Lucene search
+L

149 matches found

CNNVD
CNNVD
added 2025/02/07 12:0 a.m.5 views

Braina 安全漏洞

Braina is an intelligent personal assistant software for Windows PCs from Braina that allows you to interact with your computer using voice commands. A security vulnerability exists in Braina version v2.8, which originates from a remote attacker obtaining sensitive information through the chat...

7.5CVSS6.5AI score0.00553EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/02/05 4:10 a.m.5 views

CVE-2024-54219

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in thehp AIO Contact aio-contact.This issue affects AIO Contact: from n/a through = 2.8.1...

7.1CVSS7.2AI score0.00354EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/01/08 12:0 a.m.7 views

CPDF 安全漏洞

CPDF is a PDF command line tool from the individual developer John Whitington. A security vulnerability exists in CPDF 2.8 and earlier versions, which stems from allowing the use of a stack through a carefully crafted PDF document...

4CVSS6.7AI score0.00196EPSS
Exploits0References2
Patchstack
Patchstack
added 2024/12/03 2:30 p.m.6 views

WordPress NPS computy plugin <= 2.8.0 - Reflected Cross-Site Scripting vulnerability

Reflected Cross-Site Scripting vulnerability discovered by vgo0 in WordPress Plugin NPS computy versions = 2.8.0...

6.1CVSS6.3AI score0.00285EPSS
Exploits0References1Affected Software1
OSV
OSV
added 2024/11/05 11:15 a.m.5 views

CVE-2024-9178

The XT Floating Cart for WooCommerce plugin for WordPress is vulnerable to Stored Cross-Site Scripting via SVG File uploads in all versions up to, and including, 2.8.2 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Author-level...

5.4CVSS7.4AI score0.00323EPSS
Exploits0References4
CNNVD
CNNVD
added 2024/10/17 12:0 a.m.4 views

WordPress plugin Email Verification for WooCommerce SQL注入漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A SQL injection vulnerabili...

9.3CVSS7.8AI score0.00403EPSS
Exploits0References2
CNNVD
CNNVD
added 2024/10/10 12:0 a.m.2 views

Classroombookings 安全漏洞

Classroombookings is a Php, Mysql based school room booking system by Craig A Rodway Individual Developer. A security vulnerability exists in Classroombookings version 2.8.7, which stems from the parameter Name of the file/sessions of the component Session Page can lead to a cross-site scripting...

5.1CVSS3.7AI score0.0044EPSS
Exploits1References5
CNNVD
CNNVD
added 2024/06/26 12:0 a.m.4 views

skycaiji Security Breach

Skycaiji Blue Sky Collector is a free data collection and publishing crawler software from China Nanchang ZhuoLan Technology Co., Ltd, which is developed by php+mysql and can be deployed on cloud servers. A security vulnerability exists in skycaiji version 2.8, which stems from a cross-site...

6.1CVSS6.2AI score0.00278EPSS
Exploits0References2
OSV
OSV
added 2024/05/17 7:15 a.m.1 views

CVE-2023-33321

Missing Authorization vulnerability in Metagauss EventPrime allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects EventPrime: from n/a through 2.8.6...

5.3CVSS7.3AI score
Exploits0References1
CNNVD
CNNVD
added 2024/04/18 12:0 a.m.3 views

TOTOLINK N300RT 安全漏洞

The TOTOLINK N300RT is an 802.11n compliant wireless router from China's Gion Electronics TOTOLINK. A security vulnerability exists in TOTOLINK N300RT version V2.1.8-B20201030.1539, which originates from a stored cross-site scripting vulnerability in the WDS Settings function on the Wireless page...

6.1CVSS6AI score0.00415EPSS
Exploits1References3
CNNVD
CNNVD
added 2024/04/17 12:0 a.m.3 views

WordPress Plugin Social Media Share Buttons & Social Sharing Icons 安全漏洞

WordPress and WordPress plugin are products of the WordPress Foundation, a blogging platform developed in the PHP language. The platform supports personal blog sites on servers running PHP and MySQL. WordPress plugin is an application plugin. A security vulnerability exists in the WordPress Plugi...

5.9CVSS8.1AI score0.00405EPSS
Exploits2References2
CNNVD
CNNVD
added 2024/03/26 12:0 a.m.6 views

Apache Airflow 安全漏洞

Apache Airflow is the United States Apache Apache Foundation's set of open source platform for creating, managing and monitoring workflow. The platform is scalable and dynamic monitoring and other characteristics. A security bypass vulnerability exists in Apache Airflow versions 2.8.2 through 2.8...

5.3CVSS6.6AI score0.0146EPSS
Exploits0References4
CNNVD
CNNVD
added 2024/03/13 12:0 a.m.7 views

WordPress Plugin Ultimate Member Security Vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A security vulnerability exists in WordPres...

7.2CVSS5.7AI score0.26666EPSS
Exploits0References8
CNNVD
CNNVD
added 2024/03/07 12:0 a.m.6 views

WordPress Plugin buddyforms security vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress is a blogging platform developed in the PHP language that supports personal blogs on PHP and MySQL servers.WordPress plugin is an application...

8.2CVSS6.5AI score0.00725EPSS
Exploits0References4
OSV
OSV
added 2024/01/17 4:15 p.m.7 views

CVE-2022-38141

Missing Authorization vulnerability in Zorem Sales Report Email for WooCommerce.This issue affects Sales Report Email for WooCommerce: from n/a through 2.8...

6.5CVSS5.8AI score0.00403EPSS
Exploits0References1
CNNVD
CNNVD
added 2023/12/27 12:0 a.m.4 views

Jayway JsonPath Security Vulnerability

Jayway JsonPath is json-path open source a Java DSL for reading Json documents. A security vulnerability exists in Jayway JsonPath version v2.8.0, which stems from a stack overflow vulnerability in the Criteria.parse method...

5.3CVSS7.8AI score0.0067EPSS
Exploits1References8
OSV
OSV
added 2023/12/07 2:15 a.m.5 views

CVE-2023-5712

The System Dashboard plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the sdglobalvalue function hooked via an AJAX action in all versions up to, and including, 2.8.7. This makes it possible for authenticated attackers, with subscriber-level...

4.3CVSS5.8AI score0.00432EPSS
Exploits0References3
OSV
OSV
added 2023/11/16 5:15 p.m.4 views

CVE-2023-6019

A command injection existed in Ray's cpuprofile URL parameter allowing attackers to execute os commands on the system running the ray dashboard remotely without authentication. The issue is fixed in version 2.8.1+. Ray maintainers' response can be found here:...

9.8CVSS5.9AI score0.7463EPSS
Exploits15References1
CNNVD
CNNVD
added 2023/11/14 12:0 a.m.4 views

EMSigner Security Vulnerability

EMSigner is an electronic signature solution from EMSigner India. A security vulnerability exists in EMSigner version v2.8.7, which stems from a vulnerability that allows an attacker to gain unauthorized access to application content and view sensitive data of other users by manipulating the...

6.5CVSS6.8AI score0.00581EPSS
Exploits1References2
Positive Technologies
Positive Technologies
added 2023/09/26 12:0 a.m.7 views

PT-2023-27500 · Unknown · Welcart E-Commerce

Name of the Vulnerable Software and Affected Versions: Welcart e-Commerce versions 2.7 to 2.8.21 Description: The issue allows a user with author or higher privilege to obtain partial information of the files on the web server due to a path traversal vulnerability. Recommendations: For Welcart...

4.3CVSS4.3AI score0.00597EPSS
Exploits0References5
Rows per page
Query Builder