Lucene search
K

37 matches found

Patchstack
Patchstack
added 2026/06/17 1:30 p.m.6 views

WordPress wpDataTables plugin <= 7.4 - SQL Injection vulnerability

SQL Injection vulnerability discovered by Expatch in WordPress Plugin wpDataTables versions = 7.4...

9.3CVSS6AI score0.00283EPSS
Exploits0Affected Software1
CVE
CVE
added 2026/06/11 2:34 p.m.35 views

CVE-2026-7870

CVE-2026-7870 affects IBM i 7.3–7.6 (5770-SS1). Root cause: an unqualified library call (CWE-427) could let a user’s code run with administrator privileges, enabling privilege escalation. Impact: allows elevated rights, with CVSSv3.1 base score 8.8 (HIGH) — attack vector: network, complexity: low...

8.8CVSS5.5AI score0.00343EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2026/03/16 6:32 a.m.32 views

CVE-2026-4222 SSCMS download PathUtils.RemoveParentPath path traversal

A vulnerability was determined in SSCMS up to 7.4.0. This vulnerability affects the function PathUtils.RemoveParentPath of the file /api/admin/plugins/install/actions/download. This manipulation of the argument path causes path traversal. Remote exploitation of the attack is possible. The exploit...

5.1CVSS0.00438EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2026/03/16 12:0 a.m.12 views

PT-2026-25629

GROWI OpenAI thread/message API endpoints do not perform authorization. Affected are v7.4.5 and earlier versions. A logged-in user who knows a shared AI assistant's identifier may view and/or tamper the other user's threads/messages...

8.7CVSS7.3AI score0.0033EPSS
Exploits0References2
CNNVD
CNNVD
added 2025/10/30 12:0 a.m.5 views

Liferay Portal和Liferay DXP 跨站脚本漏洞

Liferay Portal and Liferay DXP are both products of Liferay, Inc.Liferay Portal is a J2EE-based portal solution. The solution uses technologies such as EJB as well as JMS and can be used as a Web publishing and sharing workspace, enterprise collaboration platform, social network, etc. Liferay DXP...

5.4CVSS5.7AI score0.00201EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/10/28 10:59 p.m.6 views

CVE-2025-62258

CSRF vulnerability in Headless API in Liferay Portal 7.4.0 through 7.4.3.107, and Liferay DXP 2023.Q3.1 through 2023.Q3.4, 7.4 GA through update 92, 7.3 GA through update 35, and older unsupported versions allows remote attackers to execute any Headless API via the endpoint parameter...

7CVSS7.2AI score0.00167EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/10/15 3:47 p.m.7 views

CVE-2024-48891

An Improper Neutralization of Special Elements used in an OS Command 'OS Command Injection' vulnerability CWE-78 in FortiSOAR 7.6.0 through 7.6.1, 7.5.0 through 7.5.1, 7.4 all versions, 7.3 all versions may allow an attacker who has already obtained a non-login low privileged shell access via...

7CVSS7AI score0.00475EPSS
Exploits0References1
The Hacker News
The Hacker News
added 2025/10/15 6:16 a.m.6 views

Hackers Target ICTBroadcast Servers via Cookie Exploit to Gain Remote Shell Access

Cybersecurity researchers have disclosed that a critical security flaw impacting ICTBroadcast, an autodialer software from ICT Innovations, has come under active exploitation in the wild. The vulnerability, assigned the CVE identifier CVE-2025-2611 CVSS score: 9.3, relates to improper input...

9.3CVSS8.8AI score0.0604EPSS
Exploits3
NVD
NVD
added 2025/09/25 8:15 p.m.8 views

CVE-2025-43816

A memory leak in the headless API for StructuredContents in Liferay Portal 7.4.0 through 7.4.3.119, and older unsupported versions, and Liferay DXP 2024.Q1.1 through 2024.Q1.5, 2023.Q4.0 through 2024.Q4.10, 2023.Q3.1 through 2023.Q3.10, 7.4 GA through update 92, and older unsupported versions...

7.5CVSS0.00312EPSS
Exploits0References1
OSV
OSV
added 2025/09/23 6:15 p.m.4 views

CVE-2025-1255

Untrusted Pointer Dereference vulnerability in RTI Connext Professional Core Libraries allows Pointer Manipulation.This issue affects Connext Professional: from 7.4.0 before 7.6.0, from 7.2.0 before 7.3.0.9...

9.1CVSS5.8AI score0.00345EPSS
Exploits0References1
NVD
NVD
added 2025/09/23 6:15 p.m.5 views

CVE-2025-1255

Untrusted Pointer Dereference vulnerability in RTI Connext Professional Core Libraries allows Pointer Manipulation.This issue affects Connext Professional: from 7.4.0 before 7.6.0, from 7.2.0 before 7.3.0.9...

9.1CVSS0.00345EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/08/22 12:0 a.m.6 views

Liferay Portal和Liferay DXP 安全漏洞

Liferay Portal and Liferay DXP are both products of Liferay, Inc.Liferay Portal is a J2EE based portal solution. The solution uses technologies such as EJB as well as JMS and can be used as a Web publishing and sharing workspace, enterprise collaboration platform, social network, etc. Liferay DXP...

6.5CVSS6.6AI score0.00355EPSS
Exploits0References3
OSV
OSV
added 2025/07/02 8:15 p.m.2 views

CVE-2025-43025

HP Universal Print Driver is potentially vulnerable to denial of service due to buffer overflow in versions of UPD 7.4 or older e.g., v7.3.x, v7.2.x, v7.1.x, etc...

7.5CVSS6.1AI score
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 5:53 a.m.5 views

CVE-2023-22088

Vulnerability in the Oracle Communications Order and Service Management product of Oracle Communications Applications component: User Management. Supported versions that are affected are 7.4.0 and 7.4.1. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP ...

4.3CVSS4.9AI score0.00398EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2025/03/11 3:15 p.m.3 views

CVE-2023-37933

An improper neutralization of input during web page generation 'Cross-site Scripting' vulnerability CWE-79 in FortiADC GUI version 7.4.0, 7.2.0 through 7.2.1 and before 7.1.3 allows an authenticated attacker to perform an XSS attack via crafted HTTP or HTTPs requests...

8.8CVSS5.8AI score0.00302EPSS
Exploits0References2Affected Software1
CNNVD
CNNVD
added 2025/01/03 12:0 a.m.6 views

IBM PowerHA SystemMirror 安全漏洞

IBM PowerHA SystemMirror is a high-availability cluster multiprocessor program from International Business Machines IBM. A security vulnerability exists in IBM PowerHA SystemMirror versions 7.4 and 7.5. An attacker exploiting this vulnerability could obtain cookie values by snooping on traffic...

4.3CVSS6.5AI score0.00178EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2024/12/30 12:0 a.m.9 views

PT-2024-36606 · Ibm · Ibm Powerha Systemmirror

Name of the Vulnerable Software and Affected Versions: IBM PowerHA SystemMirror for i versions 7.4 through 7.5 Description: The issue is related to improper restrictions when rendering content via iFrames, which could allow an attacker to gain improper access and perform unauthorized actions on t...

5.4CVSS7AI score0.00219EPSS
Exploits0References7
CNNVD
CNNVD
added 2024/06/21 12:0 a.m.19 views

IBM i Security Vulnerabilities

IBM i is a suite of operating systems from International Business Machines IBM running in IBM Power Systems and IBM PureSystems. A security vulnerability exists in IBM i versions 7.3, 7.4, and 7.5. An attacker exploiting this vulnerability could elevate privileges to gain root access to the host...

7.8CVSS6.8AI score0.00171EPSS
Exploits0References4
CNNVD
CNNVD
added 2024/06/15 12:0 a.m.6 views

IBM i 权限许可和访问控制问题漏洞

IBM i is a suite of operating systems from International Business Machines IBM running in IBM Power Systems and IBM PureSystems. A privilege permission and access control issue vulnerability exists in IBM i versions 7.2, 7.3, 7.4, and 7.5, which stems from insufficient privilege management and ca...

7.8CVSS6AI score0.00155EPSS
Exploits0References5
CNNVD
CNNVD
added 2024/02/21 12:0 a.m.5 views

PMB SQL Injection Vulnerability

PMB is a 100% free document management reference tool from the PMB Services team. A SQL injection vulnerability exists in PMB 7.4.7 and prior versions, which originates from a vulnerability that could allow an unauthenticated, remote attacker to inject arbitrary SQL commands via the PmbOpac-LOGIN...

9.8CVSS8.2AI score0.00821EPSS
Exploits1References2
Rows per page
Query Builder