Lucene search
K

13 matches found

OSV
OSV
added 2026/05/07 12:52 a.m.26 views

GHSA-W37P-236H-PFX3 Compromise of PyTorch Lightning PyPi Package Versions

Security Advisory: Compromise of PyTorch Lightning PyPI Package Versions Published: 2026-04-30 Last Updated: 2026-05-12 Github Advisory: CVE-2026-44484 We have identified a security incident affecting certain versions of one of our PyPI packages. What happened We have determined that one or more...

9.8CVSS5.9AI score0.00392EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2026/04/29 2:49 p.m.5 views

CVE-2026-39702

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Wealcoder Animation Addons for Elementor animation-addons-for-elementor allows DOM-Based XSS.This issue affects Animation Addons for Elementor: from n/a through = 2.6.1...

6.5CVSS5.2AI score0.00133EPSS
Exploits0References1
EUVD
EUVD
added 2026/04/12 1:0 a.m.2 views

EUVD-2026-21690

A vulnerability was found in 1Panel-dev MaxKB up to 2.6.1. The affected element is the function execute of the file apps/application/flow/stepnode/mcpnode/impl/basemcpnode.py of the component Model Context Protocol Node. Performing a manipulation results in os command injection. The attack is...

6.5CVSS5.5AI score0.0132EPSS
Exploits0References4
Nvidia
Nvidia
added 2026/02/17 12:0 a.m.8 views

Security Bulletin: NVIDIA NeMo Framework - February 2026

NVIDIA has released a software update for NVIDIA® NeMo Framework. To protect your system, clone or update this software to version 2.6.1 or later from NVIDIA/NeMo Framework on NVIDIA GitHub or pypi. Go to NVIDIA Product Security. Details The following table summarizes the potential vulnerabilitie...

8.8CVSS6.7AI score0.00919EPSS
Exploits0Affected Software1
RedhatCVE
RedhatCVE
added 2025/10/28 2:38 a.m.3 views

CVE-2025-62984

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in WPeka WP AdCenter wpadcenter allows Stored XSS.This issue affects WP AdCenter: from n/a through = 2.6.1...

6.5CVSS6AI score0.00151EPSS
Exploits0References1
OSV
OSV
added 2025/10/14 3:35 p.m.3 views

JLSEC-2025-61 libexpat through 2.6.1 allows an XML Entity Expansion attack when there is isolated use of external ...

libexpat through 2.6.1 allows an XML Entity Expansion attack when there is isolated use of external parsers created via XMLExternalEntityParserCreate...

7.5CVSS7AI score0.02006EPSS
Exploits1References10
Patchstack
Patchstack
added 2025/01/16 6:43 p.m.5 views

WordPress WP-Player plugin <= 2.6.1 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by SOPROBRO in WordPress Plugin WP-Player versions = 2.6.1...

6.5CVSS6.1AI score0.0022EPSS
Exploits0Affected Software1
CNNVD
CNNVD
added 2024/06/11 12:0 a.m.7 views

WordPress plugin Custom Field Template security vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

6.4CVSS5.8AI score0.00257EPSS
Exploits0References4
Snyk
Snyk
added 2022/10/24 7:46 a.m.4 views

Denial of Service (DoS)

Overview muhammara is a Create, read and modify PDF files and streams. A drop in replacement for hummusjs PDF library Affected versions of this package are vulnerable to Denial of Service DoS when supplied with a maliciously crafted PDF file to be parsed. PoC js var pdfReader =...

7.5CVSS7AI score0.01022EPSS
Exploits0References2
OSV
OSV
added 2022/03/02 4:15 a.m.3 views

UBUNTU-CVE-2022-0577

Exposure of Sensitive Information to an Unauthorized Actor in GitHub repository scrapy/scrapy prior to 2.6.1...

8.8CVSS5.8AI score0.01243EPSS
Exploits1References5
ATTACKERKB
ATTACKERKB
added 2021/11/05 10:15 p.m.4 views

CVE-2021-41208

TensorFlow is an open source platform for machine learning. In affected versions the code for boosted trees in TensorFlow is still missing validation. As a result, attackers can trigger denial of service via dereferencing nullptrs or via CHECK-failures as well as abuse undefined behavior binding...

8.8CVSS7.2AI score0.00168EPSS
Exploits0References3Affected Software1
VulnCheck KEV
VulnCheck KEV
added 2020/12/17 12:0 a.m.2 views

VulnCheck KEV: CVE-2020-36719

The ListingPro - WordPress Directory & Listing Theme for WordPress is vulnerable to Arbitrary Plugin Installation, Activation and Deactivation in versions before 2.6.1. This is due to a missing capability check on the lpccaddonsactions function. This makes it possible for unauthenticated...

9.8CVSS7.3AI score0.04304EPSS
Exploits1References1
RedHat Linux
RedHat Linux
added 2020/08/18 5:4 a.m.3 views

jenkins-2-plugins/matrix-auth: Stored XSS vulnerability in Matrix Authorization Strategy Plugin

A flaw was found in the Matrix Authorization Strategy Plugin version 2.6.1 and prior. User names are not escaped in the permission table which could lead to a stored cross-site scripting XSS vulnerability. The user must have the Agent/Configure, Job/Configure, or Overall/Administer permissions fo...

5.4CVSS6.9AI score0.00919EPSS
Exploits0References4
Rows per page
Query Builder