Lucene search
K

16 matches found

Atlassian
Atlassian
added 2026/04/14 4:29 a.m.21 views

RCE (Remote Code Execution) at c3p0 dependency in Crucible Server

This High severity RCE Remote Code Execution vulnerability was introduced in version 4.9.0 of Crucible Server. This RCE Remote Code Execution vulnerability, with a CVSS Score of 8.9 and a CVSS Vector of code:java CVSS:4.0/AV:A/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H code allows an...

8.9CVSS6.3AI score0.00534EPSS
Exploits0
Patchstack
Patchstack
added 2026/03/22 10:18 p.m.5 views

WordPress WP-Chatbot for Messenger plugin <= 4.9 - Missing Authorization to Unauthenticated Chatbot Configuration Takeover vulnerability

Missing Authorization to Unauthenticated Chatbot Configuration Takeover vulnerability discovered by Kazuma Matsumoto - GMO Cybersecurity by IERAE, Inc. in WordPress Plugin WP-Chatbot for Messenger versions = 4.9...

5.3CVSS5.8AI score0.00273EPSS
Exploits0References1Affected Software1
NVD
NVD
added 2026/02/12 2:16 p.m.7 views

CVE-2026-1320

The Secure Copy Content Protection and Content Locking plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'X-Forwarded-For' HTTP header in all versions up to, and including, 4.9.8 due to insufficient input sanitization and output escaping. This makes it possible for...

7.2CVSS0.00257EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/01/15 12:0 a.m.6 views

ZITADEL security vulnerabilities

ZITADEL is a modern open-source alternative to Auth0, Firebase Auth, AWS Cognito, and Keycloak, developed for the era of containers and serverless environments by ZITADEL in Switzerland. Versions of ZITADEL prior to 4.9.1 and 3.4.6 contain security vulnerabilities. These vulnerabilities stem from...

5.3CVSS5.8AI score0.00362EPSS
Exploits0References5
OSV
OSV
added 2026/01/13 11:15 p.m.5 views

CVE-2023-54329

Inbit Messenger 4.6.0 - 4.9.0 contains a remote command execution vulnerability that allows unauthenticated attackers to execute arbitrary commands by exploiting a stack overflow in the messenger's protocol. Attackers can send specially crafted XML packets to port 10883 with a malicious payload t...

9.3CVSS6.2AI score0.01034EPSS
Exploits1References4
EUVD
EUVD
added 2025/10/16 10:3 a.m.4 views

EUVD-2025-34744

desknet's NEO V4.0R1.0 to V9.0R2.0 contains a hard-coded cryptographic key, which allows an attacker to create malicious AppSuite applications...

5.3CVSS6.4AI score0.00243EPSS
Exploits0References3
Patchstack
Patchstack
added 2025/03/27 11:19 a.m.10 views

WordPress Newsletters plugin <= 4.9.9.7 - SQL Injection vulnerability

SQL Injection vulnerability discovered by Webula in WordPress Plugin Newsletters versions = 4.9.9.7...

7.6CVSS8.1AI score0.00494EPSS
Exploits1Affected Software1
Packet Storm News
Packet Storm News
added 2025/02/18 12:0 a.m.4 views

Wazuh Unsafe Deserialization / Remote Code Execution

Wazuh versions starting at 4.4.0 and before 4.9.1 suffer from an unsafe deserialization vulnerability that allows for remote code execution...

9.9CVSS8.2AI score0.92579EPSS
Exploits10
CNNVD
CNNVD
added 2024/04/29 12:0 a.m.3 views

WordPress plugin Easy Accept Payments via PayPal 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed in the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A security vulnerability exists in the WordPre...

7.5CVSS6.7AI score0.00469EPSS
Exploits0References2
OSV
OSV
added 2023/10/20 8:15 a.m.5 views

CVE-2023-5534

The AI ChatBot plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 4.8.9 and 4.9.2. This is due to missing or incorrect nonce validation on the corresponding functions. This makes it possible for unauthenticated attackers to invoke those functions vi...

5.4CVSS6.6AI score0.00206EPSS
Exploits0References2
CNNVD
CNNVD
added 2021/02/16 12:0 a.m.6 views

Xen Security Vulnerabilities

A security vulnerability exists in Xen 4.9 through 4.14.x that allows client-controlled memory access to bypass the cache...

5.5CVSS6AI score0.00327EPSS
Exploits0References8
CNVD
CNVD
added 2019/06/20 12:0 a.m.3 views

Samba Code Problem Vulnerability

Samba is a set of free software from the Samba team that enables UNIX series operating systems to connect to the SMB/CIFS network protocol of Microsoft Windows operating systems. The program supports sharing printers, transferring data files to each other, and so on. A code issue vulnerability...

6.5CVSS6.9AI score0.02179EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2018/01/16 7:29 p.m.3 views

CVE-2016-0207

IBM Algorithmics One-Algo Risk Application ARA 4.9.1 through 5.1.0 allows remote authenticated users to conduct clickjacking attacks via unspecified vectors. IBM X-Force ID: 109399...

5.4CVSS5.6AI score0.00644EPSS
Exploits0References3
CNVD
CNVD
added 2017/12/14 12:0 a.m.2 views

Xen 'Hypervisor' Memory Corruption Vulnerability

Xen is an open source virtual machine monitor product developed at the University of Cambridge, UK. The product enables different and incompatible operating systems to run on the same computer and supports runtime migration to ensure uptime and avoid downtime. A memory corruption vulnerability...

7.8CVSS6.5AI score0.00352EPSS
Exploits0References1
CNVD
CNVD
added 2017/09/14 12:0 a.m.1 views

Xen Arbitrary Code Execution Vulnerability (CNVD-2017-32695)

Xen is an open source virtual machine monitor product developed at the University of Cambridge, UK. The product enables different and incompatible operating systems to run on the same computer and supports runtime migration to ensure uptime and avoid downtime. A security vulnerability exists in X...

8.8CVSS8.7AI score0.0041EPSS
Exploits0References1
OSV
OSV
added 2017/03/20 4:59 p.m.5 views

CVE-2017-1155

IBM Algorithmics One-Algo Risk Application 4.9.1, 5.0, and 5.1.0 could allow a user to gain access to another user's reports using a specially crafted HTTP request. IBM Reference : 1999754...

4.3CVSS5.8AI score0.01284EPSS
Exploits0References2
Rows per page
Query Builder