected Versions: The Team – Team Members Showcase Plugin plugin for WordPress versions up to, and including, 4.4.9 Description: The issue is related to unauthorized access due to a missing capability check on the response function. This allows authenticated...

4.3CVSS9.2AI score0.00317EPSS
Exploits0References11
redhatcve
redhatcve
added 2025/02/05 2:30 p.m.11 views

CVE-2020-2827

Vulnerability in the Oracle One-to-One Fulfillment product of Oracle E-Business Suite component: Print Server. Supported versions that are affected are 12.1.1-12.1.3. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle One-to-One...

8.2CVSS7.2AI score0.01282EPSS
Exploits0References3
osv
osv
added 2025/01/21 9:15 p.m.4 views

CVE-2025-21558

Vulnerability in the Primavera P6 Enterprise Project Portfolio Management product of Oracle Construction and Engineering component: Web Access. Supported versions that are affected are 20.12.1.0-20.12.21.5, 21.12.1.0-21.12.20.0 and 22.12.1.0. Easily exploitable vulnerability allows low privileged...

5.4CVSS7.3AI score0.00253EPSS
Exploits0References1
osv
osv
added 2025/01/21 9:15 p.m.4 views

CVE-2025-21544

Vulnerability in the Oracle Communications Order and Service Management product of Oracle Communications Applications component: Security. Supported versions that are affected are 7.4.0, 7.4.1 and 7.5.0. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP ...

5.4CVSS7.3AI score0.00253EPSS
Exploits0References1
Rows per page
Query Builder