Lucene search
K

8548 matches found

CNNVD
CNNVD
added 2024/04/09 12:0 a.m.3 views

WordPress Plugin Elementor Addons by Livemesh 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress plugin is an application plugin that supports personal blogs on PHP and MySQL servers. A security vulnerability exists in WordPress Plugin...

6.4CVSS7.7AI score0.00427EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2024/04/09 12:0 a.m.4 views

PT-2024-20769 · WordPress · Wp Chat App

Name of the Vulnerable Software and Affected Versions: WP Chat App plugin for WordPress versions up to, and including, 3.6.2 Description: The issue arises from insufficient input sanitization and output escaping on user-supplied attributes, specifically the imageAlt block attribute. This allows...

6.4CVSS9.3AI score0.0036EPSS
Exploits0References4
CNNVD
CNNVD
added 2024/04/09 12:0 a.m.3 views

WordPress Plugin Elementor Addons by Livemesh 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress plugin is an application plugin that supports personal blogs on PHP and MySQL servers. A security vulnerability exists in WordPress Plugin...

6.4CVSS7.7AI score0.00427EPSS
Exploits0References3
CNNVD
CNNVD
added 2024/04/09 12:0 a.m.5 views

WordPress Plugin Rank Math SEO with AI SEO Tools 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A security vulnerability exists in WordPres...

6.4CVSS7.9AI score0.0034EPSS
Exploits0References3
NVD
NVD
added 2024/04/07 9:15 p.m.14 views

CVE-2024-31948

In FRRouting FRR through 9.1, an attacker using a malformed Prefix SID attribute in a BGP UPDATE packet can cause the bgpd daemon to crash...

6.5CVSS9.3AI score0.00825EPSS
Exploits0References4
OSV
OSV
added 2024/04/07 9:15 p.m.31 views

CVE-2024-31948

In FRRouting FRR through 9.1, an attacker using a malformed Prefix SID attribute in a BGP UPDATE packet can cause the bgpd daemon to crash...

6.5CVSS6.8AI score
Exploits0References4
CNNVD
CNNVD
added 2024/04/07 12:0 a.m.4 views

FRRouting 安全漏洞

FRRouting is an open source network routing software suite from the FRRouting Project that runs on Unix-like platforms. A security vulnerability exists in FRRouting FRR versions 9.1 and earlier, which originates from a vulnerability that allows an attacker to cause the bgpd daemon to crash by usi...

6.5CVSS6.9AI score0.00825EPSS
Exploits0References5
CNNVD
CNNVD
added 2024/04/06 12:0 a.m.3 views

Apache NimBLE 安全漏洞

Apache NimBLE is an open source Bluetooth 5.4 stack host and controller from the Apache Foundation in the U.S. It completely replaces the proprietary SoftDevice on the Nordic chipset.It is part of the Apache Mynewt project. A denial-of-service vulnerability exists in Apache NimBLE version 1.6.0 a...

7.5CVSS6.7AI score0.01458EPSS
Exploits0References2
CNNVD
CNNVD
added 2024/04/06 12:0 a.m.5 views

WordPress Plugin Element Pack Elementor Addons 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A security vulnerability exists in WordPres...

6.4CVSS7.9AI score0.00434EPSS
Exploits0References4
NVD
NVD
added 2024/04/05 8:15 a.m.9 views

CVE-2024-3217

The WP Directory Kit plugin for WordPress is vulnerable to SQL Injection via the 'attributevalue' and 'attributeid' parameters in all versions up to, and including, 1.3.0 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This...

8.8CVSS8.7AI score0.01869EPSS
Exploits1References3
OSV
OSV
added 2024/04/05 8:15 a.m.5 views

CVE-2024-3217

The WP Directory Kit plugin for WordPress is vulnerable to SQL Injection via the 'attributevalue' and 'attributeid' parameters in all versions up to, and including, 1.3.0 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This...

8.8CVSS5.9AI score0.01869EPSS
Exploits1References3
CVE
CVE
added 2024/04/05 7:34 a.m.71 views

CVE-2024-3217

CVE-2024-3217 affects WP Directory Kit for WordPress; the vulnerability is an SQL Injection via attribute_id and attribute_value in all versions up to 1.3.0 caused by insufficient escaping and query preparation. This allows an authenticated attacker with subscriber-level access or higher to injec...

8.8CVSS9.2AI score0.01869EPSS
Exploits1References3Affected Software1
CNNVD
CNNVD
added 2024/04/05 12:0 a.m.5 views

WordPress Plugin WP Directory Kit 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL. WordPress plugin is an application plugin. A security...

8.8CVSS9AI score0.01869EPSS
Exploits1References4
Positive Technologies
Positive Technologies
added 2024/04/05 12:0 a.m.3 views

PT-2024-20526 · Apache · Apache Nimble

Name of the Vulnerable Software and Affected Versions: Apache NimBLE versions through 1.6.0 Description: A specially crafted GATT operation can cause an infinite loop in the GATT server, leading to a denial of service in the Bluetooth stack or device. Recommendations: For Apache NimBLE versions...

7.5CVSS7.2AI score0.01458EPSS
Exploits0References10
Cvelist
Cvelist
added 2024/04/04 2:57 p.m.14 views

CVE-2024-30250 In Astro-Shield, setting a correct `integrity` attribute to injected code allows to bypass the allow-lists

Astro-Shield is an integration to enhance website security with SubResource Integrity hashes, Content-Security-Policy headers, and other techniques. Versions from 1.2.0 to 1.3.1 of Astro-Shield allow bypass to the allow-lists for cross-origin resources by introducing valid integrity attributes to...

7.5CVSS7.8AI score0.0031EPSS
Exploits0References4
Veracode
Veracode
added 2024/04/04 6:31 a.m.15 views

Information Disclosure

yaql is vulnerable to Information Disclosure. The vulnerability is due to improper handling of attribute access in the YAQL library's 'format' function, allowing unauthorized users to access sensitive information, including service account credentials...

6.5CVSS6.6AI score0.0074EPSS
Exploits0References7Affected Software1
BDU FSTEC
BDU FSTEC
added 2024/04/04 12:0 a.m.5 views

The vulnerability of the bgpd/bgp_packet.c file in the networking routing implementation software for Unix-like systems allows a hacker to cause a service failure.

The vulnerability of the bgpd/bgppacket.c file in the networking routing implementation software for Unix-like systems in FRRouting is related to the handling of NLRI Next Hop Routing Information when the length of the attribute is zero. Exploiting this vulnerability could allow a malicious actor...

7.8CVSS7.2AI score0.01058EPSS
Exploits0References4Affected Software3
CNNVD
CNNVD
added 2024/04/04 12:0 a.m.2 views

Astro-Shield 安全漏洞

Astro-Shield is an open source library from KindSpells Labs. It is used to compute sub-resource integrity hashes for JS scripts and CSS stylesheets. A security vulnerability exists in Astro-Shield versions 1.2.0 through 1.3.1, which stems from a vulnerability that allows an attacker to bypass the...

7.5CVSS7.4AI score0.0031EPSS
Exploits0References5
OSV
OSV
added 2024/04/03 5:15 p.m.3 views

DEBIAN-CVE-2023-52641

In the Linux kernel, the following vulnerability has been resolved: fs/ntfs3: Add NULL ptr dereference checking at the end of attrallocateframe It is preferable to exit through the out: label because internal debugging functions are located there...

5.5CVSS5.3AI score0.00239EPSS
Exploits0References1
OSV
OSV
added 2024/04/03 5:15 p.m.1 views

DEBIAN-CVE-2023-52640

In the Linux kernel, the following vulnerability has been resolved: fs/ntfs3: Fix oob in ntfslistxattr The length of name cannot exceed the space occupied by ea...

7.1CVSS6AI score0.00244EPSS
Exploits0References1
Rows per page
Query Builder