Lucene search
+L

5182 matches found

CNNVD
CNNVD
added 2026/03/25 12:0 a.m.7 views

WordPress plugin B Blocks 安全漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. Versions...

6.5CVSS5.8AI score0.00235EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/03/25 12:0 a.m.8 views

PT-2026-28003

Name of the Vulnerable Software and Affected Versions bPlugins B Blocks versions prior to 2.0.30 Description An authorization issue exists in bPlugins B Blocks that allows exploitation of incorrectly configured access control security levels. Recommendations Update bPlugins B Blocks to version...

6.5CVSS5.9AI score0.00235EPSS
Exploits0References3
Patchstack
Patchstack
added 2026/03/23 1:28 p.m.9 views

WordPress B Blocks plugin < 2.0.30 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by w41bu1 in WordPress Plugin B Blocks versions 2.0.30...

6.5CVSS5.8AI score0.00235EPSS
Exploits0Affected Software1
Snyk
Snyk
added 2026/03/06 7:14 a.m.11 views

Malicious Package

Overview sap-b is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package authorship...

9.8CVSS5.4AI score
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/03/03 12:0 a.m.5 views

Unity Linux 20.1070e Security Update: kernel (UTSA-2026-005551)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-005551 advisory. In the Linux kernel, the following vulnerability has been resolved: nilfs2: fix potential null-ptr-deref in nilfsbtreeinsert Patch series nilfs2: fix potential issue...

5.5CVSS6.8AI score0.00261EPSS
Exploits0References3
RedHat Linux
RedHat Linux
added 2026/02/09 8:37 p.m.4 views

keycloak: Incorrect ownership checks in /uma-policy/

A flaw was found in Keycloak. A significant Broken Access Control vulnerability exists in the UserManagedPermissionService UMA Protection API. When updating or deleting a UMA policy associated with multiple resources, the authorization check only verifies the caller's ownership against the first...

5.4CVSS5.8AI score0.00287EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2026/02/04 1:20 p.m.6 views

CVE-2026-20704

Cross-site request forgery vulnerability exists in ELECOM wireless LAN products. If a user accesses a malicious page while logged-in to the affected product, unintended operations may be performed...

5.1CVSS6.1AI score0.00133EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/02/04 1:20 p.m.9 views

CVE-2026-22550

OS command injection vulnerability exists in ELECOM wireless LAN products. A crafted request from a logged-in user may lead to an arbitrary OS command execution...

8.8CVSS7.2AI score0.01664EPSS
Exploits0References1
NVD
NVD
added 2026/02/03 7:16 a.m.10 views

CVE-2026-20704

Cross-site request forgery vulnerability exists in ELECOM wireless LAN products. If a user accesses a malicious page while logged-in to the affected product, unintended operations may be performed...

5.1CVSS0.00133EPSS
Exploits0References2
NVD
NVD
added 2026/02/03 7:16 a.m.8 views

CVE-2026-24449

For WRC-X1500GS-B and WRC-X1500GSA-B, the initial passwords can be calculated easily from the system information...

5.1CVSS0.00188EPSS
Exploits0References2
NVD
NVD
added 2026/02/03 7:16 a.m.7 views

CVE-2026-22550

OS command injection vulnerability exists in ELECOM wireless LAN products. A crafted request from a logged-in user may lead to an arbitrary OS command execution...

8.8CVSS0.01664EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/02/03 6:57 a.m.2 views

CVE-2026-24449

For WRC-X1500GS-B and WRC-X1500GSA-B, the initial passwords can be calculated easily from the system information...

5.1CVSS5.3AI score0.00188EPSS
Exploits0References2
EUVD
EUVD
added 2026/02/03 6:57 a.m.5 views

EUVD-2026-5271

For WRC-X1500GS-B and WRC-X1500GSA-B, the initial passwords can be calculated easily from the system information...

5.1CVSS5.3AI score0.00188EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/02/03 6:57 a.m.30 views

CVE-2026-24449

For WRC-X1500GS-B and WRC-X1500GSA-B, the initial passwords can be calculated easily from the system information...

5.1CVSS0.00188EPSS
Exploits0References2
CVE
CVE
added 2026/02/03 6:57 a.m.24 views

CVE-2026-24449

CVE-2026-24449 affects WRC- X1500GS-B and WRC-X1500GSA-B. The initial passwords can be calculated from system information, indicating weak default credential handling. The available documents confirm affected devices and the easy-recovery of initial passwords; no public details on a fix or update...

5.1CVSS5.3AI score0.00188EPSS
Exploits0References2Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/02/03 6:57 a.m.5 views

CVE-2026-24449

For WRC-X1500GS-B and WRC-X1500GSA-B, the initial passwords can be calculated easily from the system information...

5.1CVSS5.3AI score0.00188EPSS
Exploits0References3
EUVD
EUVD
added 2026/02/03 6:56 a.m.5 views

EUVD-2026-5270

OS command injection vulnerability exists in WRC-X1500GS-B and WRC-X1500GSA-B. A crafted request from a logged-in user may lead to an arbitrary OS command execution...

8.6CVSS5.6AI score0.01664EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/02/03 6:56 a.m.29 views

CVE-2026-22550

OS command injection vulnerability exists in ELECOM wireless LAN products. A crafted request from a logged-in user may lead to an arbitrary OS command execution...

8.6CVSS0.01664EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/02/03 6:56 a.m.5 views

CVE-2026-22550

OS command injection vulnerability exists in ELECOM wireless LAN products. A crafted request from a logged-in user may lead to an arbitrary OS command execution...

8.6CVSS7.2AI score0.01664EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/02/03 6:56 a.m.4 views

CVE-2026-20704

Cross-site request forgery vulnerability exists in ELECOM wireless LAN products. If a user accesses a malicious page while logged-in to the affected product, unintended operations may be performed...

5.1CVSS6.1AI score0.00133EPSS
Exploits0References3Affected Software15
Rows per page
Query Builder