Lucene search
K

9293 matches found

Tenable Nessus
Tenable Nessus
added 2025/08/18 12:0 a.m.9 views

Linux Distros Unpatched Vulnerability : CVE-2025-38470

"The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - net: vlan: fix VLAN 0 refcount imbalance of toggling filtering during runtime Assuming the rx-vlan- filter feature is enabled on a net device, the 8021q module...

5.5CVSS6.4AI score0.00161EPSS
Exploits0References3
Packet Storm News
Packet Storm News
added 2025/08/17 12:0 a.m.2 views

ViT-EnsembleAttack: Augmenting Ensemble Models for Stronger Adversarial Transferability in Vision Transformers

Ensemble-based attacks have been proven to be effective in enhancing adversarial transferability by aggregating the outputs of models with various architectures. However, existing research primarily focuses on refining ensemble weights or optimizing the ensemble path, overlooking the exploration ...

7.1AI score
Exploits0
RedhatCVE
RedhatCVE
added 2025/08/16 11:25 a.m.6 views

CVE-2025-39510

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in ValvePress Pinterest Automatic Pin wp-pinterest-automatic allows SQL Injection.This issue affects Pinterest Automatic Pin: from n/a through 4.19.0...

8.5CVSS5.9AI score0.00254EPSS
Exploits0References1
Packet Storm News
Packet Storm News
added 2025/08/16 12:0 a.m.2 views

AUTOVR: Automated UI Exploration for Detecting Sensitive Data Flow Exposures in Virtual Reality Apps

The rise of Virtual Reality VR has provided developers with an unprecedented platform for creating games and applications apps that require distinct inputs, different from those of conventional devices like smartphones. The Meta Quest VR platform, driven by Meta, has democratized VR app publishin...

6.6AI score
Exploits0
Schneier on Security
Schneier on Security
added 2025/08/15 11:7 a.m.8 views

Trojans Embedded in .svg Files

Porn sites are hiding code in .svg files: Unpacking the attack took work because much of the JavaScript in the .svg images was heavily obscured using a custom version of "JSFuck," a technique that uses only a handful of character types to encode JavaScript into a camouflaged wall of text. Once...

7.2AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/08/14 6:52 p.m.1 views

Malicious code in @lbnqduy/automatic-octo-dollop (npm)

The package @lbnqduy/automatic-octo-dollop was found to contain malicious code...

7AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/08/14 6:52 p.m.1 views

Malicious code in @lbnqduy/automatic-guacamole (npm)

The package @lbnqduy/automatic-guacamole was found to contain malicious code...

7AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/08/14 6:52 p.m.3 views

Malicious code in @leaffm/automatic-script-test (npm)

The package @leaffm/automatic-script-test was found to contain malicious code...

7AI score
Exploits0
OSV
OSV
added 2025/08/14 6:52 p.m.3 views

MAL-2025-8367 Malicious code in @leaffm/automatic-script-test (npm)

The package @leaffm/automatic-script-test was found to contain malicious code...

7.2AI score
Exploits0
OSV
OSV
added 2025/08/14 6:52 p.m.1 views

MAL-2025-8320 Malicious code in @lbnqduy/automatic-octo-dollop (npm)

The package @lbnqduy/automatic-octo-dollop was found to contain malicious code...

7.2AI score
Exploits0
OSV
OSV
added 2025/08/14 6:52 p.m.2 views

MAL-2025-8319 Malicious code in @lbnqduy/automatic-guacamole (npm)

The package @lbnqduy/automatic-guacamole was found to contain malicious code...

7.2AI score
Exploits0
OSV
OSV
added 2025/08/14 5:15 p.m.5 views

CVE-2025-50817

A vulnerability in the Python-Future 1.0.0 module allows for arbitrary code execution via the unintended import of a file named test.py. When the module is loaded, it automatically imports test.py, if present in the same directory or in the sys.path. This behavior can be exploited by an attacker...

5.4CVSS6.8AI score0.00271EPSS
Exploits0References4
NVD
NVD
added 2025/08/14 11:15 a.m.4 views

CVE-2025-39510

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in ValvePress Pinterest Automatic Pin wp-pinterest-automatic allows SQL Injection.This issue affects Pinterest Automatic Pin: from n/a through 4.19.0...

8.5CVSS0.00254EPSS
Exploits0References1
CVE
CVE
added 2025/08/14 10:34 a.m.21 views

CVE-2025-39510

CVE-2025-39510 affects the WordPress plugin “Pinterest Automatic Pin” (ValvePress). The issue is an SQL Injection due to improper neutralization of inputs in the plugin prior to version 4.19.0. Affected versions are those before 4.19.0 (reported as

8.5CVSS5.9AI score0.00254EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/08/14 10:34 a.m.10 views

CVE-2025-39510 WordPress Pinterest Automatic Pin plugin < 4.19.0 - SQL Injection vulnerability

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in ValvePress Pinterest Automatic Pin wp-pinterest-automatic allows SQL Injection.This issue affects Pinterest Automatic Pin: from n/a through 4.19.0...

8.5CVSS0.00254EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/08/14 10:34 a.m.3 views

CVE-2025-39510 WordPress Pinterest Automatic Pin plugin < 4.19.0 - SQL Injection vulnerability

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in ValvePress Pinterest Automatic Pin wp-pinterest-automatic allows SQL Injection.This issue affects Pinterest Automatic Pin: from n/a through 4.19.0...

8.5CVSS5.6AI score0.00254EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/08/14 12:0 a.m.2 views

python-future 安全漏洞

python-future is a Python compatible software open source by Python Charmers. A security vulnerability exists in python-future version 1.0.0, which stems from the automatic import of the test.py file and could lead to the execution of arbitrary code...

5.4CVSS7AI score0.00271EPSS
Exploits0References5
CNNVD
CNNVD
added 2025/08/14 12:0 a.m.2 views

WordPress plugin Pinterest Automatic Pin SQL注入漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. WordPress plugin Pinterest...

8.5CVSS7.7AI score0.00254EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/08/14 12:0 a.m.5 views

PT-2025-33169 · WordPress · Valvepress Pinterest Automatic Pin

Name of the Vulnerable Software and Affected Versions: ValvePress Pinterest Automatic Pin affected versions not specified Description: An improper neutralization of special elements used in an SQL command vulnerability exists in ValvePress Pinterest Automatic Pin. This allows for SQL injection...

8.5CVSS6.7AI score0.00254EPSS
Exploits0References3
CVE
CVE
added 2025/08/14 12:0 a.m.55 views

CVE-2025-50817

Summary of CVE-2025-50817 : IBM security bulletins describe an arbitrary code execution in Python-Future 1.0.0 via unintended import of a local file named test.py when the module is loaded. The risk relies on an attacker who can write files to the server; Python’s import mechanism loads test.py f...

5.4CVSS7.2AI score0.00271EPSS
Exploits0References4
Rows per page
Query Builder