Lucene search
+L

16 matches found

OSV
OSV
added 2026/06/10 5:11 p.m.9 views

MGASA-2026-0192 Updated postfix packages fix security vulnerability

Postfix before 3.8.16, 3.9 before 3.9.10, and 3.10 before 3.10.9 sometimes allows a buffer over-read and process crash via an enhanced status code that lacks text after the third number. CVE-2026-43964...

7.5CVSS5.8AI score0.00415EPSS
Exploits0References5
Mageia
Mageia
added 2026/06/10 5:11 p.m.11 views

Updated postfix packages fix security vulnerability

Postfix before 3.8.16, 3.9 before 3.9.10, and 3.10 before 3.10.9 sometimes allows a buffer over-read and process crash via an enhanced status code that lacks text after the third number. CVE-2026-43964...

7.5CVSS5.8AI score0.00415EPSS
Exploits0References4
ATTACKERKB
ATTACKERKB
added 2026/05/04 6:10 p.m.12 views

CVE-2026-43964

Postfix before 3.8.16, 3.9 before 3.9.10, and 3.10 before 3.10.9 sometimes allows a buffer over-read and process crash via an enhanced status code that lacks text after the third number...

3.7CVSS6.1AI score0.00415EPSS
Exploits0References2Affected Software1
OSV
OSV
added 2024/11/19 5:15 p.m.4 views

CVE-2024-50515

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Saturday Drive Ninja Forms allows Stored XSS.This issue affects Ninja Forms: from n/a through 3.8.16...

4.8CVSS5.8AI score0.0038EPSS
Exploits0References1
OSV
OSV
added 2024/11/19 5:15 p.m.3 views

CVE-2024-50514

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Saturday Drive Ninja Forms allows Stored XSS.This issue affects Ninja Forms: from n/a through 3.8.16...

4.8CVSS5.8AI score0.0038EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2024/11/19 12:0 a.m.4 views

PT-2024-34290 · Unknown · Ninja Forms

Name of the Vulnerable Software and Affected Versions: Ninja Forms versions 3.8.16 and earlier Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting, allowing Stored XSS. This means that an attacker can inject maliciou...

5.9CVSS6.9AI score0.0038EPSS
Exploits0References4
CNNVD
CNNVD
added 2024/11/19 12:0 a.m.4 views

WordPress plugin Ninja Forms 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

5.9CVSS6.6AI score0.0038EPSS
Exploits0References1
Patchstack
Patchstack
added 2024/10/28 12:0 a.m.15 views

WordPress Ninja Forms Plugin <= 3.8.16 is vulnerable to Cross Site Scripting (XSS)

Software Ninja Forms Type Plugin Vulnerable versions = 3.8.16 Fixed in 3.8.18 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-50515 Patch priority Low CVSS severity Low 5.9 Developer Claim ownership PSID e2d92f3518fa Credits Hwang Se-yeon Required privilege...

5.9CVSS6.5AI score0.0038EPSS
Exploits0References2Affected Software1
OpenVAS
OpenVAS
added 2022/12/19 12:0 a.m.21 views

Python DoS Vulnerability (Oct 2022) - Linux

Python is prone to a denial of service DoS vulnerability. SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:python:python";...

7.5CVSS7.8AI score0.02453EPSS
Exploits1References2
OpenVAS
OpenVAS
added 2022/11/22 12:0 a.m.28 views

Python <= 3.10.x Buffer Overflow Vulnerability - Linux

Python is prone to a buffer overflow vulnerability in the sha3 module. SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

9.8CVSS10AI score0.05193EPSS
Exploits1References2
OpenVAS
OpenVAS
added 2022/04/21 12:0 a.m.14 views

Python Shell Command Injection Vulnerability (bpo-24778) - Windows

Python is prone to a shell command injection vulnerability in the mailcap module. SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

8CVSS8.2AI score0.07269EPSS
Exploits1References5
OpenVAS
OpenVAS
added 2022/04/21 12:0 a.m.13 views

Python Shell Command Injection Vulnerability (bpo-24778) - Linux

Python is prone to a shell command injection vulnerability in the mailcap module. SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

8CVSS8.2AI score0.07269EPSS
Exploits1References5
OSV
OSV
added 2021/06/18 3:15 a.m.5 views

CVE-2021-34811

Server-Side Request Forgery SSRF vulnerability in task management component in Synology Download Station before 3.8.16-3566 allows remote authenticated users to access intranet resources via unspecified vectors...

4.3CVSS5.8AI score0.00764EPSS
Exploits0References1
OSV
OSV
added 2021/06/18 3:15 a.m.4 views

CVE-2021-34810

Improper privilege management vulnerability in cgi component in Synology Download Station before 3.8.16-3566 allows remote authenticated users to execute arbitrary code via unspecified vectors...

8.8CVSS7.6AI score0.01369EPSS
Exploits0References1
ArchLinux
ArchLinux
added 2021/06/01 12:0 a.m.169 views

[ASA-202106-17] rabbitmq: denial of service

Arch Linux Security Advisory ASA-202106-17 ========================================== Severity: Medium Date : 2021-06-01 CVE-ID : CVE-2021-22116 Package : rabbitmq Type : denial of service Remote : Yes Link : https://security.archlinux.org/AVG-1966 Summary ======= The package rabbitmq before...

7.5CVSS2.3AI score0.01387EPSS
Exploits0References3
OSV
OSV
added 2013/08/23 4:55 p.m.4 views

DEBIAN-CVE-2013-3371

Cross-site scripting XSS vulnerability in Request Tracker RT 3.8.3 through 3.8.16 and 4.0.x before 4.0.13 allows remote attackers to inject arbitrary web script or HTML via the filename of an attachment...

4.3CVSS6.1AI score0.0206EPSS
Exploits0References1
Rows per page
Query Builder