Lucene search
K

9293 matches found

NVD
NVD
added 2025/09/11 8:15 a.m.10 views

CVE-2025-9631

The AutoCatSet plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 2.1.4. This is due to missing or incorrect nonce validation on the autocatsetajax function. This makes it possible for unauthenticated attackers to trigger automatic...

4.3CVSS0.00151EPSS
Exploits0References3
GithubExploit
GithubExploit
added 2025/09/07 3:36 a.m.203 views

ebram_web_scanner

EBRAM Web Scanner EBRAM Web Scanner is a powerful Python-ba...

7.5AI score
Exploits0
NVD
NVD
added 2025/09/06 3:15 a.m.8 views

CVE-2025-58374

Roo Code is an AI-powered autonomous coding agent that lives in users' editors. Versions 3.25.23 and below contain a default list of allowed commands that do not need manual approval if auto-approve is enabled, and npm install is included in that list. Because npm install executes lifecycle...

7.8CVSS0.00199EPSS
Exploits0References3
OSV
OSV
added 2025/09/05 10:9 p.m.4 views

CVE-2025-58370 Roo Code: Potential Remote Code Execution via Bash Parameter Expansion and Indirect Reference

Roo Code is an AI-powered autonomous coding agent that lives in users' editors. Versions below 3.26.0 contain a vulnerability in the command parsing logic where the Bash parameter expansion and indirect reference were not handled correctly. If the agent was configured to auto-approve execution of...

8.1CVSS7.6AI score0.00411EPSS
Exploits0References3
Microsoft CVE
Microsoft CVE
added 2025/09/04 6:39 a.m.7 views

atm: clip: Fix infinite recursive call of clip_push().

...

7.8CVSS6.8AI score0.0017EPSS
Exploits0
Ubuntu
Ubuntu
added 2025/09/02 6:37 p.m.3 views

USN-7730-1: PIM Messagelib vulnerabilities

Damian Poddebniak, Christian Dresen, Jens Müller, Fabian Ising, Sebastian Schinzel, Simon Friedberger, Juraj Somorovsky, and Jörg Schwenk discovered that PIM Messagelib could be made to leak the plaintext of S/MIME encrypted emails when retrieving external content in emails. Under certain...

5.9CVSS6.2AI score0.04219EPSS
Exploits3
Tenable Nessus
Tenable Nessus
added 2025/09/02 12:0 a.m.2 views

SUSE SLED15 / SLES15 / openSUSE 15 Security Update : python-future (SUSE-SU-2025:03038-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has a package installed that is affected by a vulnerability as referenced in the SUSE-SU-2025:03038-1 advisory. - CVE-2025-50817: Fixed arbitrary code execution via the automatic import of file test.py bsc1248124...

5.4CVSS6.9AI score0.00271EPSS
Exploits0References4
SUSE Linux
SUSE Linux
added 2025/09/01 1:41 p.m.3 views

Security update for python-future

This update for python-future fixes the following issues: CVE-2025-50817: Fixed arbitrary code execution via the automatic import of file test.py bsc1248124 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch"...

8.5CVSS7.6AI score0.00271EPSS
Exploits0References4
OSV
OSV
added 2025/09/01 1:40 p.m.1 views

SUSE-SU-2025:03038-1 Security update for python-future

This update for python-future fixes the following issues: - CVE-2025-50817: Fixed arbitrary code execution via the automatic import of file test.py bsc1248124...

5.4CVSS6.4AI score0.00271EPSS
Exploits0References3
SUSE Linux
SUSE Linux
added 2025/08/29 1:49 p.m.3 views

Security update for python-future

This update for python-future fixes the following issues: CVE-2025-50817: Fixed arbitrary code execution via the automatic import of file test.py bsc1248124 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch"...

8.5CVSS8AI score0.00271EPSS
Exploits0References4
OSV
OSV
added 2025/08/29 1:49 p.m.7 views

SUSE-SU-2025:03029-1 Security update for python-future

This update for python-future fixes the following issues: - CVE-2025-50817: Fixed arbitrary code execution via the automatic import of file test.py bsc1248124...

5.4CVSS6.7AI score0.00271EPSS
Exploits0References3
OSV
OSV
added 2025/08/29 1:49 p.m.4 views

SUSE-SU-2025:03028-1 Security update for python-future

This update for python-future fixes the following issues: - CVE-2025-50817: Fixed arbitrary code execution via the automatic import of file test.py bsc1248124...

5.4CVSS6.7AI score0.00271EPSS
Exploits0References3
NVD
NVD
added 2025/08/28 6:15 p.m.5 views

CVE-2025-58047

Volto is a React based frontend for the Plone Content Management System. In versions from 19.0.0-alpha.1 to before 19.0.0-alpha.4, 18.0.0 to before 18.24.0, 17.0.0 to before 17.22.1, and prior to 16.34.0, an anonymous user could cause the NodeJS server part of Volto to quit with an error when...

7.5CVSS0.00569EPSS
Exploits0References7
CVE
CVE
added 2025/08/28 5:10 p.m.26 views

CVE-2025-58047

CVE-2025-58047 affects Volto (React frontend for Plone). The issue allows an anonymous user to trigger the NodeJS server to exit when visiting a specific URL, potentially causing DoS or downtime. Affected ranges include Volto versions before 16.34.0, 17.x before 17.22.1, 18.x before 18.24.0, and ...

7.5CVSS6.1AI score0.00569EPSS
Exploits0References7
Cvelist
Cvelist
added 2025/08/28 5:10 p.m.9 views

CVE-2025-58047 Volto affected by possible DoS by invoking specific URL by anonymous user

Volto is a React based frontend for the Plone Content Management System. In versions from 19.0.0-alpha.1 to before 19.0.0-alpha.4, 18.0.0 to before 18.24.0, 17.0.0 to before 17.22.1, and prior to 16.34.0, an anonymous user could cause the NodeJS server part of Volto to quit with an error when...

7.5CVSS0.00569EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2025/08/28 12:0 a.m.9 views

PT-2025-35112

Name of the Vulnerable Software and Affected Versions Volto versions 19.0.0-alpha.1 through 19.0.0-alpha.4 Volto versions 18.0.0 through 18.24.0 Volto versions 17.0.0 through 17.22.1 Volto versions prior to 16.34.0 Description Volto, a React-based frontend for the Plone Content Management System,...

7.5CVSS6.5AI score0.00569EPSS
Exploits0References23
NVD
NVD
added 2025/08/26 9:15 a.m.4 views

CVE-2025-6247

The WordPress Automatic Plugin plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 3.118.0. This is due to missing or incorrect nonce validation on one of its functions. This makes it possible for unauthenticated attackers to update campaigns and...

4.7CVSS0.00175EPSS
Exploits0References2
CVE
CVE
added 2025/08/26 9:6 a.m.27 views

CVE-2025-6247

CVE-2025-6247 affects the WordPress Automatic Plugin for WordPress (

4.7CVSS6.1AI score0.00175EPSS
Exploits0References2
Cvelist
Cvelist
added 2025/08/26 9:6 a.m.6 views

CVE-2025-6247 WordPress Automatic Plugin - AI content generator and auto poster plugin <= 3.118.0 - Cross-Site Request Forgery to Stored Cross-Site Scripting

The WordPress Automatic Plugin plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 3.118.0. This is due to missing or incorrect nonce validation on one of its functions. This makes it possible for unauthenticated attackers to update campaigns and...

4.7CVSS0.00175EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2025/08/26 9:6 a.m.2 views

CVE-2025-6247 WordPress Automatic Plugin - AI content generator and auto poster plugin <= 3.118.0 - Cross-Site Request Forgery to Stored Cross-Site Scripting

The WordPress Automatic Plugin plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 3.118.0. This is due to missing or incorrect nonce validation on one of its functions. This makes it possible for unauthenticated attackers to update campaigns and...

4.7CVSS6.1AI score0.00175EPSS
Exploits0References2
Rows per page
Query Builder