Lucene search
K

15 matches found

CNNVD
CNNVD
added 2026/04/16 12:0 a.m.10 views

Yamaha SR-B30A 安全漏洞

The Yamaha SR-B30A is a bar-style audio device produced by the Japanese company Yamaha. Version 2.40 of the Yamaha SR-B30A contains a security vulnerability. This vulnerability stems from the Bluetooth low-power control interface, which allows unauthorized connections without authentication. This...

6.5CVSS5.8AI score0.00266EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/04/07 12:0 a.m.7 views

PT-2026-30816

Name of the Vulnerable Software and Affected Versions Checkmk versions 2.2.0 EOL, 2.3.0 through 2.3.0p45, 2.4.0 through 2.4.0p24, and 2.5.0 beta through 2.5.0b2 Description Insufficient sanitization of dashboard dashlet title links allows an attacker with dashboard creation privileges to perform...

8.5CVSS5.6AI score0.00228EPSS
Exploits0References8
Github Security Blog
Github Security Blog
added 2026/02/19 3:17 p.m.14 views

Unauthorized npm publish of [email protected] with modified postinstall script

Description On February 17, 2026 at 3:26 AM PT, an unauthorized party used a compromised npm publish token to publish an update to Cline CLI on the NPM registry: [email protected]. The published package contains a modified package.json with an added postinstall script: "postinstall": "npm install -g...

5.6AI score
Exploits0References2Affected Software1
OSV
OSV
added 2026/01/15 5:16 p.m.5 views

CVE-2025-70310

A heap overflow in the vorbistointern function of GPAC v2.4.0 allows attackers to cause a Denial of Service DoS via a crafted .ogg file...

5.5CVSS5.5AI score
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/06/20 3:4 p.m.5 views

CVE-2025-49975 WordPress JobWP plugin <= 2.4.0 - Cross Site Request Forgery (CSRF) Vulnerability

Cross-Site Request Forgery CSRF vulnerability in Hossni Mubarak JobWP allows Cross Site Request Forgery. This issue affects JobWP: from n/a through 2.4.0...

4.3CVSS4.6AI score0.00132EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 1:14 a.m.7 views

CVE-2022-41964

BigBlueButton is an open source web conferencing system. This vulnerability only affects release candidates of BigBlueButton 2.4. The attacker can start a subscription for poll results before starting an anonymous poll, and use this subscription to see individual responses in the anonymous poll...

5.7CVSS6.7AI score0.00551EPSS
Exploits0References1
CNNVD
CNNVD
added 2022/10/25 12:0 a.m.19 views

Microsoft Azure 操作系统命令注入漏洞

Microsoft Azure is a suite of open, enterprise-grade cloud computing platforms from Microsoft Corporation USA. An operating system command injection vulnerability exists in Microsoft Azure CLI versions prior to 2.40.0, which originates from a host running Azure CLI commands where the parameter...

9.8CVSS8.5AI score0.03207EPSS
Exploits1References5
vulnersOsv
vulnersOsv
added 2021/05/21 2:23 p.m.9 views

complaintclassify (=0.0.9) potentially affected by CVE-2021-29542 via tensorflow-cpu (=2.4.0)

tensorflow-cpu PYPI version =2.4.0 is affected by a known vulnerability. The following packages have a transitive dependency on tensorflow-cpu and may be impacted: - complaintclassify =0.0.9 Source cves: CVE-2021-29542 Source advisory: OSV:GHSA-4HRH-9VMP-2JGG...

5.5CVSS6AI score0.00198EPSS
Exploits1
CNVD
CNVD
added 2021/04/15 12:0 a.m.7 views

OpenJPEG integer overflow vulnerability (CNVD-2021-30596)

OpenJPEG is an open source JPEG 2000 codec written in C language . An integer overflow vulnerability exists in OpenJPEG version v2.4.0. An attacker can exploit the vulnerability by using the command line option "-ImgDir" on a directory containing 1048576 files to crash the program...

5.5CVSS6.8AI score0.0156EPSS
Exploits1References1
Positive Technologies
Positive Technologies
added 2020/10/15 12:0 a.m.4 views

PT-2020-4581 · Adobe · Magento Commerce

Name of the Vulnerable Software and Affected Versions: Magento Commerce versions 2.3.4 and earlier Magento Commerce version 2.4.0 Description: The issue exists due to insufficient input validation, potentially allowing a remote attacker to access confidential information. In maintenance mode, an...

5CVSS4.3AI score0.02053EPSS
Exploits0References10
CNVD
CNVD
added 2018/12/29 12:0 a.m.3 views

Chat Anywhere extension for Chrome cross-site scripting vulnerability

Chat Anywhere extension for Chrome is an online chat plugin for use in Google Chrome. A cross-site scripting vulnerability exists in the Chat Anywhere extension for Chrome version 2.4.0, which stems from the danmuWrapper DIV element in the chatbox-only\danmu.js file being out of the scope of the...

6.1CVSS6AI score0.00707EPSS
Exploits1References1
OSV
OSV
added 2017/10/05 1:29 a.m.5 views

CVE-2017-13993

An Uncontrolled Search Path or Element issue was discovered in i-SENS SmartLog Diabetes Management Software, Version 2.4.0 and prior versions. An uncontrolled search path element vulnerability has been identified which could be exploited by placing a specially crafted DLL file in the search path...

7.8CVSS6.1AI score0.01761EPSS
Exploits0References2
CNVD
CNVD
added 2017/09/13 12:0 a.m.2 views

XnView Classic for Windows Arbitrary Code Execution Vulnerability (CNVD-2017-32592)

XnView Classic for Windows is an image viewing software for Windows developed by French software developer Gougelet Pierre-Emmanuel. The software can be used to view, convert, organize and edit graphic and video files. A security vulnerability exists in version 2.40 of XnView Classic for Windows...

7.8CVSS7.9AI score0.00364EPSS
Exploits0References1
OSV
OSV
added 2017/08/30 9:29 a.m.2 views

UBUNTU-CVE-2017-13766

In Wireshark 2.4.0 and 2.2.0 to 2.2.8, the Profinet I/O dissector could crash with an out-of-bounds write. This was addressed in plugins/profinet/packet-dcerpc-pn-io.c by adding string validation...

7.5CVSS7.1AI score0.02012EPSS
Exploits0References6
CNVD
CNVD
added 2017/07/06 12:0 a.m.3 views

XnView Classic for Windows Buffer Overflow Vulnerability (CNVD-2017-14515)

XnView Classic for Windows is an image viewing software for Windows developed by French software developer Gougelet Pierre-Emmanuel. The software can be used to view, convert, organize and edit graphic and video files. A buffer overflow vulnerability exists in version 2.40 of XnView Classic for...

7.8CVSS7.1AI score0.0031EPSS
Exploits0References1
Rows per page
Query Builder