Lucene search
K

5174 matches found

CNNVD
CNNVD
added 2026/01/22 12:0 a.m.7 views

Ruijie AP180 Series Operating System Command Injection Vulnerability

The Ruijie AP180 Series is a series of panel-type wireless access points produced by the Chinese company Ruijie. Previous versions of the Ruijie AP180 Series, including those with model number 11.94B1P8, had a vulnerability related to operating system command injection. This vulnerability stems...

8.6CVSS7.3AI score0.0154EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/01/22 12:0 a.m.9 views

PT-2026-4267

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in bPlugins B Slider b-slider allows DOM-Based XSS.This issue affects B Slider: from n/a through = 2.0.6...

5.4AI score0.00129EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/01/22 12:0 a.m.7 views

WordPress plugin B Slider has a cross-site scripting vulnerability

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...

6.5CVSS5.7AI score0.00129EPSS
Exploits0References1
Patchstack
Patchstack
added 2026/01/21 6:33 p.m.7 views

WordPress B Accordion plugin <= 2.0.1 - Sensitive Data Exposure vulnerability

Sensitive Data Exposure vulnerability discovered by theviper17 in WordPress Plugin B Accordion versions = 2.0.1...

6.5CVSS5.3AI score0.00276EPSS
Exploits0Affected Software1
OSV
OSV
added 2026/01/21 3:54 a.m.9 views

MAL-2026-400 Malicious code in victim-package-b (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 152e8188fd82f0ea4ee410d725bb96ab33af5767241fcefb555ef8dfaffd39bf The package victim-package-b was found to contain malicious code. Source: ghsa-malware 324aadc54f696916c968e82f4704d088384eab1ce76c08f2a3d3d0aa59fece...

5.5AI score
Exploits0References1
Snyk
Snyk
added 2026/01/21 3:54 a.m.5 views

Malicious Package

Overview victim-package-b is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...

9.8CVSS5.5AI score
Exploits0References2
EUVD
EUVD
added 2026/01/21 3:54 a.m.4 views

EUVD-2026-3771

Malicious code in victim-package-b npm...

5.5AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/01/21 3:54 a.m.10 views

Malicious code in victim-package-b (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 152e8188fd82f0ea4ee410d725bb96ab33af5767241fcefb555ef8dfaffd39bf The package victim-package-b was found to contain malicious code. Source: ghsa-malware 324aadc54f696916c968e82f4704d088384eab1ce76c08f2a3d3d0aa59fece...

5.5AI score
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 11:21 a.m.7 views

CVE-2021-22660

CNCSoft-B Versions 1.0.0.3 and prior is vulnerable to an out-of-bounds read, which may allow an attacker to execute arbitrary code...

7.8CVSS7.4AI score0.02025EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 11:21 a.m.10 views

CVE-2021-22664

CNCSoft-B Versions 1.0.0.3 and prior is vulnerable to an out-of-bounds write, which may allow an attacker to execute arbitrary code...

7.8CVSS7.5AI score0.0156EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 10:56 a.m.5 views

CVE-2022-38814

A stored cross-site scripting XSS vulnerability in the authsettings component of FiberHome AN5506-02-B vRP2521 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the sncfgloid text field...

5.4CVSS5.1AI score0.02501EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2026/01/09 10:56 a.m.6 views

CVE-2022-38463

ServiceNow through San Diego Patch 4b and Patch 6 allows reflected XSS in the logout functionality...

6.1CVSS6.3AI score0.02258EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 9:20 a.m.8 views

CVE-2021-33882

A Missing Authentication for Critical Function vulnerability in B. Braun SpaceCom2 prior to 012U000062 allows a remote attacker to reconfigure the device from an unknown source because of lack of authentication on proprietary networking commands...

8.6CVSS7.2AI score0.011EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 9:14 a.m.14 views

CVE-2022-23001

When compressing or decompressing elliptic curve points using the Sweet B library, an incorrect choice of sign bit is used. An attacker with user level privileges and no other user's assistance can exploit this vulnerability with only knowledge of the public key and the library. The resulting...

5.3CVSS6.9AI score0.00615EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 9:2 a.m.6 views

CVE-2023-25177

Delta Electronics' CNCSoft-B DOPSoft versions 1.0.0.4 and prior are vulnerable to stack-based buffer overflow, which could allow an attacker to execute arbitrary code...

7.8CVSS7.7AI score0.00347EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 8:52 a.m.11 views

CVE-2021-33886

An improper sanitization of input vulnerability in B. Braun SpaceCom2 prior to 012U000062 allows a remote unauthenticated attacker to gain user-level command-line access by passing a raw external string straight through to printf statements. The attacker is required to be on the same network as t...

8.8CVSS7.2AI score0.00827EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2026/01/09 8:49 a.m.8 views

CVE-2021-22280

Improper DLL loading algorithms in B Automation Studio versions =4.0 and 4.12 may allow an authenticated local attacker to execute code in the context of the product...

7.2CVSS6.9AI score0.00166EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 8:49 a.m.10 views

CVE-2021-22289

Improper Input Validation vulnerability in the project upload mechanism in B Automation Studio version =4.0 may allow an unauthenticated network attacker to execute code...

9.8CVSS7.2AI score0.00648EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 8:35 a.m.11 views

CVE-2020-24682

Unquoted Search Path or Element vulnerability in B Industrial Automation Automation Studio, B Industrial Automation NET/PVI allows Target Programs with Elevated Privileges.This issue affects Automation Studio: from 4.0 through 4.6, from 4.7.0 before 4.7.7 SP, from 4.8.0 before 4.8.6 SP, from 4.9....

7.8CVSS6.9AI score0.00149EPSS
Exploits0References1
Patchstack
Patchstack
added 2025/12/31 12:0 a.m.4 views

WordPress B Slider- Gutenberg Slider Block for WP plugin <= 1.1.30 - Authenticated (Subscriber+) Missing Authorization to Arbitrary Plugin Installation vulnerability

Authenticated Subscriber+ Missing Authorization to Arbitrary Plugin Installation vulnerability discovered by wesley wcraft in WordPress Plugin B Slider versions = 1.1.30...

8.8CVSS5.5AI score0.00548EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder