Lucene search
K

17 matches found

RedhatCVE
RedhatCVE
added 2026/02/17 1:38 a.m.7 views

CVE-2026-2525

A vulnerability has been found in Free5GC up to 4.1.0. This affects an unknown function of the component PFCP UDP Endpoint. Such manipulation leads to denial of service. The attack can be launched remotely. The exploit has been disclosed to the public and may be used...

7.5CVSS5.2AI score0.00493EPSS
Exploits1References1
ATTACKERKB
ATTACKERKB
added 2026/01/22 4:51 p.m.2 views

CVE-2025-67955

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in TangibleWP MyHome Core myhome-core allows PHP Local File Inclusion.This issue affects MyHome Core: from n/a through = 4.1.0...

7.5CVSS5.4AI score0.00463EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2025-30585

Malicious code in bioql PyPI...

4.3CVSS6.5AI score0.00234EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2025/05/23 9:31 a.m.5 views

CVE-2024-26481

Kirby CMS v4.1.0 was discovered to contain a reflected self-XSS vulnerability via the URL parameter...

4.7CVSS7.2AI score0.00405EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/23 9:31 a.m.5 views

CVE-2024-26482

An HTML injection vulnerability exists in the Edit Content Layout module of Kirby CMS v4.1.0. NOTE: the vendor disputes the significance of this report because some HTML formatting such as with an H1 element is allowed, but there is backend sanitization such that the reporter's mentioned "injecti...

7.1CVSS6.9AI score0.0032EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/23 4:59 a.m.7 views

CVE-2023-51490

Exposure of Sensitive Information to an Unauthorized Actor vulnerability in WPMU DEV Defender Security – Malware Scanner, Login Security & Firewall.This issue affects Defender Security – Malware Scanner, Login Security & Firewall: from n/a through 4.1.0...

7.5CVSS7.8AI score0.0048EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/05/07 2:20 p.m.19 views

CVE-2025-47509 WordPress Top 10 plugin <= 4.1.0 - Cross Site Scripting (XSS) Vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Ajay Top 10 top-10 allows Stored XSS.This issue affects Top 10: from n/a through = 4.1.0...

6.5CVSS0.00209EPSS
Exploits0References1
CVE
CVE
added 2025/02/28 1:42 p.m.76 views

CVE-2025-1747

CVE-2025-1747 describes HTML injection vulnerabilities in OpenCart versions prior to 4.1.0. The issue allows an attacker to modify the HTML of a victim’s browser by sending a malicious URL and altering the parameter name in /account/login. Affected software: OpenCart (opencart/opencart package in...

4.7CVSS5.1AI score0.00237EPSS
Exploits0References1Affected Software1
CNNVD
CNNVD
added 2024/12/12 12:0 a.m.5 views

Apache Superset 安全漏洞

Apache Superset is a data visualization and data exploration platform from the Apache USA Foundation. A security vulnerability exists in Apache Superset versions prior to 4.1.0 that stems from improper authorization, which allows an attacker with SQLLab access to construct specially crafted SQL D...

7.1CVSS6.9AI score0.02562EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2024/04/30 12:0 a.m.3 views

PT-2024-4042 · Unknown +5 · Tpm2 Software Stack +5

Name of the Vulnerable Software and Affected Versions: TPM2 Software Stack versions prior to 4.1.0 Description: The issue is related to the TPM2 GENERATED VALUE function in the TCG TPM2 TPM2 Software Stack implementation. It lacks a check to ensure the magic number in the attest matches the TPM2...

6.4CVSS7.9AI score0.00519EPSS
Exploits1References41
CNNVD
CNNVD
added 2024/02/22 12:0 a.m.3 views

Kirby security breach

Kirby is a file-based content management system CMS. A security vulnerability exists in Kirby CMS version v4.1.0, which stems from a Reflected Cross-Site Scripting XSS vulnerability via URL parameters...

4.7CVSS5.8AI score0.00405EPSS
Exploits1References2
Positive Technologies
Positive Technologies
added 2022/11/17 12:0 a.m.5 views

PT-2022-26771 · Unknown · Kkfileview

Name of the Vulnerable Software and Affected Versions: kkFileView version 4.1.0 Description: The issue allows attackers to force the application to make arbitrary requests via injection of crafted URLs into the url parameter. This is achieved through a Server-Side Request Forgery SSRF in the...

7.5CVSS7.5AI score0.01949EPSS
Exploits1References4
CNVD
CNVD
added 2019/10/24 12:0 a.m.4 views

Apache POI Information Disclosure Vulnerability

Apache POI is an open source JAVA library for reading and writing Microsoft document formats . An information disclosure vulnerability exists in Apache POI 4.1.0 and earlier versions. When converting a user-supplied Microsoft Excel document using the XSSFExportToXml tool, an attacker can exploit...

5.5CVSS5.8AI score0.0099EPSS
Exploits0References1
OSV
OSV
added 2019/07/10 12:0 p.m.2 views

UBUNTU-CVE-2019-10191

A vulnerability was discovered in DNS resolver of knot resolver before version 4.1.0 which allows remote attackers to downgrade DNSSEC-secure domains to DNSSEC-insecure state, opening possibility of domain hijack using attacks against insecure DNS protocol...

7.5CVSS6.6AI score0.01932EPSS
Exploits0References3
CNVD
CNVD
added 2019/02/25 12:0 a.m.2 views

WUZHI CMS Cross-Site Scripting Vulnerability (CNVD-2019-05295)

WUZHI CMS is five fingers WUZHI company based on PHP and MySQL open source content management system CMS. WUZHI CMS version 4.1.0 in the existence of cross-site scripting vulnerability, a remote attacker can / index.php?m=core&f=map&v=baidumap URL 'x' and 'y' parameters to exploit the The...

6.1CVSS6AI score0.00853EPSS
Exploits1References1
CNVD
CNVD
added 2018/12/29 12:0 a.m.2 views

WUZHI CMS SQL Injection Vulnerability (CNVD-2019-03304)

WUZHI CMS is China's five fingers WUZHI Internet technology company based on PHP and MySQL open source content management system CMS. A SQL injection vulnerability exists in the coreframe/app/coupon/admin/copyfrom.php file in WUZHI CMS version 4.1.0. A remote attacker can exploit this vulnerabili...

9.8CVSS10AI score0.01537EPSS
Exploits1References1
CNVD
CNVD
added 2017/05/18 12:0 a.m.5 views

GNU oSIP libosip2 Denial of Service Vulnerability (CNVD-2017-07201)

GNU oSIP is a library developed by the GNU Project to provide developers with an interface to multimedia and communications. libosip2 is a standard library for multithreading safety written in C. It is a library that is used in the GNU Project. A denial of service vulnerability exists in the...

7.5CVSS7.2AI score0.01499EPSS
Exploits0References1
Rows per page
Query Builder