Lucene search
K

17 matches found

Cvelist
Cvelist
added 2026/05/18 12:0 a.m.43 views

CVE-2026-39079

An issue in prestashop upsshipping all versions through at least 2.4.0 allows a remote attacker to obtain sensitive information via the /modules/upsshipping/logs/, and /modules/upsshipping/lib/UPSBaseApi.php components...

0.0031EPSS
Exploits0References1
CVE
CVE
added 2026/04/20 8:37 p.m.38 views

CVE-2026-5928

CVE-2026-5928 affects glibc’s ungetwc on FILE streams with wide characters where overlaps between single-byte and multi-byte encodings occur, in version 2.43 or earlier. A bug in the wide character pushback (_IO_wdefault_pbackfail) causes ungetwc() to operate on the regular input buffer (fp->_...

7.5CVSS6AI score0.00345EPSS
Exploits1References1Affected Software1
CNNVD
CNNVD
added 2026/04/12 12:0 a.m.6 views

CowAgent 访问控制错误漏洞

CowAgent is an intelligent assistant and scalable agent framework developed by zhayujie’s individual developer. Versions of CowAgent 2.0.4 and earlier contained a security vulnerability related to access control. This vulnerability stemmed from the absence of authentication in the Agent Mode...

7.5CVSS7.2AI score0.00391EPSS
Exploits0References6
Tenable Nessus
Tenable Nessus
added 2026/04/10 12:0 a.m.4 views

Unity Linux 20.1070a Security Update: glibc (UTSA-2026-007101)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-007101 advisory. The regcomp function in the GNU C library version from 2.4 to 2.41 is subject to a double free if some previous allocation fails. It can be accomplished either by a...

5.9CVSS7.1AI score0.00158EPSS
Exploits0References4
SUSE CVE
SUSE CVE
added 2026/04/07 11:27 p.m.6 views

SUSE CVE-2026-27447

OpenPrinting CUPS is an open source printing system for Linux and other Unix-like operating systems. In versions 2.4.16 and prior, CUPS daemon cupsd contains an authorization bypass vulnerability due to case-insensitive username comparison during authorization checks. The vulnerability allows an...

4.8CVSS5.8AI score0.00317EPSS
Exploits1References9
CNNVD
CNNVD
added 2025/03/31 12:0 a.m.5 views

WordPress plugin PostmarkApp Email Integrator 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability in...

4.3CVSS8.3AI score0.00267EPSS
Exploits0References1
Patchstack
Patchstack
added 2025/01/27 11:20 p.m.2 views

WordPress WC Affiliate plugin < 2.4 - Reflected XSS vulnerability

Reflected XSS vulnerability discovered by Hassan Khan Yusufzai - Splint3r7 in WordPress Plugin WC Affiliate versions 2.4...

7.1CVSS6.4AI score0.00264EPSS
Exploits1References1Affected Software1
CNNVD
CNNVD
added 2025/01/01 12:0 a.m.4 views

WordPress plugin Category Post Shortcode 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation. WordPress is a blogging platform developed in the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site scripting vulnerability exists i...

6.5CVSS7.4AI score0.00238EPSS
Exploits0References1
CNNVD
CNNVD
added 2023/04/10 12:0 a.m.5 views

WordPress plugin Simple Giveaways 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers running PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting vulnerabilit...

4.8CVSS6.3AI score0.00446EPSS
Exploits2References2
Github Security Blog
Github Security Blog
added 2022/05/24 7:12 p.m.7 views

Magento is affected by an improper input validation vulnerability

Magento Commerce versions 2.4.2 and earlier, 2.4.2-p1 and earlier and 2.3.7 and earlier are affected by an improper input validation vulnerability. An authenticated attacker can trigger an insecure direct object reference in the V1/customers/me endpoint to achieve information exposure and privile...

8.8CVSS6.6AI score0.02242EPSS
Exploits0References3Affected Software2
CNNVD
CNNVD
added 2022/04/20 12:0 a.m.3 views

webTareas SQL注入漏洞

webTareas is a web-based open source collaboration tool. The product supports project management, bug tracking, content management and meeting management. A SQL injection vulnerability exists in webTareas version 2.4p3 and earlier versions, which stems from the $uq parameter of...

9.8CVSS8.5AI score0.05452EPSS
Exploits5References7
CNVD
CNVD
added 2018/04/04 12:0 a.m.3 views

Wireshark epan/dissectors/packet-isup.c file memory leak vulnerability

Wireshark formerly known as Ethereal is a network packet analyzer software developed by the Wireshark team. The function of the software is to intercept network packets and display detailed data for analysis. A security vulnerability exists in the epan/dissectors/packet-isup.c file in Wireshark...

7.5CVSS6.7AI score0.0206EPSS
Exploits1References1
CNVD
CNVD
added 2018/04/04 12:0 a.m.3 views

Wireshark ui/failure_message.c file memory leak vulnerability

Wireshark formerly known as Ethereal is a network packet analyzer software developed by the Wireshark team. The function of the software is to intercept network packets and display detailed data for analysis. A security vulnerability exists in the ui/failuremessage.c file in Wireshark versions...

7.5CVSS6.7AI score0.02165EPSS
Exploits1References1
CNVD
CNVD
added 2018/02/24 12:0 a.m.2 views

Wireshark FCP Protocol Parser Denial of Service Vulnerability

Wireshark formerly known as Ethereal is a suite of network packet analysis software developed by the Wireshark team. The function of the software is to intercept network packets and display detailed data for analysis.FCP protocol dissector is one of the FCP mesh channel protocol parsers. A securi...

7.5CVSS6.7AI score0.02721EPSS
Exploits0References1
OSV
OSV
added 2018/02/23 10:29 p.m.1 views

DEBIAN-CVE-2018-7332

In Wireshark 2.4.0 to 2.4.4 and 2.2.0 to 2.2.12, epan/dissectors/packet-reload.c had an infinite loop that was addressed by validating a length...

7.5CVSS7.4AI score0.02385EPSS
Exploits0References1
CNVD
CNVD
added 2017/01/18 12:0 a.m.3 views

Apache Groovy Remote Code Execution Vulnerability

Apache Groovy is a JVM-based agile development language from the Apache Apache Software Foundation, which combines many of the powerful features of Python, Ruby and Smalltalk. A remote code execution vulnerability exists in Apache Groovy versions prior to 2.4.8. An attacker could exploit this...

9.8CVSS9.6AI score0.17239EPSS
Exploits1References1
Positive Technologies
Positive Technologies
added 2001/12/31 12:0 a.m.3 views

PT-2001-2571 · Imatix · Xitami

Name of the Vulnerable Software and Affected Versions: Xitami versions 2.4 through 2.5 b4 Description: The issue allows remote attackers to gain privileges due to the storage of the Administrator password in plaintext in the default.aut file. The default permissions of this file are world-readabl...

10CVSS7.1AI score0.02901EPSS
Exploits1References7
Rows per page
Query Builder