Lucene search
K

5 matches found

OSV
OSV
added 2026/01/10 9:46 a.m.7 views

CVE-2025-53470 Apache Mynewt NimBLE: Out-of-Bounds Write Vulnerability in NimBLE HCI H4 driver

Out-of-bounds Read vulnerability in Apache NimBLE HCI H4 driver. Specially crafted HCI event could lead to invalid memory read in H4 driver. This issue affects Apache NimBLE: through 1.8. This issue requires a broken or bogus Bluetooth controller and thus severity is considered low. Users are...

3.1CVSS6AI score0.0033EPSS
Exploits0References5
CNNVD
CNNVD
added 2024/12/14 12:0 a.m.4 views

WordPress plugin The Permalinker 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed in the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plug-in. A cross-site scripting...

6.4CVSS7.9AI score0.00371EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2024/11/09 12:0 a.m.5 views

PT-2024-34860 · Tre Technology Research S.R.L · Hq60 Fidelity Card

Name of the Vulnerable Software and Affected Versions: TRe Technology And Research S.R.L HQ60 Fidelity Card versions 1.8 and earlier Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting XSS. This allows for Reflected...

7.1CVSS5.8AI score0.00259EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2024/06/24 12:0 a.m.4 views

PT-2024-27126 · Prestashop +1 · Theme Settings +1

Name of the Vulnerable Software and Affected Versions: PrestaShop module "Theme settings" pk themesettings versions = 1.8.8 Description: The issue allows a guest to download a txt file containing collected email addresses when the shop is in maintenance mode, due to a lack of permissions control...

7.5CVSS7.2AI score0.00379EPSS
Exploits0References2
CNNVD
CNNVD
added 2021/07/26 12:0 a.m.7 views

RPCMS 跨站脚本漏洞

RPCMS is a software application, a web CMS system. RPCMS suffers from a cross-site scripting vulnerability that stems from a failure to properly clean up the nickname variable before it is displayed on a page in RPCMS v1.8 versions and below. With the API functionality turned on, an attacker can...

5.4CVSS5.3AI score0.00527EPSS
Exploits1References3
Rows per page
Query Builder