Lucene search
K

46 matches found

Positive Technologies
Positive Technologies
added 2026/06/24 12:0 a.m.11 views

PT-2026-51650

Name of the Vulnerable Software and Affected Versions ARForms versions prior to 7.1.4 Description Insufficient input sanitization and output escaping in the ARForms plugin allow unauthenticated attackers to perform Stored Cross-Site Scripting XSS. By exploiting the value parameter of the arf save...

7.2CVSS6AI score0.0019EPSS
Exploits0References7
Cvelist
Cvelist
added 2026/06/10 9:45 p.m.37 views

CVE-2026-46559 ImageMagick: Heap Buffer Over-Write of a single byte in the JP2 encoder

ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 6.9.13-48 and 7.1.2-23, an incorrect check in the JP2 will result in an heap buffer over-write of a single byte when specifying certain options. This issue has been patched in versions...

4CVSS0.00116EPSS
Exploits0References1
vulnersOsv
vulnersOsv
added 2026/05/08 8:20 p.m.9 views

aratinga (=0.1.0a0.dev3), coop (>=7.1.0 <=7.2.1) +7 more potentially affected by CVE-2026-44199 via wagtail (>=7.1.0 <=7.2.3)

wagtail PYPI version =7.1.0, =7.1.0, =1.1.1, =2.0.0, =0.0.1, =7.1.0a1, =7.2.0b0 Source cves: CVE-2026-44199 Source advisory: OSV:GHSA-PWM3-7FV4-G6XX...

6.5CVSS5.8AI score0.00174EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2026/04/14 7:23 p.m.7 views

CVE-2026-39618

Cross-Site Request Forgery CSRF vulnerability in themearile NewsExo newsexo allows Cross Site Request Forgery.This issue affects NewsExo: from n/a through = 7.1...

4.3CVSS5.8AI score0.00107EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/04/08 8:30 a.m.28 views

CVE-2026-39618 WordPress NewsExo theme <= 7.1 - Cross Site Request Forgery (CSRF) vulnerability

Cross-Site Request Forgery CSRF vulnerability in themearile NewsExo newsexo allows Cross Site Request Forgery.This issue affects NewsExo: from n/a through = 7.1...

4.3CVSS0.00107EPSS
Exploits0References1
NVD
NVD
added 2026/02/20 4:22 p.m.13 views

CVE-2026-22352

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in PersianScript Persian Woocommerce SMS persian-woocommerce-sms allows Reflected XSS.This issue affects Persian Woocommerce SMS: from n/a through = 7.1.1...

7.1CVSS0.0018EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/21 10:24 p.m.5 views

CVE-2026-21982

Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization component: Core. Supported versions that are affected are 7.1.14 and 7.2.4. Difficult to exploit vulnerability allows unauthenticated attacker with access to the physical communication segment attached to the hardware wher...

7.5CVSS5.3AI score0.00227EPSS
Exploits0References1
NVD
NVD
added 2026/01/20 10:16 p.m.7 views

CVE-2026-21988

Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization component: Core. Supported versions that are affected are 7.1.14 and 7.2.4. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromis...

8.2CVSS0.00196EPSS
Exploits0References1
UbuntuCve
UbuntuCve
added 2026/01/20 10:16 p.m.7 views

CVE-2026-21988

Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization component: Core. Supported versions that are affected are 7.1.14 and 7.2.4. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromis...

8.2CVSS7AI score0.00196EPSS
Exploits0References2
NVD
NVD
added 2026/01/20 10:15 p.m.24 views

CVE-2026-21963

Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization component: Core. Supported versions that are affected are 7.1.14 and 7.2.4. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromis...

6CVSS0.00234EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/01/01 12:0 a.m.8 views

PT-2026-3710

Name of the Vulnerable Software and Affected Versions Oracle VM VirtualBox versions 7.1.14 and 7.2.4 Description An easily exploitable issue exists in the Oracle VM VirtualBox Core component, potentially allowing a high-privileged attacker with access to the system where Oracle VM VirtualBox runs...

6CVSS7.4AI score0.00234EPSS
Exploits0References10
Positive Technologies
Positive Technologies
added 2026/01/01 12:0 a.m.4 views

PT-2026-3729

Name of the Vulnerable Software and Affected Versions Oracle VM VirtualBox versions 7.1.14 and 7.2.4 Description A difficult to exploit issue exists in the Oracle VM VirtualBox product of Oracle Virtualization component: Core. An unauthenticated attacker with access to the physical communication...

7.5CVSS7.2AI score0.00227EPSS
Exploits0References19
Tenable Nessus
Tenable Nessus
added 2025/11/25 12:0 a.m.3 views

Linux Distros Unpatched Vulnerability : CVE-2025-62587

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization component: Core. Supported versions that are affected are 7.1.12 and 7.2.2. Easily...

8.2CVSS7.1AI score0.00184EPSS
Exploits0References2
CVE
CVE
added 2025/11/11 3:30 a.m.16 views

CVE-2025-12813

The CVE-2025-12813 entry concerns the WordPress plugin Holiday class post calendar. The vulnerability is an unauthenticated Remote Code Execution (RCE) in all versions up to and including 7.1, caused by unsanitized user input in the contents parameter used to create a cache file. Impact is server...

9.8CVSS6.7AI score0.00839EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2025/10/23 12:0 a.m.8 views

Oracle VM VirtualBox (October 2025 CPU)

The 7.1.12 and 7.2.2 versions of VM VirtualBox installed on the remote host are affected by multiple vulnerabilities as referenced in the October 2025 CPU advisory. - Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization component: Core. Supported versions that are affected a...

8.2CVSS6.9AI score0.00191EPSS
Exploits0References11
NVD
NVD
added 2025/10/21 8:20 p.m.7 views

CVE-2025-62641

Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization component: Core. Supported versions that are affected are 7.1.12 and 7.2.2. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromis...

8.2CVSS0.00187EPSS
Exploits0References1
NVD
NVD
added 2025/10/21 8:20 p.m.9 views

CVE-2025-61760

Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization component: Core. Supported versions that are affected are 7.1.12 and 7.2.2. Difficult to exploit vulnerability allows low privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromi...

7.5CVSS0.00141EPSS
Exploits0References1
OSV
OSV
added 2025/10/21 8:20 p.m.4 views

UBUNTU-CVE-2025-62592

Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization component: Core. Supported versions that are affected are 7.1.12 and 7.2.2. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromis...

6CVSS5.8AI score0.00183EPSS
Exploits0References3
OSV
OSV
added 2025/10/21 8:20 p.m.5 views

UBUNTU-CVE-2025-62591

Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization component: Core. Supported versions that are affected are 7.1.12 and 7.2.2. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromis...

6CVSS5.8AI score0.00184EPSS
Exploits0References3
CNNVD
CNNVD
added 2025/07/09 12:0 a.m.3 views

Evasys 安全漏洞

Evasys is a platform for fully automated survey and exam solutions for online, paper and mixed use from Evasys Germany. A security vulnerability exists in Evasys versions 7.1 2152 through 8.0 2202 that stems from the indexeva.php action parameter being vulnerable to a reflective cross-site...

6.5CVSS6.1AI score0.00206EPSS
Exploits0References3
Rows per page
Query Builder