Lucene search
+L

194 matches found

nvd
nvd
added 2026/02/04 6:16 p.m.9 views

CVE-2026-23624

GLPI is a free asset and IT management software package. In versions starting from 0.71 to before 10.0.23 and before 11.0.5, when remote authentication is used, based on SSO variables, a user can steal a GLPI session previously opened by another user on the same machine. This issue has been patch...

6.5CVSS0.00373EPSS
Exploits0References3
ptsecurity
ptsecurity
added 2026/02/04 12:0 a.m.13 views

PT-2026-6102

Name of the Vulnerable Software and Affected Versions GLPI versions 0.85 through 10.0.22 Description GLPI is an asset and IT management software package. An authenticated user can perform a SQL injection. This allows for potential unauthorized access or modification of data within the system...

8.8CVSS5.7AI score0.00264EPSS
Exploits0References7
cve
cve
added 2026/02/03 12:33 p.m.14 views

CVE-2025-7760

CVE-2025-7760 affects Ofisimo Web-Based Software Technologies Association Web Package Flora (versions 3.0 through 03022026). The issue stems from improper input handling during web page generation, enabling cross-site scripting via HTTP headers. Red Hat and other sources corroborate the same desc...

7.6CVSS5.4AI score0.00282EPSS
Exploits0References2
attackerkb
attackerkb
added 2026/01/20 9:56 p.m.2 views

CVE-2026-21978

Vulnerability in the Oracle FLEXCUBE Universal Banking product of Oracle Financial Services Applications component: Relationship Pricing. Supported versions that are affected are 14.0.0.0.0-14.8.0.0.0. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to...

6.5CVSS7.2AI score0.00251EPSS
Exploits0References2Affected Software1
vulnersosv
vulnersosv
added 2026/01/18 9:47 a.m.6 views

filecc (>=0.0.1 <=1.0.1), gm-i18n-migrate (>=2.7.0 <=2.9.0) +3 more potentially affected by CVE-2025-15536 via opencc (>=1.0.6 <=1.1.3)

opencc NPM version =1.0.6, =0.0.1, =2.7.0, =2.7.2, =1.0.2, =1.0.5 - wise-paas-notify-utility =1.4.10-s2t1 Source cves: CVE-2025-15536 Source advisory: SNYK:JS-OPENCC-15874418...

5.5CVSS6AI score0.0023EPSS
Exploits1
attackerkb
attackerkb
added 2026/01/15 2:9 p.m.4 views

CVE-2026-0897

Allocation of Resources Without Limits or Throttling in the HDF5 weight loading component in Google Keras 3.0.0 through 3.13.0 on all platforms allows a remote attacker to cause a Denial of Service DoS through memory exhaustion and a crash of the Python interpreter via a crafted .keras archive...

7.5CVSS5.6AI score0.00299EPSS
Exploits3References2Affected Software1
vulnersosv
vulnersosv
added 2026/01/13 8:28 p.m.6 views

@cenk1cenk2/renovate-config (>=2.0.0 <=2.3.148), @jamietanna/patch-testing (>=0.1.0 <=0.2.28) +8 more potentially affected by unknown CVE via renovate (>=32.241.11 <=40.21.2)

renovate NPM version =32.241.11, =2.0.0, =0.1.0, =0.1.0, =0.5.0, =0.1.0, =0.1.0, =0.0.1, =0.19.0 - @zotero-chinese/renovate-config =1.0.3 Source cves: unknown CVE Source advisory: OSV:GHSA-36J9-MX87-2CFF...

5.8AI score
Exploits0
vulnersosv
vulnersosv
added 2026/01/12 9:30 a.m.6 views

a2 (>=0.1.0 <=0.3.17), abadpour (>=6.13.1 <=7.24.1) +946 more potentially affected by CVE-2025-14279 via mlflow (>=0.8.2 <=3.4.0)

mlflow PYPI version =0.8.2, =0.1.0, =6.13.1, =9.273.1, =1.1.0, =0.1.0, =0.1.0, =0.4.4, =0.3.0, =0.0.5, =1.0.0, =0.1.0, =1.1.1 - ai-helpers-pytorch-utils =0.1.0a1 - ailine-core =0.5.5 and more Source cves: CVE-2025-14279 Source advisory: OSV:GHSA-PGQP-8H46-6X4J...

8.1CVSS7.2AI score0.00193EPSS
Exploits1
vulnersosv
vulnersosv
added 2026/01/08 9:46 p.m.3 views

aws-greengrass-nucleus (>=0.0.3 <=0.0.7) potentially affected by unknown CVE via aws-sdk-greengrassv2 (>=0.15.0 <=0.18.0)

aws-sdk-greengrassv2 CARGO version =0.15.0, =0.0.3, =0.0.7 Source cves: unknown CVE Source advisory: OSV:GHSA-G59M-GF8J-GJF5...

5.8AI score
Exploits0
vulnersosv
vulnersosv
added 2026/01/08 8:27 p.m.12 views

acherion (>=0.2.0 <=0.9.2), aesp (=2025.9.12) +244 more potentially affected by CVE-2026-21874 via nicegui (>=2.11.0 <=3.3.1)

nicegui PYPI version =2.11.0, =0.2.0, =1.0.0, =0.0.1, =0.1.0, =0.2.0, =0.3.0, =0.3.0, =0.0.0, =0.4.14, =1.0.0, =1.1.3 - autestoy =0.1.0 - auth-web-kit =1.2.2 and more Source cves: CVE-2026-21874 Source advisory: OSV:GHSA-MP55-G7PJ-RVM2...

5.3CVSS5.7AI score0.0051EPSS
Exploits1
vulnersosv
vulnersosv
added 2026/01/07 12:31 p.m.9 views

@ejazullah/playwright-mcp-server (>=1.0.0 <=1.88.0), @grebyn/toolentry-mcp-server (>=1.0.0 <=1.7.1) +20 more potentially affected by CVE-2025-9611 via @playwright/mcp (>=0.0.10 <=0.0.39)

@playwright/mcp NPM version =0.0.10, =1.0.0, =1.0.0, =1.0.8, =1.0.0, =1.0.1, =1.0.1, =1.0.0, =1.0.0, =0.1.11, =0.1.0, =1.0.0 and more Source cves: CVE-2025-9611 Source advisory: OSV:GHSA-6FG3-HVW7-2FWQ...

7.2CVSS5.8AI score0.01148EPSS
Exploits0
vulnersosv
vulnersosv
added 2025/12/30 9:2 p.m.9 views

00ld8nuivn (=2.1.0), 00rqiw31nd (=2.1.0) +42013 more potentially affected by CVE-2025-15284 via qs (>=0.1.0 <=6.14.0)

qs NPM version =0.1.0, =6.14.0 is affected by a known vulnerability. The following packages have a transitive dependency on qs and may be impacted: - 00ld8nuivn =2.1.0 - 00rqiw31nd =2.1.0 - 01dk01majk =2.1.0 - 02rjq8i863 =1.1.0 - 02vx8qsp01 =2.1.0 - 05y6tjgmws =1.1.0 - 066m7q8o0z =2.1.0 -...

6.3CVSS6.6AI score0.0041EPSS
Exploits1
vulnersosv
vulnersosv
added 2025/12/23 9:50 p.m.4 views

01os (=0.0.14), 3-04-2025-ttm (=0.1.0) +3856 more potentially affected by CVE-2025-14920 via transformers (>=2.10.0 <=5.0.0rc0)

transformers PYPI version =2.10.0, =0.10.11, =0.5.5, =0.0.4.80, =0.2.1, =0.1.0, =0.1.1, =1.3.8, =1.5.3 - acace-coherence-checker =0.1.0 - acace-compression-engine =0.1.0 - acace-semantic-analyzer =0.1.0 - acace-sentiment-analyzer =0.1.0 and more Source cves: CVE-2025-14920 Source advisory:...

7.8CVSS7AI score0.00262EPSS
Exploits0
ptsecurity
ptsecurity
added 2025/12/10 12:0 a.m.4 views

PT-2025-50368

Name of the Vulnerable Software and Affected Versions 1Panel versions 1.10.33 through 2.0.15 Description The software contains a cross-site request forgery CSRF issue in the web port configuration functionality. The port-change endpoint does not have CSRF protections, such as anti-CSRF tokens or...

7CVSS6.9AI score0.0015EPSS
Exploits0References6
euvd
euvd
added 2025/12/08 10:4 p.m.4 views

EUVD-2025-201830

c-ares is an asynchronous resolver library. Versions 1.32.3 through 1.34.5 terminate a query after maximum attempts when using readanswer and processanswer, which can cause a Denial of Service. This issue is fixed in version 1.34.6...

5.9CVSS6.3AI score0.00396EPSS
Exploits0References2
vulnersosv
vulnersosv
added 2025/11/24 4:24 p.m.16 views

postman-cli (>=1.16.0-canary.1 <=1.24.2) potentially affected by unknown CVE via @postman/pm-bin-macos-arm64 (>=1.16.0-canary.1 <=1.24.2)

@postman/pm-bin-macos-arm64 NPM version =1.16.0-canary.1, =1.16.0-canary.1, =1.24.2 Source cves: unknown CVE Source advisory: SNYK:JS-POSTMANPMBINMACOSARM64-14103293...

5.8AI score
Exploits0
vulnrichment
vulnrichment
added 2025/10/31 6:42 a.m.6 views

CVE-2025-8489 King Addons for Elementor – Free Elements, Widgets, Templates, and Features for Elementor 24.12.92 - 51.1.14 - Unauthenticated Privilege Escalation

The King Addons for Elementor – Free Elements, Widgets, Templates, and Features for Elementor plugin for WordPress is vulnerable to privilege escalation in versions 24.12.92 to 51.1.14 . This is due to the plugin not properly restricting the roles that users can register with. This makes it...

9.8CVSS5.9AI score0.09142EPSS
Exploits4References3
osv
osv
added 2025/10/22 4:15 p.m.9 views

AZL-68736 CVE-2025-40778 affecting package bind for versions less than 9.20.15-1

Under certain circumstances, BIND is too lenient when accepting records from answers, allowing an attacker to inject forged data into the cache. This issue affects BIND 9 versions 9.11.0 through 9.16.50, 9.18.0 through 9.18.39, 9.20.0 through 9.20.13, 9.21.0 through 9.21.12, 9.11.3-S1 through...

8.6CVSS6.5AI score0.00509EPSS
Exploits1References1
euvd
euvd
added 2025/10/03 8:7 p.m.14 views

EUVD-2025-25950

Malicious code in bioql PyPI...

7.5CVSS6.3AI score0.00346EPSS
Exploits0References2
vulnersosv
vulnersosv
added 2025/09/24 9:30 p.m.6 views

algeb (>=3.0.0 <=5.4.0), anys (>=0.0.1 <=9.0.0) +32 more potentially affected by CVE-2025-57351 via ts-fns (>=0.0.11 <=13.1.3)

ts-fns NPM version =0.0.11, =3.0.0, =0.0.1, =0.0.1, =1.1.0, =1.0.1, =1.0.1, =1.0.1, =1.0.1, =1.0.1, =1.0.1, =1.0.1, =1.0.1, =1.0.1, =1.0.2, =9.0.0 and more Source cves: CVE-2025-57351 Source advisory: OSV:GHSA-G7WQ-WGGW-VMHG...

6.5CVSS5.8AI score0.004EPSS
Exploits0
Rows per page
Query Builder