Lucene search
K

36 matches found

EUVD
EUVD
added 2025/10/07 12:30 a.m.3 views

EUVD-2018-10854

Malware in sbrugna...

4.8CVSS4.9AI score0.00547EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2023-39845

Malicious code in bioql PyPI...

7.5CVSS7.5AI score0.01105EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2025/09/24 6:30 p.m.4 views

CVE-2025-57977

Cross-Site Request Forgery CSRF vulnerability in wpdesk Flexible PDF Invoices for WooCommerce & WordPress flexible-invoices allows Cross Site Request Forgery.This issue affects Flexible PDF Invoices for WooCommerce & WordPress: from n/a through = 6.0.13...

7.1CVSS5.9AI score0.00144EPSS
Exploits0References1
Patchstack
Patchstack
added 2025/09/22 7:4 p.m.4 views

WordPress Flexible PDF Invoices for WooCommerce & WordPress Plugin <= 6.0.13 - Cross Site Request Forgery (CSRF) Vulnerability

Cross Site Request Forgery CSRF Vulnerability discovered by theviper17 in WordPress Plugin Flexible PDF Invoices for WooCommerce & WordPress versions = 6.0.13...

7.1CVSS6.6AI score0.00144EPSS
Exploits0Affected Software1
CVE
CVE
added 2025/09/22 6:24 p.m.11 views

CVE-2025-57977

CVE-2025-57977 is a CSRF vulnerability in the WordPress plugin Flexible PDF Invoices for WooCommerce & WordPress (≤ 6.0.13). Affected component is the plugin’s CSRF handling in the invoice generation/related actions. CVSS metrics from Patchstack/NVD indicate: AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:H w...

7.1CVSS5.1AI score0.00144EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/09/22 6:24 p.m.11 views

CVE-2025-57977 WordPress Flexible PDF Invoices for WooCommerce & WordPress Plugin <= 6.0.13 - Cross Site Request Forgery (CSRF) Vulnerability

Cross-Site Request Forgery CSRF vulnerability in wpdesk Flexible PDF Invoices for WooCommerce & WordPress flexible-invoices allows Cross Site Request Forgery.This issue affects Flexible PDF Invoices for WooCommerce & WordPress: from n/a through = 6.0.13...

7.1CVSS0.00144EPSS
Exploits0References1
Oracle linux
Oracle linux
added 2024/04/09 12:0 a.m.30 views

varnish security update

varnish 6.0.13-1 - new version 6.0.13 - Resolves: RHEL-30378 - varnish:6/varnish: HTTP/2 Broken Window Attack may result in denial of service CVE-2024-30156 varnish-modules...

7.5CVSS7.3AI score0.03663EPSS
Exploits0
OpenVAS
OpenVAS
added 2023/11/30 12:0 a.m.23 views

VMware Spring Framework 6.0.0 - 6.0.13 DoS Vulnerability

The VMware Spring Framework is prone to a denial of service DoS vulnerability. SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

7.5CVSS7.8AI score0.0115EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2023/11/14 12:0 a.m.4 views

PT-2023-20550 · Tibco Software · Tibco Ebx +1

Name of the Vulnerable Software and Affected Versions: TIBCO EBX versions 5.9.22 and below TIBCO EBX versions 6.0.13 and below TIBCO Product and Service Catalog powered by TIBCO EBX versions 5.0.0 and below Description: The Web Application component of TIBCO Software Inc.'s TIBCO EBX and TIBCO...

8.7CVSS5.3AI score0.00468EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2023/06/29 8:15 p.m.3 views

CVE-2022-44720

An issue was discovered in Weblib Ucopia before 6.0.13. OS Command Injection injection can occur, related to chroot...

9.8CVSS7.4AI score0.02532EPSS
Exploits1References3
ATTACKERKB
ATTACKERKB
added 2023/06/29 8:15 p.m.4 views

CVE-2022-44719

An issue was discovered in Weblib Ucopia before 6.0.13. The SSH Server has Insecure Permissions...

7.5CVSS7.2AI score0.00734EPSS
Exploits1References3
CNNVD
CNNVD
added 2023/06/29 12:0 a.m.6 views

Ucopia 安全漏洞

Ucopia Express is a device used for Wifi management by the French company Ucopia. A security vulnerability exists in Ucopia versions prior to 6.0.13, which stems from an SSH server with insecure privileges...

7.5CVSS7.3AI score0.00734EPSS
Exploits1References3
OSV
OSV
added 2023/06/19 4:15 a.m.23 views

CVE-2023-35852

In Suricata before 6.0.13 when there is an adversary who controls an external source of rules, a dataset filename, that comes from a rule, may trigger absolute or relative directory traversal, and lead to write access to a local filesystem. This is addressed in 6.0.13 by requiring...

7.5CVSS6.8AI score
Exploits0References5
OSV
OSV
added 2023/06/19 4:15 a.m.1 views

UBUNTU-CVE-2023-35852

In Suricata before 6.0.13 when there is an adversary who controls an external source of rules, a dataset filename, that comes from a rule, may trigger absolute or relative directory traversal, and lead to write access to a local filesystem. This is addressed in 6.0.13 by requiring...

7.5CVSS7.1AI score0.01105EPSS
Exploits0References6
SUSE CVE
SUSE CVE
added 2023/02/15 3:43 a.m.4 views

SUSE CVE-2021-29477

Redis is an open source BSD licensed, in-memory data structure store, used as a database, cache, and message broker. An integer overflow bug in Redis version 6.0 or newer could be exploited using the STRALGO LCS command to corrupt the heap and potentially result with remote code execution. The...

8.8CVSS8.4AI score0.04028EPSS
Exploits0References6
Snyk
Snyk
added 2023/02/14 10:0 p.m.2 views

Arbitrary Code Execution

Overview Affected versions of this package are vulnerable to Arbitrary Code Execution in the way it reads debugging symbols, where reading a malicious symbols file may result in the exploitation of this vulnerability. Remediation Upgrade Microsoft.NETCore.App.Runtime.win-x86 to version 6.0.13,...

7.8CVSS7.2AI score0.01148EPSS
Exploits0References2
OSV
OSV
added 2023/01/17 3:56 p.m.13 views

GSD-2023-1000048 media: v4l2-dv-timings.c: fix too strict blanking sanity checks

media: v4l2-dv-timings.c: fix too strict blanking sanity checks This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v6.0.13 by commit...

7.2AI score
Exploits0
OSV
OSV
added 2023/01/17 3:56 p.m.7 views

GSD-2023-1000047 mm/gup: fix gup_pud_range() for dax

mm/gup: fix guppudrange for dax This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v6.0.13 by commit e06d13c36ded750c72521b600293befebb4e56c5, it w...

7.2AI score
Exploits0
Positive Technologies
Positive Technologies
added 2023/01/17 12:0 a.m.2 views

PT-2023-33135 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v6.0.13 Description: The issue is related to the use of kzalloc in fbcon prepare logo. The actual impact and attack plausibility have not yet been proven. Recommendations: For Linux Kernel versions prior to...

7.2AI score
Exploits0References1
Positive Technologies
Positive Technologies
added 2023/01/17 12:0 a.m.3 views

PT-2023-33112 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v6.0.13 Description: The issue is related to the use of this cpu add in preemptible contexts within the netfilter conntrack component. The actual impact and potential for attacks have not been fully proven...

7.2AI score
Exploits0References1
Rows per page
Query Builder