Lucene search
K

15 matches found

IBM Security Bulletins
IBM Security Bulletins
added 2026/04/13 6:45 p.m.6 views

Security Bulletin: IBM Planning Analytics Cartridge has addressed a security vulnerability in Docker CLI (CVE-2025-15558)

Summary IBM Planning Analytics Cartridge is considered affected by a vulnerability in Docker CLI Vulnerability Details CVEID:CVE-2025-15558 DESCRIPTION: Docker CLI for Windows searches for plugin binaries in C:\ProgramData\Docker\cli-plugins, a directory that does not exist by default. A...

8CVSS5.8AI score0.00472EPSS
Exploits0Affected Software1
SUSE CVE
SUSE CVE
added 2026/03/15 12:28 a.m.10 views

SUSE CVE-2025-15558

Docker CLI for Windows searches for plugin binaries in C:\ProgramData\Docker\cli-plugins, a directory that does not exist by default. A low-privileged attacker can create this directory and place malicious CLI plugin binaries docker-compose.exe, docker-buildx.exe, etc. that are executed when a...

8CVSS5.8AI score0.00472EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2026/03/04 4:14 p.m.3 views

CVE-2025-15558 Docker Desktop Docker Plugins Uncontrolled Search Path Element Local Privilege Escalation Vulnerability

Docker CLI for Windows searches for plugin binaries in C:\ProgramData\Docker\cli-plugins, a directory that does not exist by default. A low-privileged attacker can create this directory and place malicious CLI plugin binaries docker-compose.exe, docker-buildx.exe, etc. that are executed when a...

7CVSS5.9AI score0.00472EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2025/12/14 5:3 a.m.10 views

CVE-2025-14394

The Popover Windows plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.2. This is due to missing or incorrect nonce validation. This makes it possible for unauthenticated attackers to update the plugin's settings via a forged request granted they...

4.3CVSS5.4AI score0.00102EPSS
Exploits0References1
EUVD
EUVD
added 2025/12/13 6:30 p.m.4 views

EUVD-2025-203205

The Popover Windows plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.2. This is due to missing or incorrect nonce validation. This makes it possible for unauthenticated attackers to update the plugin's settings via a forged request granted they...

4.3CVSS4.9AI score0.00102EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2025/12/13 4:31 a.m.3 views

CVE-2025-14394 Popover Windows <= 1.2 - Cross-Site Request Forgery to Arbitrary Popover Configuration Update

The Popover Windows plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.2. This is due to missing or incorrect nonce validation. This makes it possible for unauthenticated attackers to update the plugin's settings via a forged request granted they...

4.3CVSS5AI score0.00102EPSS
Exploits0References2
CVE
CVE
added 2025/12/13 4:31 a.m.13 views

CVE-2025-14394

CVE-2025-14394 (Popover Windows, WordPress) is a CSRF vulnerability in Popover Windows plugin ≤ 1.2 caused by missing nonce verification. This allows unauthenticated attackers to update plugin settings by tricking an admin into performing an action (e.g., clicking a forged link). Connected source...

4.3CVSS5AI score0.00102EPSS
Exploits0References2
Cvelist
Cvelist
added 2025/12/13 4:31 a.m.24 views

CVE-2025-14394 Popover Windows <= 1.2 - Cross-Site Request Forgery to Arbitrary Popover Configuration Update

The Popover Windows plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.2. This is due to missing or incorrect nonce validation. This makes it possible for unauthenticated attackers to update the plugin's settings via a forged request granted they...

4.3CVSS0.00102EPSS
Exploits0References2
CVE
CVE
added 2025/12/13 4:31 a.m.11 views

CVE-2025-14395

The CVE CVE-2025-14395 concerns the Popover Windows WordPress plugin (versions

4.3CVSS4.8AI score0.00158EPSS
Exploits0References2
CNNVD
CNNVD
added 2025/12/13 12:0 a.m.3 views

WordPress plugin Popover Windows 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin... A security...

4.3CVSS6.3AI score0.00158EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/07 12:30 a.m.3 views

EUVD-2017-11473

Malware in sbrugna...

9CVSS8.6AI score0.01226EPSS
Exploits0References3
CNNVD
CNNVD
added 2025/07/28 12:0 a.m.3 views

JetBrains TeamCity 安全漏洞

JetBrains TeamCity is a set of distributed build management and continuous integration tools from the Czech company JetBrains. The tool provides features such as continuous unit testing, code quality analysis and build issue analysis reports. A security vulnerability exists in JetBrains TeamCity...

9.4CVSS6.7AI score0.0029EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2025/03/09 12:41 a.m.6 views

CVE-2025-27816

A vulnerability was discovered in the Arctera InfoScale 7.0 through 8.0.2 where a .NET remoting endpoint can be exploited due to the insecure deserialization of potentially untrusted messages. The vulnerability is present in the Windows PluginHost service, which runs on all the servers where...

9.8CVSS6.9AI score0.00626EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2023/01/10 12:0 a.m.119 views

Google Chrome < 109.0.5414.87 Multiple Vulnerabilities (deprecated)

This plugin has been deprecated. Please use one of the following plugins instead; - For MacOS: macosxgooglechrome1090541487.nasl plugin ID 169761 - For Windows: googlechrome1090541474.nasl plugin ID 169758 %NASLMINLEVEL 80900 C Tenable Network Security, Inc. @DEPRECATED@ Disabled on 2023/03/02...

0.3AI score0.007EPSS
Exploits0References29
ATTACKERKB
ATTACKERKB
added 2022/05/17 3:15 p.m.3 views

CVE-2022-30950

Jenkins WMI Windows Agents Plugin 1.8 and earlier includes the Windows Remote Command library which has a buffer overflow vulnerability that may allow users able to connect to a named pipe to execute commands on the Windows agent machine...

8.8CVSS7.7AI score0.0168EPSS
Exploits0References3
Rows per page
Query Builder