Lucene search
K

17 matches found

AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.9 views

Astra Linux – Vulnerability in Apache2

Malformed requests may cause the server to dereference a NULL pointer. This issue affects Apache HTTP Server 2.4.48 and earlier...

7.5CVSS7.7AI score0.64509EPSS
Exploits0References2
EUVD
EUVD
added 2026/06/04 8:47 p.m.11 views

EUVD-2026-34325

Iris is a web collaborative platform that helps incident responders share technical details during investigations. Versions prior to 2.4.28 contain a weakness where an attacker can misuse it to redirect the user to a malicious website controlled by an attacker. Version 2.4.28 fixes the issue...

4.7CVSS5.8AI score0.00174EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/03/23 12:0 a.m.14 views

PT-2026-27253

The WP Job Portal plugin for WordPress is vulnerable to SQL Injection via the 'radius' parameter in all versions up to, and including, 2.4.8 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for...

7.5CVSS5.9AI score0.00409EPSS
Exploits0References6
Cvelist
Cvelist
added 2026/02/20 3:46 p.m.21 views

CVE-2025-69391 WordPress Diamond theme <= 2.4.8 - Reflected Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in GT3themes Diamond diamond allows Reflected XSS.This issue affects Diamond: from n/a through = 2.4.8...

7.1CVSS0.0018EPSS
Exploits0References1
Patchstack
Patchstack
added 2026/02/18 12:28 a.m.9 views

WordPress Kali Forms plugin <= 2.4.8 - Insecure Direct Object Reference to Authenticated (Contributor+) Sensitive Form Data Exposure vulnerability

Insecure Direct Object Reference to Authenticated Contributor+ Sensitive Form Data Exposure vulnerability discovered by Youssef Elouaer in WordPress Plugin Kali Forms versions = 2.4.8...

4.3CVSS5.5AI score0.00289EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2026/02/04 4:48 p.m.2 views

CVE-2026-25115 n8n is vulnerable to Python sandbox escape

n8n is an open source workflow automation platform. Prior to version 2.4.8, a vulnerability in the Python Code node allows authenticated users to break out of the Python sandbox environment and execute code outside the intended security boundary. This issue has been patched in version 2.4.8...

9.4CVSS5.6AI score0.00526EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/04/17 12:0 a.m.4 views

WordPress plugin Credova_Financial 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site...

7.1CVSS7AI score0.00235EPSS
Exploits0References1
Patchstack
Patchstack
added 2024/10/29 8:19 p.m.5 views

WordPress T(-) Countdown plugin <= 2.4.8 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting via Shortcode vulnerability discovered by theviper17y in WordPress Plugin T- Countdown versions = 2.4.8...

6.4CVSS5.8AI score0.00337EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2024/08/12 1:42 p.m.6 views

WordPress Busiprof theme <= 2.4.8 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by stealthcopter Patchstack Alliance in WordPress Theme Busiprof versions = 2.4.8...

6.5CVSS6.1AI score0.00239EPSS
Exploits0Affected Software1
CNNVD
CNNVD
added 2024/06/04 12:0 a.m.4 views

WordPress plugin Discussion Board 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting...

5.4CVSS6AI score0.00357EPSS
Exploits0References2
CNNVD
CNNVD
added 2024/04/12 12:0 a.m.5 views

WordPress Plugin WidgetKit 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security...

6.4CVSS5.9AI score0.0032EPSS
Exploits0References3
CNNVD
CNNVD
added 2023/02/16 12:0 a.m.6 views

Intel SUR 代码问题漏洞

Intel SUR is a Software Asset Manager software from Intel Corporation USA. A security vulnerability exists in IntelR SUR version 2.4.8902, which stems from an improper condition check in the software that could allow a privileged user to covertly enable denial of service via network access...

7.5CVSS7.3AI score0.00608EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2022/11/25 12:0 a.m.6 views

PT-2022-15804 · Unknown · Tiny File Manager

Name of the Vulnerable Software and Affected Versions: Tiny File Manager version 2.4.8 Description: The issue allows an unauthenticated remote attacker to execute arbitrary code remotely on the server. This is possible because the application is vulnerable to CSRF, processes uploaded files...

8.8CVSS8.2AI score0.00419EPSS
Exploits1References6
PyPA
PyPA
added 2022/09/28 9:15 p.m.7 views

PYSEC-2022-296

Use of Cache Containing Sensitive Information in GitHub repository ikus060/rdiffweb prior to 2.4.8...

4.6CVSS6.7AI score0.00493EPSS
Exploits1References4Affected Software1
PyPA
PyPA
added 2022/09/26 10:15 p.m.10 views

PYSEC-2022-294

Allocation of Resources Without Limits or Throttling in GitHub repository ikus060/rdiffweb prior to 2.4.8...

7.5CVSS6.8AI score0.00924EPSS
Exploits1References3Affected Software1
OSV
OSV
added 2021/06/09 8:15 p.m.5 views

CVE-2020-24475

Improper initialization in the BMC firmware for some IntelR Server Boards, Server Systems and Compute Modules before version 2.48.ce3e3bd2 may allow an authenticated user to potentially enable denial of service via local access...

5.5CVSS5.8AI score0.00219EPSS
Exploits0References1
OSV
OSV
added 2019/06/30 4:15 p.m.5 views

CVE-2019-13085

XnView Classic 2.48 has a User Mode Write AV starting at xnview+0x000000000030ecfa...

7.8CVSS5.8AI score0.01215EPSS
Exploits1References1
Rows per page
Query Builder