Lucene search
K

29 matches found

NVD
NVD
added 5 days ago5 views

CVE-2026-57680

Unauthenticated Insecure Direct Object References IDOR in Kirki = 6.0.11 versions...

6.5CVSS0.00253EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:41 p.m.9 views

CVE-2025-12694

A local privilege escalation vulnerability exists in Forcepoint VPN Client that allows a local non-administrative user to escalate privileges to SYSTEM. This issue affects VPN Client for Windows: versions 6.11.3 and prior...

8.5CVSS5.5AI score0.00104EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/06/04 12:4 p.m.10 views

CVE-2025-12694

A local privilege escalation vulnerability exists in Forcepoint VPN Client that allows a local non-administrative user to escalate privileges to SYSTEM. This issue affects VPN Client for Windows: versions 6.11.3 and prior...

8.5CVSS5.8AI score0.00104EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/06/04 12:0 a.m.21 views

PT-2026-46182

Name of the Vulnerable Software and Affected Versions Forcepoint VPN Client versions prior to 6.11.4 Description A local privilege escalation issue in Forcepoint VPN Client for Windows allows a non-administrative user to gain SYSTEM privileges...

8.5CVSS5.9AI score0.00104EPSS
Exploits0References5
CNNVD
CNNVD
added 2026/02/23 12:0 a.m.11 views

Traccar 代码问题漏洞

Traccar is a Java-based website building system provided by the American company Traccar. This software supports over 170 GPS protocols and over 1,500 types of GPS tracking devices. Traccar can be used alongside any major SQL database systems. It also offers a user-friendly REST API. Versions of...

8.7CVSS5.7AI score0.00273EPSS
Exploits1References1
Positive Technologies
Positive Technologies
added 2026/02/23 12:0 a.m.6 views

PT-2026-21558

Name of the Vulnerable Software and Affected Versions Traccar versions up to and including 6.11.1 Description The Traccar GPS tracking system is affected by an issue where authenticated users with device creation or editing privileges can manipulate the uniqueId parameter to specify an absolute...

6.5CVSS5.2AI score0.0032EPSS
Exploits1References6
CNNVD
CNNVD
added 2026/02/23 12:0 a.m.8 views

Traccar 安全漏洞

Traccar is a Java-based website building system provided by the American company Traccar. This software supports over 170 GPS protocols and over 1500 types of GPS tracking devices. Traccar can be used alongside any major SQL database systems. It also offers a user-friendly REST API. Traccar...

6.5CVSS5.8AI score0.0032EPSS
Exploits1References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2025-30215

Malicious code in bioql PyPI...

5.4CVSS6.6AI score0.00178EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2025-27243

Malicious code in bioql PyPI...

5.3CVSS6.6AI score0.00218EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2025/09/11 1:23 p.m.5 views

CVE-2025-10095

A SQL injection vulnerability has been identified in the SMPP server component of the SMSEagle firmware, specifically affecting the handling of certain parameters within the server's database interactions. The vulnerability is isolated to the SMPP server, which operates with its own dedicated...

5.3CVSS7.9AI score0.00218EPSS
Exploits0References1
NVD
NVD
added 2025/09/09 10:15 a.m.4 views

CVE-2025-10095

A SQL injection vulnerability has been identified in the SMPP server component of the SMSEagle firmware, specifically affecting the handling of certain parameters within the server's database interactions. The vulnerability is isolated to the SMPP server, which operates with its own dedicated...

5.3CVSS0.00218EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2025/09/09 9:59 a.m.2 views

CVE-2025-10095 SQL injection in SMPP component of SMSEagle firmware

A SQL injection vulnerability has been identified in the SMPP server component of the SMSEagle firmware, specifically affecting the handling of certain parameters within the server's database interactions. The vulnerability is isolated to the SMPP server, which operates with its own dedicated...

5.3CVSS7.4AI score0.00218EPSS
Exploits0References2
Cvelist
Cvelist
added 2025/09/09 9:59 a.m.7 views

CVE-2025-10095 SQL injection in SMPP component of SMSEagle firmware

A SQL injection vulnerability has been identified in the SMPP server component of the SMSEagle firmware, specifically affecting the handling of certain parameters within the server's database interactions. The vulnerability is isolated to the SMPP server, which operates with its own dedicated...

5.3CVSS0.00218EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2025/09/09 12:0 a.m.8 views

PT-2025-36721

Name of the Vulnerable Software and Affected Versions: SMSEagle versions prior to 6.11 Description: A SQL injection vulnerability exists in the SMPP server component of the SMSEagle firmware. The issue stems from improper sanitization of user input in the server's scripts during database...

5.3CVSS7.3AI score0.00218EPSS
Exploits0References8
Github Security Blog
Github Security Blog
added 2025/07/31 9:31 p.m.13 views

php-jwt contains weak encryption

php-jwt v6.11.0 was discovered to contain weak encryption...

6.5CVSS5.4AI score0.00137EPSS
Exploits0References12Affected Software1
OSV
OSV
added 2025/07/31 9:31 p.m.7 views

GHSA-2X45-7FC3-MXWQ php-jwt contains weak encryption

php-jwt v6.11.0 was discovered to contain weak encryption...

6.9CVSS5.4AI score0.00137EPSS
Exploits0References12
CNNVD
CNNVD
added 2025/07/31 12:0 a.m.8 views

PHP-JWT 安全漏洞

PHP-JWT is a simple library open-sourced by Firebase for encoding and decoding JSON Web Tokens JWT in PHP, compliant with RFC 7519. A security vulnerability exists in PHP-JWT version v6.11.0 that stems from weak encryption...

6.5CVSS6.6AI score0.00137EPSS
Exploits0References4
ATTACKERKB
ATTACKERKB
added 2025/07/31 12:0 a.m.8 views

CVE-2025-45769

php-jwt v6.11.0 was discovered to contain weak encryption. NOTE: this issue has been disputed on the basis that key lengths are expected to be set by an application, not by this library. This dispute is subject to review under CNA rules 4.1.4, 4.1.14, and other rules; the dispute tagging is not...

7.3CVSS5.4AI score0.00137EPSS
Exploits0References9
OSV
OSV
added 2024/07/31 11:15 a.m.3 views

CVE-2024-6725

The Formidable Forms – Contact Form Plugin, Survey, Quiz, Payment, Calculator Form & Custom Form Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘html’ parameter in all versions up to, and including, 6.11.1 due to insufficient input sanitization and output...

5.4CVSS5.9AI score0.00352EPSS
Exploits0References3
CNNVD
CNNVD
added 2024/07/31 12:0 a.m.4 views

WordPress plugin Formidable Forms 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

5.4CVSS6.6AI score0.00352EPSS
Exploits0References4
Rows per page
Query Builder