Lucene search
K

9293 matches found

CNNVD
CNNVD
added 2025/04/11 12:0 a.m.2 views

WordPress plugin Automatic Ban IP 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site scripting vulnerability exists...

7.1CVSS6.8AI score0.00278EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2025/04/11 12:0 a.m.12 views

Security Updates for Microsoft OneNote C2R (April 2025)

The Microsoft OneNote Products are missing a security update. It is, therefore, affected by a security feature bypass vulnerability. Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number. %NASLMINLEVEL 80900 C Tenable, Inc. Th...

7.8CVSS7.8AI score0.0074EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2025/04/11 12:0 a.m.17 views

Security Updates for Microsoft Word Products C2R (April 2025)

The Microsoft Word Products are missing security updates. It is, therefore, affected by multiple vulnerabilities: - A remote code execution vulnerability. An attacker can exploit this to bypass authentication and execute unauthorized arbitrary commands. CVE-2025-27747, CVE-2025-29820 Note that...

7.8CVSS8.9AI score0.00742EPSS
Exploits0References4
OSV
OSV
added 2025/04/09 5:4 p.m.3 views

DRUPAL-CONTRIB-2025-030

This module enables you to translate nodes, configuration, UI strings automatically. The module doesn't sufficiently validate the incoming API response when using eTranslation integration, which has an asynchronous workflow. Specially crafted requests could overwrite entities and translations of...

6.5CVSS6.9AI score0.00357EPSS
Exploits0References1
Patchstack
Patchstack
added 2025/04/09 4:49 p.m.6 views

WordPress Automatic Ban IP Plugin <= 1.0.7 - Reflected Cross Site Scripting (XSS) vulnerability

Reflected Cross Site Scripting XSS vulnerability discovered by João Pedro S Alcântara Kinorth in WordPress Plugin Automatic Ban IP versions = 1.0.7...

7.1CVSS6.9AI score0.00278EPSS
Exploits0Affected Software1
RedhatCVE
RedhatCVE
added 2025/04/03 4:42 p.m.8 views

CVE-2025-31820

Missing Authorization vulnerability in webdevstudios Automatic Featured Images from Videos automatic-featured-images-from-videos allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Automatic Featured Images from Videos: from n/a through = 1.2.4...

4.3CVSS7.2AI score0.00286EPSS
Exploits0References1
Fedora
Fedora
added 2025/04/03 1:52 a.m.14 views

[SECURITY] Fedora 40 Update: suricata-7.0.10-1.fc40

The Suricata Engine is an Open Source Next Generation Intrusion Detection and Prevention Engine. This engine is not intended to just replace or emulate the existing tools in the industry, but will bring new ideas and technologies to the field. This new Engine supports Multi-threading, Automatic...

7.5CVSS7.2AI score0.00227EPSS
Exploits0
Fedora
Fedora
added 2025/04/01 4:10 p.m.40 views

[SECURITY] Fedora 42 Update: php-kissifrot-php-ixr-1.8.4-1.fc42

PHP-IXR is an XML-RPC library designed primarily for ease of use. It incorporates both client and server classes, and is designed to hide as much of the workings of XML-RPC from the user as possible. A key feature of the library is automatic type conversion from PHP types to XML-RPC types and vic...

5.4CVSS7.3AI score0.007EPSS
Exploits0
NVD
NVD
added 2025/04/01 3:16 p.m.4 views

CVE-2025-31820

Missing Authorization vulnerability in webdevstudios Automatic Featured Images from Videos automatic-featured-images-from-videos allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Automatic Featured Images from Videos: from n/a through = 1.2.4...

4.3CVSS0.00286EPSS
Exploits0References1
Snyk
Snyk
added 2025/04/01 9:30 a.m.4 views

Incorrect Authorization

Overview org.apache.activemq:artemis-server is a server package for the ActiveMQ-Artemis project. Affected versions of this package are vulnerable to Incorrect Authorization in the createQueue method in ServerSessionImpl.java, which is invoked by the createDurableQueue and createNonDurableQueue...

5.3CVSS6.8AI score0.0054EPSS
Exploits0References2
NVD
NVD
added 2025/04/01 8:15 a.m.29 views

CVE-2025-27427

A vulnerability exists in Apache ActiveMQ Artemis whereby a user with the createDurableQueue or createNonDurableQueue permission on an address can augment the routing-type supported by that address even if said user doesn't have the createAddress permission for that particular address. When...

4.3CVSS0.0054EPSS
Exploits0References2
CNNVD
CNNVD
added 2025/04/01 12:0 a.m.4 views

WordPress plugin Automatic Featured Images from Videos 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation. WordPress is a blogging platform developed in the PHP language. The platform supports personal blog sites on servers running PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability exists in...

4.3CVSS5.8AI score0.00286EPSS
Exploits0References2
Fedora
Fedora
added 2025/03/28 3:6 p.m.12 views

[SECURITY] Fedora 41 Update: nodejs-nodemon-3.1.9-3.fc41

Simple monitor script for use during development of a node.js app. For use during development of a node.js based application. nodemon will watch the files in the directory in which nodemon was started, and if any files change, nodemon will automatically restart your node application. nodemon does...

7.5CVSS7.9AI score0.01471EPSS
Exploits1
Citrix
Citrix
added 2025/03/28 12:0 a.m.10 views

Citrix : ADC: Netscaler VPX vs ESXi compatibility version

Netscaler VPX on ESXi got rebooted automatically...

7.2AI score
Exploits0
CNNVD
CNNVD
added 2025/03/27 12:0 a.m.2 views

WordPress plugin Scheduled & Automatic Order Status Controller for WooCommerce 输入验证错误漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. An input validation error...

4.7CVSS8.6AI score0.00436EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2025/03/27 12:0 a.m.2 views

PT-2025-20493

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A vulnerability in the Linux kernel has been resolved. The issue is related to the spi: fsl-qspi driver, where the use of devm APIs to manage resources and the legacy remove function cou...

5.5CVSS6AI score0.0022EPSS
Exploits0
Spring Security Advisories
Spring Security Advisories
added 2025/03/25 12:0 a.m.9 views

Using Spring AI 1.0.0-SNAPSHOT: Important Changes and Updates

Using Spring AI 1.0.0-SNAPSHOT: Important Changes and Updates Spring AI 1.0.0-SNAPSHOT introduces several important changes to artifact IDs, dependency management, and autoconfiguration. This blog post outlines these changes and provides guidance on how to update your projects. The most significa...

7.4AI score
Exploits0
CNNVD
CNNVD
added 2025/03/14 12:0 a.m.4 views

LogicalDOC 安全漏洞

LogicalDOC is a document management system developed using Java technology by LogicalDOC, Inc. in the United States. The system has features such as Lucene full-text search indexing and automatic importing. A security vulnerability exists in LogicalDOC that stems from an API used in the applicati...

7.1CVSS6.5AI score0.00421EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/03/14 12:0 a.m.32 views

Security Updates for Microsoft Access Products C2R (March 2025)

The Microsoft Access Products are missing a security update. It is, therefore, affected by the following vulnerability: - A remote code execution vulnerability. An attacker can exploit this to bypass authentication and execute unauthorized arbitrary commands. CVE-2025-26630 Note that Nessus has n...

7.8CVSS8.9AI score0.00916EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2025/03/10 12:0 a.m.8 views

Fedora 41 : buildah (2025-f7524afa1f)

The remote Fedora 41 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2025-f7524afa1f advisory. Automatic update for buildah-1.39.2-1.fc41. Security fix for CVE-2025-27144 Changelog for buildah Tue Mar 04 2025 Packit - 2:1.39.2-1 - Update to...

8.7CVSS6.9AI score0.00369EPSS
Exploits0References2
Rows per page
Query Builder