Lucene search
K

11 matches found

OSV
OSV
added 2026/05/01 5:50 p.m.6 views

JLSEC-2026-379

In libexpat before 2.7.4, XMLExternalEntityParserCreate does not copy unknown encoding handler user data...

2.9CVSS7.1AI score0.0017EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/03/23 8:15 p.m.5 views

CVE-2026-4597

A security flaw has been discovered in 648540858 wvp-GB28181-pro up to 2.7.4. Impacted is the function selectAll of the file src/main/java/com/genersoft/iot/vmp/streamProxy/dao/provider/StreamProxyProvider.java of the component Stream Proxy Query Handler. The manipulation results in sql injection...

6.5CVSS6.3AI score0.00192EPSS
Exploits0References8Affected Software1
Positive Technologies
Positive Technologies
added 2026/01/22 12:0 a.m.7 views

PT-2026-4076

Name of the Vulnerable Software and Affected Versions Ninja Team GDPR CCPA Compliance Support versions through 2.7.4 Description A missing authorization issue exists in Ninja Team GDPR CCPA Compliance Support ninja-gdpr-compliance, allowing exploitation of incorrectly configured access control...

5.3AI score0.00269EPSS
Exploits0References3
CNNVD
CNNVD
added 2025/10/22 12:0 a.m.4 views

WordPress plugin WP Abstracts 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A security vulnerabili...

7.5CVSS6.7AI score0.0042EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/09/22 12:0 a.m.4 views

WordPress plugin Bitly 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A cross-site...

6.5CVSS5.8AI score0.0019EPSS
Exploits0References1
Patchstack
Patchstack
added 2025/03/04 1:1 a.m.3 views

WordPress WP Click Info plugin <= 2.7.4 - Reflected Cross-Site Scripting vulnerability

Reflected Cross-Site Scripting vulnerability discovered by Hassan Khan Yusufzai - Splint3r7 in WordPress Plugin WP Click Info versions = 2.7.4...

7.1CVSS6.4AI score0.00253EPSS
Exploits1References1Affected Software1
Positive Technologies
Positive Technologies
added 2024/04/30 12:0 a.m.4 views

PT-2024-29596 · WordPress · Customer Email Verification For Woocommerce

Name of the Vulnerable Software and Affected Versions: Customer Email Verification for WooCommerce plugin for WordPress versions up to 2.7.4 Description: The issue concerns the Customer Email Verification for WooCommerce plugin for WordPress, which is vulnerable to email verification and...

8.1CVSS7.2AI score0.0085EPSS
Exploits0References10
CNNVD
CNNVD
added 2022/11/10 12:0 a.m.4 views

Eclipse Californium 安全漏洞

Eclipse Californium is a Java-based codebase from the Eclipse Foundation that provides Coap backend support for the Internet of Things. A security vulnerability exists in Eclipse Californium versions prior to 3.7.0 and 2.7.4, which stems from a handshake that does not clean up PSKs that fail the...

8.2CVSS7.6AI score0.00553EPSS
Exploits0References6
OSV
OSV
added 2021/03/17 1:15 p.m.5 views

AZL-35138 CVE-2021-27291 affecting package python-pygments for versions less than 2.7.4-1

In pygments 1.1+, fixed in 2.7.4, the lexers used to parse programming languages rely heavily on regular expressions. Some of the regular expressions have exponential or cubic worst-case complexity and are vulnerable to ReDoS. By crafting malicious input, an attacker can cause a denial of service...

7.5CVSS6.9AI score0.03832EPSS
Exploits1References1
CNVD
CNVD
added 2018/02/05 12:0 a.m.4 views

MalwareFox AntiMalware Local Elevation of Privilege Vulnerability (CNVD-2018-04848)

MalwareFox AntiMalware is a suite of malware removal tools from the American company MalwareFox. The tool automatically detects and removes malware, cleans browsers, repairs files corrupted by rootkits and protects against virus infections in real time. A local elevation of privilege vulnerabilit...

7.8CVSS7AI score0.01208EPSS
Exploits5References1
OSV
OSV
added 2011/10/27 8:55 p.m.2 views

DEBIAN-CVE-2011-3848

Directory traversal vulnerability in Puppet 2.6.x before 2.6.10 and 2.7.x before 2.7.4 allows remote attackers to write X.509 Certificate Signing Request CSR to arbitrary locations via 1 a double-encoded key parameter in the URI in 2.7.x, 2 the CN in the Subject of a CSR in 2.6 and 0.25...

5CVSS7AI score0.01115EPSS
Exploits0References1
Rows per page
Query Builder