Lucene search
K

11 matches found

vulnersOsv
vulnersOsv
added 2026/05/19 12:31 p.m.7 views

ch.iterial.keycloak.plugins:keycloak-directus-plugin (>=0.1.0 <=0.7.0), com.charlyghislain.keycloak:keycloak-importexport (>=21.0.0 <=23.0.1) +174 more potentially affected by CVE-2026-37979 via org.keycloak:keycloak-services (>=1.0-alpha-1 <=26.6.1)

org.keycloak:keycloak-services MAVEN version =1.0-alpha-1, =0.1.0, =21.0.0, =1.4.10, =1.4.10, =1.4.10, =1.4.10, =1.4.10, =1.4.10, =1.4.10, =1.4.10, =1.4.10, =1.4.11 - com.github.wnameless.spring.boot.up:spring-boot-up-embedded-keycloak =24.3.0.0 -...

6.5CVSS5.4AI score0.00366EPSS
Exploits0
IBM Security Bulletins
IBM Security Bulletins
added 2026/05/12 5:23 a.m.7 views

Security Bulletin: InfoSphere Optim Test Data Fabrication is affected by Arbitrary File Read (CVE-2026-3366)

Summary InfoSphere Optim Test Data Fabrication Resource Manager is affected by Arbitrary File Read via Path Traversal CVE-2026-3366. Vulnerability Details CVEID:CVE-2026-3366 DESCRIPTION: IBM InfoSphere Optim Test Data Fabrication could allow a remote attacker to traverse directories on the syste...

7.5CVSS6AI score0.00596EPSS
Exploits0Affected Software1
CVE
CVE
added 2026/05/08 3:20 a.m.23 views

CVE-2026-42264

Summary: CVE-2026-42264 affects Axios, a promise-based HTTP client for browser/Node.js. The vulnerability lies in the HTTP adapter: from 1.0.0 up to, but not including, 1.15.2, certain config properties (auth, baseURL, socketPath, beforeRedirect, insecureHTTPParser) are read via direct property a...

9.1CVSS5.7AI score0.00549EPSS
Exploits1References10Affected Software1
Positive Technologies
Positive Technologies
added 2026/02/03 12:0 a.m.6 views

PT-2026-5925

Name of the Vulnerable Software and Affected Versions TP-Link Archer AX53 versions 1.0 through 1.3.1 Build 20241120 Description A heap-based buffer overflow exists in the tmpserver modules of TP-Link Archer AX53. This flaw allows authenticated attackers in an adjacent network to trigger a...

7.3CVSS6.2AI score0.00405EPSS
Exploits0References6
Vulnrichment
Vulnrichment
added 2025/11/26 12:0 a.m.2 views

CVE-2025-65276

An unauthenticated administrative access vulnerability exists in the open-source HashTech project https://github.com/henzljw/hashtech 1.0 thru commit 5919decaff2681dc250e934814fc3a35f6093ee5 2021-07-02. Due to missing authentication checks on /adminindex.php, an attacker can directly access the...

6.6AI score0.00364EPSS
Exploits0References1
NVD
NVD
added 2025/08/20 8:15 a.m.8 views

CVE-2025-49409

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in brewlabs SensorPress allows Stored XSS. This issue affects SensorPress: from n/a through 1.0...

9.8CVSS0.00452EPSS
Exploits0References1
vulnersOsv
vulnersOsv
added 2025/04/30 5:26 p.m.4 views

ch.iterial.keycloak.plugins:keycloak-directus-plugin (>=0.1.0 <=0.7.0), com.charlyghislain.keycloak:keycloak-importexport (>=21.0.0 <=23.0.1) +135 more potentially affected by CVE-2025-3910 via org.keycloak:keycloak-services (>=1.0-alpha-1 <=26.2.1)

org.keycloak:keycloak-services MAVEN version =1.0-alpha-1, =0.1.0, =21.0.0, =1.4.10, =1.4.10, =1.4.10, =1.4.10, =1.4.10, =1.4.10, =1.4.10, =1.4.10, =1.4.10, =1.0.1, =1.0.2 - com.kleegroup.accelerator:accelerator-security-keycloakmfa =1.0.1 and more Source cves: CVE-2025-3910 Source advisory:...

5.4CVSS5.5AI score0.00368EPSS
Exploits0
NVD
NVD
added 2025/03/24 2:15 p.m.6 views

CVE-2025-30569

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Jahertor WP Featured Entries wp-featured-entries allows SQL Injection.This issue affects WP Featured Entries: from n/a through = 1.0...

8.5CVSS0.00388EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/01/02 12:0 a.m.4 views

PT-2025-3182 · Unknown · Irshad Services

Name of the Vulnerable Software and Affected Versions: Irshad Services versions n/a through 1.0 Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as 'Cross-site Scripting'. This allows for Reflected XSS, where an attacker can inject...

7.1CVSS9.3AI score0.00254EPSS
Exploits0References8
Positive Technologies
Positive Technologies
added 2024/10/28 12:0 a.m.3 views

PT-2024-34247 · Unknown · Themes4Wp Youtube External Subtitles

Name of the Vulnerable Software and Affected Versions: Themes4WP YouTube External Subtitles versions 1.0 and earlier Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting XSS. This allows for Stored XSS attacks...

6.5CVSS5.4AI score0.00248EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2007/03/07 12:0 a.m.4 views

PT-2007-1424 · Leicestershire · Leicestershire Communityportals

Name of the Vulnerable Software and Affected Versions: Leicestershire communityPortals versions 1.0 build 20051018 and earlier Description: The issue allows remote attackers to execute arbitrary PHP code via a URL in the cp root path parameter. This is a different vector than previously identifie...

7.5CVSS8AI score0.02255EPSS
Exploits1References5
Rows per page
Query Builder