Lucene search
K

1395 matches found

CNNVD
CNNVD
added 2025/10/10 12:0 a.m.7 views

FreeRTOS-Plus-TCP 安全漏洞

FreeRTOS-Plus-TCP is an extensible open source and thread-safe TCP/IP stack for FreeRTOS. A security vulnerability exists in FreeRTOS-Plus-TCP that stems from a lack of validation checks in the UDP/IPv6 packet processing code, which could lead to invalid pointer dereferences...

5.3CVSS6.6AI score0.00308EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2025/10/10 12:0 a.m.4 views

PT-2025-41582

Name of the Vulnerable Software and Affected Versions FreeRTOS-Plus-TCP affected versions not specified Description A missing validation check in the ICMPv6 packet processing code can result in an out-of-bounds read when receiving ICMPv6 packets of specific message types that are smaller than...

5.4CVSS6.7AI score0.00279EPSS
Exploits0References7
ATTACKERKB
ATTACKERKB
added 2025/10/07 6:10 p.m.6 views

CVE-2025-8291

The 'zipfile' module would not check the validity of the ZIP64 End of Central Directory EOCD Locator record offset value would not be used to locate the ZIP64 EOCD record, instead the ZIP64 EOCD record would be assumed to be the previous record in the ZIP archive. This could be abused to create Z...

4.3CVSS6AI score0.00345EPSS
Exploits0References11Affected Software1
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2018-10404

Malware in sbrugna...

5.3CVSS6AI score0.01133EPSS
Exploits0References5
CNNVD
CNNVD
added 2025/10/07 12:0 a.m.2 views

BBMRI-ERIC Negotiator 跨站脚本漏洞

BBMRI-ERIC Negotiator is a biospecimen repository access tool from BBMRI-ERIC, Austria. A cross-site scripting vulnerability exists in BBMRI-ERIC Negotiator version v3.15.2, which stems from a lack of user input validation and could lead to a stored cross-site scripting attack...

5.1CVSS5.9AI score0.00326EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/10/04 11:53 a.m.13 views

CVE-2025-10311

The Comment Info Detector plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.0.5. This is due to missing nonce validation on the options.php file when handling form submissions. This makes it possible for unauthenticated attackers to modify...

4.3CVSS5.4AI score0.00136EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/10/04 11:53 a.m.16 views

CVE-2025-9897

The AP Background plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 3.8.2. This is due to missing or incorrect nonce validation on the advParallaxBackAdminSaveSlider function. This makes it possible for unauthenticated attackers to create or...

4.3CVSS5.2AI score0.00124EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/10/04 11:53 a.m.9 views

CVE-2025-9213

The TextBuilder plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions 1.0.0 to 1.1.1. This is due to missing or incorrect nonce validation on the 'handleToken' function. This makes it possible for unauthenticated attackers to update a user's authorization token via a forged...

8.8CVSS5.9AI score0.00168EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2025-26521

Malicious code in bioql PyPI...

9.1CVSS6.4AI score0.00446EPSS
Exploits1References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2025-32286

Malicious code in bioql PyPI...

4.3CVSS6.6AI score0.00136EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/03 8:7 p.m.9 views

EUVD-2025-26458

Malicious code in bioql PyPI...

7.8CVSS7.6AI score0.00235EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2025-25003

Malicious code in bioql PyPI...

6.1CVSS6.4AI score0.00141EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/03 8:7 p.m.2 views

EUVD-2025-30927

Malicious code in bioql PyPI...

6.6AI score0.00151EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2025-24000

Malicious code in bioql PyPI...

9.8CVSS6.5AI score0.00873EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.22 views

EUVD-2025-24006

Malicious code in bioql PyPI...

8.8CVSS4.5AI score0.00526EPSS
Exploits3References3
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2025-25057

Malicious code in bioql PyPI...

6.1CVSS6.5AI score0.00127EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2025-25809

Malicious code in bioql PyPI...

4.7CVSS6.5AI score0.00175EPSS
Exploits0References2
NVD
NVD
added 2025/10/03 12:15 p.m.7 views

CVE-2025-9895

The Notification Bar plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 2.2. This is due to missing or incorrect nonce validation on the 'subscriber-list-empty.php' file. This makes it possible for unauthenticated attackers to empty the subscrib...

4.3CVSS0.00124EPSS
Exploits0References2
NVD
NVD
added 2025/10/03 12:15 p.m.6 views

CVE-2025-9892

The Restrict User Registration plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.0.1. This is due to missing or incorrect nonce validation on the update function. This makes it possible for unauthenticated attackers to update the plugin's...

5.3CVSS0.00143EPSS
Exploits0References2
NVD
NVD
added 2025/10/03 12:15 p.m.14 views

CVE-2025-10302

The Ultimate Viral Quiz plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.0. This is due to missing or incorrect nonce validation on thesaveoptions function. This makes it possible for unauthenticated attackers to update the plugin's settings...

4.3CVSS0.00124EPSS
Exploits0References2
Rows per page
Query Builder