Lucene search
K

8 matches found

AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.7 views

Astra Linux – Vulnerability in cups

Due to a failure in validating the length provided by a PPD PostScript document crafted by an attacker, CUPS and libppd are vulnerable to a heap-based buffer overflow, potentially leading to code execution. This issue has been fixed in CUPS version 2.4.7, released in September 2023...

7CVSS7.3AI score0.00663EPSS
Exploits2References2
Cvelist
Cvelist
added 2025/11/29 1:14 a.m.9 views

CVE-2025-66036 Retro is vulnerable to XSS vulnerability in input handling component

Retro is an online platform providing items of vintage collections. Prior to version 2.4.7, Retro is vulnerable to a cross-site scripting XSS in the input handling component. This issue has been patched in version 2.4.7...

6.1CVSS0.00163EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/11/29 12:0 a.m.5 views

PT-2025-48354

Name of the Vulnerable Software and Affected Versions Retro versions prior to 2.4.7 Description Retro, an online platform for vintage collections, has a cross-site scripting XSS issue in the input handling component. This allows for potential malicious code execution through crafted input...

6.1CVSS6.2AI score0.00163EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2025/11/09 3:57 a.m.8 views

CVE-2025-12064

The WP2Social Auto Publish plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via PostMessage in all versions up to, and including, 2.4.7 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web...

6.1CVSS5.6AI score0.00201EPSS
Exploits0References1
Patchstack
Patchstack
added 2025/01/27 4:43 a.m.5 views

WordPress WP Multi Store Locator Plugin <= 2.4.7 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by Abdi Pranata in WordPress Plugin WP Multistore Locator versions = 2.4.7...

7.1CVSS6.1AI score0.00251EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2024/07/22 11:59 a.m.6 views

WordPress AI ENGINE plugin <= 2.4.7 - Server Side Request Forgery (SSRF) vulnerability

Server Side Request Forgery SSRF vulnerability discovered by Yuchen Ji Patchstack Alliance in WordPress Plugin AI Engine versions = 2.4.7...

7.1CVSS7AI score0.00224EPSS
Exploits0Affected Software1
CNNVD
CNNVD
added 2024/06/14 12:0 a.m.15 views

WordPress plugin WP Prayer II security vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security...

6.1CVSS6.7AI score0.00197EPSS
Exploits2References2
OSV
OSV
added 2021/02/17 2:15 p.m.5 views

CVE-2020-12377

Insufficient input validation in the BMC firmware for some IntelR Server Boards, Server Systems and Compute Modules before version 2.47 may allow an authenticated user to potentially enable escalation of privilege via local access...

7.8CVSS7.1AI score0.00264EPSS
Exploits0References1
Rows per page
Query Builder