Lucene search
+L

1468 matches found

RedhatCVE
RedhatCVE
added 2026/01/07 9:30 a.m.6 views

CVE-2019-16186

In Limesurvey before 3.17.14, admin users can access the plugin manager without proper permissions...

7.2CVSS6.9AI score0.01301EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/07 9:18 a.m.6 views

CVE-2025-1351

IBM Storage Virtualize 8.5, 8.6, and 8.7 products could allow a user to escalate their privileges to that of another user logging in at the same time due to a race condition in the login function...

7CVSS6.4AI score0.00086EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/07 9:12 a.m.23 views

CVE-2025-1313

The Nokri - Job Board WordPress Theme theme for WordPress is vulnerable to privilege escalation via account takeover in all versions up to, and including, 1.6.3. This is due to the plugin not properly validating a user's identity prior to updating their details like email address. This makes it...

8.8CVSS6.9AI score0.00371EPSS
Exploits0References1
CVE
CVE
added 2026/01/02 3:42 p.m.11 views

CVE-2025-69284

CVE-2025-69284 affects the open-source project management tool Plane (plane.io). Before version 1.2.0, a guest user could access the API endpoint /api/workspaces/:slug/members/ and enumerate members of a workspace they joined. The response’s display_name is the email handler, allowing a malicious...

4.3CVSS6.4AI score0.00162EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2025/12/30 12:37 p.m.19 views

CVE-2023-54326

Technical details about CVE-2023-54326 are not publicly provided in the supplied documents. Further updates from vendor advisories or connected feeds should be monitored for affected products, impact, and fixes.

6AI score0.00176EPSS
Exploits0References7
OSV
OSV
added 2025/12/19 11:17 a.m.4 views

SUSE-SU-2025:4490-1 Security update for xen

This update for xen fixes the following issues: Update to Xen 4.17.6. Security issues fixed: - CVE-2025-58149: incorrect removal of permissions on PCI device unplug allows PV guests to access memory of devices no longer assigned to them bsc1252692. Other issues fixed: - Several upstream bug fixes...

7.5CVSS5.8AI score0.00396EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2025/12/18 12:0 a.m.4 views

SUSE SLED15: xen / xen-devel / xen-libs / xen-tools / xen-tools-domU / etc (SUSE-SU-2025:4419-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2025:4419-1 advisory. Update to Xen 4.20.2 jscPED-8907. Security issues fixed: - CVE-2025-58149: incorrect removal of permissions on PCI devi...

7.5CVSS5.8AI score0.00396EPSS
Exploits0References5
EUVD
EUVD
added 2025/12/16 6:26 p.m.6 views

EUVD-2025-203830

The Open edX Platform is a learning management platform. Prior to commit 05d0d0936daf82c476617257aa6c35f0cd4ca060, CourseLimitedStaffRole users are able to access and edit courses in studio if they are granted the role on an org rather than on a course, and CourseLimitedStaffRole users are able t...

9.9CVSS6.3AI score0.0028EPSS
Exploits0References4
Cvelist
Cvelist
added 2025/12/16 3:39 p.m.32 views

CVE-2025-68309 PCI/AER: Fix NULL pointer access by aer_info

In the Linux kernel, the following vulnerability has been resolved: PCI/AER: Fix NULL pointer access by aerinfo The kzallocGFPKERNEL may return NULL, so all accesses to aerinfo-xxx will result in kernel panic. Fix it...

0.0015EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2025/12/13 10:0 p.m.7 views

CVE-2025-43497

An access issue was addressed with additional sandbox restrictions. This issue is fixed in macOS Tahoe 26.1. An app may be able to break out of its sandbox...

5.2CVSS6.3AI score0.00141EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2025/12/09 12:0 a.m.5 views

Linux Distros Unpatched Vulnerability : CVE-2022-50666

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - RDMA/siw: Fix QP destroy to wait for all references dropped. Delay QP destroy completion until all siw references to QP are dropped. The calling RDMA core will...

5.3AI score0.00214EPSS
Exploits0References4
OpenVAS
OpenVAS
added 2025/11/12 12:0 a.m.3 views

Huawei EulerOS: Security Advisory for cloud-init (EulerOS-SA-2025-2380)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.8CVSS6.4AI score0.00205EPSS
Exploits0References2
EUVD
EUVD
added 2025/11/11 6:30 p.m.6 views

EUVD-2025-93510

Improper link resolution before file access 'link following' for some IntelR Server Configuration Utility software and IntelR Server Firmware Update Utility software before version 16.0.12. within Ring 3: User Applications may allow an escalation of privilege. System software adversary with an...

6.7CVSS6AI score0.00124EPSS
Exploits0References2
Cvelist
Cvelist
added 2025/11/03 3:14 p.m.11 views

CVE-2025-36091 IBM Business Automation Insights unverified ownership

IBM Cloud Pak For Business Automation 25.0.0, 24.0.1, and 24.0.0 could allow an authenticated user to cause dashboards to become inaccessible to legitimate users due to invalid ownership assignment...

4.3CVSS0.0031EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/11/01 12:4 p.m.14 views

CVE-2025-12175

The The Events Calendar plugin for WordPress is vulnerable to unauthorized access due to a missing capability check on the 'tecqrcodemodal' AJAX endpoint in all versions up to, and including, 6.15.9. This makes it possible for authenticated attackers, with Subscriber-level access and above, to vi...

4.3CVSS5.1AI score0.00218EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/15 9:31 p.m.4 views

EUVD-2022-55068

In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: Fix premature hw access after PCI error After a recoverable PCI error has been detected and recovered, qla driver needs to check to see if the error condition still persist and/or wait for the OS to give the resume...

5.5CVSS5.2AI score0.00252EPSS
Exploits0References5
EUVD
EUVD
added 2025/10/07 12:30 a.m.11 views

EUVD-2019-3649

Malware in sbrugna...

9.4CVSS7.5AI score0.0153EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2021-12694

Malware in sbrugna...

7.8CVSS7.5AI score0.0163EPSS
Exploits0References4
EUVD
EUVD
added 2025/10/07 12:30 a.m.9 views

EUVD-2018-3947

Malware in sbrugna...

9.8CVSS9.5AI score0.00815EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.7 views

EUVD-2017-2693

Malware in sbrugna...

7.8CVSS7.9AI score0.00151EPSS
Exploits0References3
Rows per page
Query Builder