Lucene search
K

12 matches found

ATTACKERKB
ATTACKERKB
added 2026/06/23 8:59 p.m.7 views

CVE-2026-41862

Spring Statemachine's Kryo-based persistence backends JPA, MongoDB, Redis and ZooKeeper deserialise persisted state-machine contexts without enforcing a class allowlist CWE-502, deserialisation of untrusted data, which can lead to remote code execution inside the application JVM. Affected version...

8.8CVSS6.5AI score0.00423EPSS
Exploits0References2Affected Software1
OSV
OSV
added 2026/04/06 4:16 p.m.4 views

DEBIAN-CVE-2026-34380

OpenEXR provides the specification and reference implementation of the EXR file format, an image storage format for the motion picture industry. From 3.2.0 to before 3.2.7, 3.3.9, and 3.4.9, a signed integer overflow exists in undopxr24impl in src/lib/OpenEXRCore/internalpxr24.c at line 377. The...

5.9CVSS5.4AI score0.00255EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2026/01/09 8:47 a.m.6 views

CVE-2025-23879

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in PillarDev Easy Automatic Newsletter Lite easy-automatic-newsletter allows Reflected XSS.This issue affects Easy Automatic Newsletter Lite: from n/a through = 3.2.0...

7.1CVSS5.9AI score0.00363EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/12/09 12:0 a.m.5 views

PT-2025-50039

Cross-Site Request Forgery CSRF vulnerability in Saad Iqbal New User Approve new-user-approve allows Cross Site Request Forgery.This issue affects New User Approve: from n/a through = 3.2.0...

6.9AI score0.00106EPSS
Exploits0References2
NVD
NVD
added 2025/08/22 12:15 p.m.6 views

CVE-2025-57890

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Pierre Lannoy Sessions sessions allows Stored XSS.This issue affects Sessions: from n/a through = 3.2.0...

5.9CVSS0.0017EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/08/22 12:0 a.m.6 views

PT-2025-34354 · Unknown · Pierre Lannoy Sessions

Name of the Vulnerable Software and Affected Versions: Pierre Lannoy Sessions versions through 3.2.0 Description: The software contains an Improper Neutralization of Input During Web Page Generation issue, which allows for Stored Cross-Site Scripting XSS. Recommendations: Update Pierre Lannoy...

5.9CVSS6.4AI score0.0017EPSS
Exploits0References6
vulnersOsv
vulnersOsv
added 2024/04/02 9:30 p.m.10 views

org.apache.pulsar:pulsar-broker-auth-athenz (>=3.2.0 <=3.2.1), org.apache.pulsar:pulsar-broker-auth-sasl (>=3.2.0 <=3.2.1) +2 more potentially affected by CVE-2024-29834 via org.apache.pulsar:pulsar-broker (>=3.2.0 <=3.2.1)

org.apache.pulsar:pulsar-broker MAVEN version =3.2.0, =3.2.0, =3.2.0, =3.2.0, =3.2.0, =3.2.1 Source cves: CVE-2024-29834 Source advisory: OSV:GHSA-7MG2-6C6V-342R...

6.4CVSS6.9AI score0.01359EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2024/03/15 8:15 p.m.4 views

admin-tool-button (>=1.0.1a0 <=1.0.5a0), aedttest (=0.0.2) +130 more potentially affected by CVE-2024-27351 via django (>=3.2.0 <=3.2.24)

django PYPI version =3.2.0, =1.0.1a0, =2.0.0, =0.0.1, =1.0.6, =3.2.17.0, =6.2.0, =0.2.0, =0.1.0, =21.1.1, =21.1.0, =22.0.0.dev13, =22.0.0.dev14 and more Source cves: CVE-2024-27351 Source advisory: OSV:PYSEC-2024-47...

5.3CVSS6.7AI score0.01854EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2024/02/07 12:30 a.m.4 views

admin-tool-button (>=1.0.1a0 <=1.0.5a0), aedttest (=0.0.2) +130 more potentially affected by CVE-2024-24680 via django (>=3.2.0 <=3.2.23)

django PYPI version =3.2.0, =1.0.1a0, =2.0.0, =0.0.1, =1.0.6, =3.2.17.0, =6.2.0, =0.2.0, =0.1.0, =21.1.1, =21.1.0, =22.0.0.dev13, =22.0.0.dev14 and more Source cves: CVE-2024-24680 Source advisory: OSV:GHSA-XXJ9-F6RV-M3X4...

7.5CVSS7AI score0.01606EPSS
Exploits0
Positive Technologies
Positive Technologies
added 2021/12/14 12:0 a.m.43 views

PT-2021-24346 · Openzeppelin · Openzeppelin Contracts

Name of the Vulnerable Software and Affected Versions: OpenZeppelin Contracts versions 3.2.0 through 4.4.0 Description: The issue concerns initializer functions that are invoked separate from contract creation, such as minimal proxies, which may be reentered if they make an untrusted non-view...

5.6CVSS5.5AI score0.00494EPSS
Exploits0References7
CNVD
CNVD
added 2015/12/18 12:0 a.m.5 views

Directory Traversal Vulnerability in Joomla!

Joomla! is the United States Open Source Matters team developed a set of open source content management system CMS. The system provides RSS feeds , site search and other functions . A directory traversal vulnerability exists in Joomla! versions 3.2.0 through 3.3.x and 3.4.x before 3.4.6. A remote...

7.5CVSS6.8AI score0.02641EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2014/08/18 12:0 a.m.7 views

PT-2015-1018 · Linux +5 · Linux +5

Name of the Vulnerable Software and Affected Versions: linux-image versions 3.13.0 through 3.15.x linux-image versions 3.2.0 through 3.15.x Description: The issue is related to the implementation of certain splice write file operations in the Linux kernel, which does not enforce a restriction on...

10CVSS7.9AI score0.10108EPSS
Exploits65References563
Rows per page
Query Builder