Lucene search
K

20 matches found

AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.6 views

Astra Linux – Vulnerability in libwebp

A heap-based buffer overflow was discovered in libwebp in versions prior to 1.0.1 in the ShiftBytes function...

9.1CVSS7.2AI score0.02051EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.2 views

Astra Linux – Vulnerability in libwebp

A heap-based buffer overflow was discovered in libwebp in versions prior to 1.0.1 in the GetLE16 function...

9.1CVSS7.2AI score0.021EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2026/06/05 7:18 p.m.11 views

CVE-2026-45430

The Salesforce module before 1.x-1.0.1 for Backdrop CMS does not properly use a random state parameter to protect the authorization flow against CSRF attacks...

7.1CVSS5.5AI score0.00121EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/02/20 3:46 p.m.5 views

CVE-2025-53237 WordPress WP Wizard Cloak Plugin <= 1.0.1 - Cross Site Scripting (XSS) Vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Soflyy WP Wizard Cloak wp-wizard-cloak allows Reflected XSS.This issue affects WP Wizard Cloak: from n/a through = 1.0.1...

7.1CVSS5.3AI score0.00237EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/02/06 1:26 a.m.5 views

CVE-2026-0946

Improper Neutralization of Input During Web Page Generation "Cross-site Scripting" vulnerability in Drupal AT Internet SmartTag allows Cross-Site Scripting XSS.This issue affects AT Internet SmartTag: from 0.0.0 before 1.0.1...

6.1CVSS5.3AI score0.00149EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/02/04 8:25 p.m.2 views

CVE-2026-0946 AT Internet SmartTag - Moderately critical - Cross-site Scripting - SA-CONTRIB-2026-003

Improper Neutralization of Input During Web Page Generation "Cross-site Scripting" vulnerability in Drupal AT Internet SmartTag allows Cross-Site Scripting XSS.This issue affects AT Internet SmartTag: from 0.0.0 before 1.0.1...

5.3AI score0.00149EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/02/02 12:0 a.m.18 views

PT-2026-51155

Name of the Vulnerable Software and Affected Versions picklescan versions prior to 1.0.1 Description Unsafe pickle deserialization allows unauthenticated attackers to create arbitrary zero-byte files. This is achieved through the instantiation of the logging.FileHandler class. By crafting malicio...

6.9CVSS6.5AI score0.00288EPSS
Exploits1References16
Positive Technologies
Positive Technologies
added 2025/12/02 12:0 a.m.7 views

PT-2025-48709

CVE-2025-12630 The https://t.co/qJXADBHssq WordPress plugin before 1.0.1 is vulnerable to arbitrary option disclosure due to a missing capability check on its AJAX request handler, allowing user… https://t.co/IEMrlN1EhJ...

4.9CVSS6.6AI score0.00235EPSS
Exploits0References3
OSV
OSV
added 2025/10/30 12:31 a.m.4 views

GHSA-JXP8-4JW5-5XJC Drupal Umami Analytics allows Cross-Site Scripting (XSS)

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Drupal Umami Analytics allows Cross-Site Scripting XSS. This issue affects Umami Analytics: from 0.0.0 before 1.0.1...

3.8CVSS5.9AI score0.00184EPSS
Exploits0References2
OSV
OSV
added 2025/10/30 12:15 a.m.4 views

CVE-2025-10931

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Drupal Umami Analytics allows Cross-Site Scripting XSS.This issue affects Umami Analytics: from 0.0.0 before 1.0.1...

3.8CVSS5.8AI score0.00184EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2006-2978

Malware in sbrugna...

7.5CVSS6.4AI score0.01093EPSS
Exploits0References3
CNNVD
CNNVD
added 2023/09/18 12:0 a.m.5 views

SAMSUNG Memory Card & UFD Authentication Utility PC Software Code Issue Vulnerability

SAMSUNG Memory Card & UFD Authentication Utility PC Software is a memory card and UFD authentication utility program from SAMSUNG Korea. A security vulnerability exists in SAMSUNG Memory Card & UFD Authentication Utility PC Software prior to version 1.0.1, which stems from a DLL hijacking...

7.3CVSS6.7AI score0.0018EPSS
Exploits0References3
OSV
OSV
added 2023/08/08 12:15 p.m.4 views

CVE-2023-3716

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Oduyo Online Collection Software allows SQL Injection.This issue affects Online Collection Software: before 1.0.1...

9.8CVSS5.8AI score0.00519EPSS
Exploits0References1
OSV
OSV
added 2021/05/21 5:15 p.m.2 views

DEBIAN-CVE-2018-25012

A heap-based buffer overflow was found in libwebp in versions before 1.0.1 in GetLE24...

9.1CVSS7.3AI score0.02051EPSS
Exploits0References1
OSV
OSV
added 2021/05/21 5:15 p.m.3 views

DEBIAN-CVE-2018-25013

A heap-based buffer overflow was found in libwebp in versions before 1.0.1 in ShiftBytes...

9.1CVSS8.6AI score0.02051EPSS
Exploits0References1
CNNVD
CNNVD
added 2021/05/21 12:0 a.m.2 views

libwebp 缓冲区错误漏洞

Libwebp is a WebP image format encoding and decoding library . A security vulnerability exists in versions of libwebp prior to 1.0.1. An attacker can exploit the vulnerability to affect data confidentiality, integrity, and system availability...

9.8CVSS7.4AI score0.02513EPSS
Exploits0References31
CNNVD
CNNVD
added 2021/05/21 12:0 a.m.3 views

libwebp 缓冲区错误漏洞

Libwebp is a WebP image format encoding and decoding library . A security vulnerability exists in versions of Libwebp prior to 1.0.1. The vulnerability stems from a heap buffer overflow in the WebPDecodeRGBInto function, caused by an invalid check of the buffer size. An attacker can exploit the...

9.8CVSS7.7AI score0.02662EPSS
Exploits0References28
CNVD
CNVD
added 2019/08/29 12:0 a.m.3 views

WordPress cp-polls plugin cross-site scripting vulnerability

WordPress is a set of WordPress Software Foundation's blogging platform developed using the PHP language, which supports personal blog sites on servers with PHP and MySQL. A cross-site scripting vulnerability exists in the WordPress cp-polls plugin versions prior to 1.0.1. The vulnerability stems...

6.1CVSS6.3AI score0.00913EPSS
Exploits0References1
OSV
OSV
added 2019/02/18 11:56 p.m.2 views

GHSA-2MHH-W6Q8-5HXW Remote Memory Disclosure in ws

Versions of ws prior to 1.0.1 are affected by a remote memory disclosure vulnerability. In certain rare circumstances, applications which allow users to control the arguments of a client.ping call will cause ws to send the contents of an allocated but non-zero-filled buffer to the server. This ma...

7.5CVSS6AI score0.02015EPSS
Exploits0References6
OSV
OSV
added 2017/08/18 9:29 p.m.1 views

DEBIAN-CVE-2017-12959

There is a reachable assertion abort in the function dictaddmrset in data/dictionary.c of the libpspp library in GNU PSPP before 1.0.1 that will lead to a remote denial of service attack...

7.5CVSS7.3AI score0.01262EPSS
Exploits0References1
Rows per page
Query Builder