Lucene search
K

13 matches found

Positive Technologies
Positive Technologies
added 2026/01/07 12:0 a.m.6 views

PT-2026-1618

Name of the Vulnerable Software and Affected Versions Simcast plugin for WordPress versions prior to 1.0.1 Description The Simcast plugin for WordPress is susceptible to Cross-Site Request Forgery. This is caused by inadequate nonce validation within the settingsPage function. An unauthenticated...

4.3CVSS6.2AI score0.0014EPSS
Exploits0References5
EUVD
EUVD
added 2025/10/30 12:31 a.m.6 views

EUVD-2025-36877

Drupal Umami Analytics allows Cross-Site Scripting XSS...

3.8CVSS5.5AI score0.00184EPSS
Exploits0References2
CVE
CVE
added 2025/10/29 11:13 p.m.20 views

CVE-2025-10931

CVE-2025-10931 corresponds to a Cross-Site Scripting (XSS) vulnerability in Drupal Umami Analytics. The connected sources confirm the flaw arises from improper neutralization of input during web page generation and affects Umami Analytics versions prior to 1.0.1 (e.g., 0.0.0 up to before 1.0.1). ...

3.8CVSS5.5AI score0.00184EPSS
Exploits0References1Affected Software1
CNNVD
CNNVD
added 2025/07/28 12:0 a.m.4 views

RevelaCode 安全漏洞

RevelaCode is an AI program for interpreting Bible verses by the individual developer Musombi William. A security vulnerability exists in versions of RevelaCode prior to 1.0.1, which stems from a MongoDB Atlas URI disclosure that could lead to unauthorized access to the database...

9.8CVSS6.2AI score0.00464EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2023/09/01 12:0 a.m.6 views

PT-2023-4653 · Unknown · Mxsecurity

Name of the Vulnerable Software and Affected Versions: MXsecurity versions prior to 1.0.1 Description: The issue is related to insufficient entropy in the web service authenticator, which can be exploited by a remote attacker to bypass authentication and potentially access the system. This is due...

10CVSS9.4AI score0.0074EPSS
Exploits0References7
CNNVD
CNNVD
added 2023/07/10 12:0 a.m.4 views

WordPress plugin Beeliked Microsite 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting vulnerability...

6.1CVSS4.9AI score0.0051EPSS
Exploits0References4
SUSE CVE
SUSE CVE
added 2023/02/15 4:20 a.m.5 views

SUSE CVE-2018-25013

A heap-based buffer overflow was found in libwebp in versions before 1.0.1 in ShiftBytes...

9.1CVSS7.4AI score0.02051EPSS
Exploits0References6
CNNVD
CNNVD
added 2021/05/28 12:0 a.m.6 views

Roomer 授权问题漏洞

Roomer is a discord bot cog extension. It provides automatic voice channel generation as well as private voice and text channels. There is an authorization issue vulnerability in Roomer versions prior to 1.0.1, no detailed vulnerability details are provided at this time...

7.5CVSS5.5AI score0.007EPSS
Exploits0References3
Microsoft CVE
Microsoft CVE
added 2021/05/25 7:0 a.m.5 views

A flaw was found in libwebp in versions before 1.0.1. A heap-based buffer overflow in function WebPDecodeRGBInto is possible due to an invalid check for buffer size. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.

...

9.8CVSS7AI score0.02662EPSS
Exploits0
NVD
NVD
added 2021/05/21 5:15 p.m.25 views

CVE-2018-25012

A heap-based buffer overflow was found in libwebp in versions before 1.0.1 in GetLE24...

9.1CVSS0.02051EPSS
Exploits0References3
CNNVD
CNNVD
added 2021/05/21 12:0 a.m.4 views

libwebp 安全漏洞

Libwebp is a WebP image format encoding and decoding library . A security vulnerability exists in versions of Libwebp prior to 1.0.1. The vulnerability stems from the use of a single variable in the ReadSymbol function. An attacker could exploit the vulnerability to threaten data confidentiality...

9.8CVSS7.4AI score0.0223EPSS
Exploits0References33
CNNVD
CNNVD
added 2021/05/21 12:0 a.m.3 views

libwebp 资源管理错误漏洞

Libwebp is a WebP image format encoding and decoding library . A buffer overflow vulnerability exists in Libwebp versions prior to 1.0.1, which stems from libwebp allocating too much memory when reading a file and can be exploited by an attacker to cause a service crash...

7.5CVSS7.5AI score0.01966EPSS
Exploits0References17
CNNVD
CNNVD
added 2021/04/21 12:0 a.m.4 views

GPAC 缓冲区错误漏洞

GPAC is a multimedia framework for rich media and distributed under the LGPL license. A heap buffer overflow vulnerability exists in the abstboxread function in boxcodeadobe.c in versions of GPAC prior to 1.0.1. No detailed vulnerability details are provided at this time...

7.1CVSS5.9AI score0.00941EPSS
Exploits0References5
Rows per page
Query Builder