Lucene search
K

2405 matches found

OSV
OSV
added 2025/02/01 12:0 a.m.24 views

ASB-A-305695605

In multiple locations, there is a possible way to launch an activity from the background due to BAL Bypass. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

7.3AI score
Exploits0References4
OSV
OSV
added 2025/01/30 7:13 p.m.120 views

BIT-GITLAB-2025-0290 Loop with Unreachable Exit Condition ('Infinite Loop') in GitLab

An issue has been discovered in GitLab CE/EE affecting all versions starting from 15.0 prior to 17.5.5, from 17.6 prior to 17.6.3, and from 17.7 prior to 17.7.1. Under certain conditions, processing of CI artifacts metadata could cause background jobs to become unresponsive...

4.3CVSS4.1AI score0.00358EPSS
Exploits0References2
NVD
NVD
added 2025/01/28 9:15 a.m.27 views

CVE-2025-0290

An issue has been discovered in GitLab CE/EE affecting all versions starting from 15.0 prior to 17.5.5, from 17.6 prior to 17.6.3, and from 17.7 prior to 17.7.1. Under certain conditions, processing of CI artifacts metadata could cause background jobs to become unresponsive...

4.3CVSS0.00358EPSS
Exploits0References1
OSV
OSV
added 2025/01/28 9:15 a.m.2 views

UBUNTU-CVE-2025-0290

An issue has been discovered in GitLab CE/EE affecting all versions starting from 15.0 prior to 17.5.5, from 17.6 prior to 17.6.3, and from 17.7 prior to 17.7.1. Under certain conditions, processing of CI artifacts metadata could cause background jobs to become unresponsive...

4.3CVSS5.7AI score0.00358EPSS
Exploits0References3
CVE
CVE
added 2025/01/28 8:45 a.m.437 views

CVE-2025-0290

CVE-2025-0290 affects GitLab CE/EE since 15.0 up to but not including 17.5.5, from 17.6 up to 17.6.3, and from 17.7 up to 17.7.1. Under certain conditions, processing of CI artifacts metadata could cause background jobs to become unresponsive. The connected sources indicate fixed versions: upgrad...

4.3CVSS6.6AI score0.00358EPSS
Exploits0References1Affected Software1
CNNVD
CNNVD
added 2025/01/28 12:0 a.m.2 views

GitLab Community Edition和GitLab Enterprise Edition 安全漏洞

GitLab Enterprise Edition EE and GitLab Community Edition CE are both products of GitLab, Inc. GitLab Enterprise Edition is a content management system. GitLab Enterprise Edition is a content management system. A security vulnerability exists in GitLab Community Edition and GitLab Enterprise...

4.3CVSS6.5AI score0.00358EPSS
Exploits0References1
NVD
NVD
added 2025/01/22 3:15 p.m.5 views

CVE-2025-23948

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Webarea Background animation blocks background-animation-blocks allows PHP Local File Inclusion.This issue affects Background animation blocks: from n/a through = 2.1.5...

8.1CVSS0.00879EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/01/22 2:29 p.m.19 views

CVE-2025-23948 WordPress Background animation blocks Plugin <= 2.1.5 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Webarea Background animation blocks background-animation-blocks allows PHP Local File Inclusion.This issue affects Background animation blocks: from n/a through = 2.1.5...

8.1CVSS0.00879EPSS
Exploits0References1
CVE
CVE
added 2025/01/22 2:29 p.m.46 views

CVE-2025-23948

CVE-2025-23948 – Background animation blocks (WordPress plugin) is an active vulnerability caused by improper control of filenames in PHP include/require statements, enabling unauthenticated PHP Local File Inclusion. Affected component: Background animation blocks; affected versions: up to 2.1.5 ...

8.1CVSS7.2AI score0.00879EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/01/22 2:29 p.m.4 views

CVE-2025-23948 WordPress Background animation blocks Plugin <= 2.1.5 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Webarea Background animation blocks background-animation-blocks allows PHP Local File Inclusion.This issue affects Background animation blocks: from n/a through = 2.1.5...

8.1CVSS7.2AI score0.00879EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/01/22 12:0 a.m.2 views

WordPress plugin Background animation blocks 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation. WordPress is a blogging platform developed in the PHP language. The platform supports personal blog sites on servers running PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability exists in th...

8.1CVSS8AI score0.00879EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2025/01/22 12:0 a.m.4 views

PT-2025-5225 · Unknown · Webarea Background Animation Blocks

Name of the Vulnerable Software and Affected Versions: WebArea Background animation blocks versions 2.1.5 and earlier Description: The issue is related to improper control of filename for Include/Require Statement in PHP Program, also known as 'PHP Remote File Inclusion', which allows PHP Local...

8.1CVSS9.5AI score0.00879EPSS
Exploits0References5
NVD
NVD
added 2025/01/16 8:15 p.m.4 views

CVE-2025-23573

Cross-Site Request Forgery CSRF vulnerability in sammyb WP Background Tile wp-background-tile allows Stored XSS.This issue affects WP Background Tile: from n/a through = 1.0...

7.1CVSS0.00184EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/01/16 8:6 p.m.13 views

CVE-2025-23573 WordPress WP Background Tile plugin <= 1.0 - CSRF to Stored XSS vulnerability

Cross-Site Request Forgery CSRF vulnerability in sammyb WP Background Tile wp-background-tile allows Stored XSS.This issue affects WP Background Tile: from n/a through = 1.0...

7.1CVSS0.00184EPSS
Exploits0References1
CVE
CVE
added 2025/01/16 8:6 p.m.41 views

CVE-2025-23573

CVE-2025-23573 is a Cross-Site Request Forgery (CSRF) vulnerability in the WP Background Tile plugin that allows Stored XSS. Affected: WP Background Tile from n/a through version 1.0. Red Hat and other connected documents corroborate the CSRF-to-Stored-XSS nature but do not provide additional tec...

7.1CVSS7.2AI score0.00184EPSS
Exploits0References1
Patchstack
Patchstack
added 2025/01/16 6:43 p.m.3 views

WordPress Editor Wysiwyg Background Color plugin <= 1.0 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Mika in WordPress Plugin Editor Wysiwyg Background Color versions = 1.0...

6.5CVSS7AI score0.00308EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2025/01/16 6:43 p.m.4 views

WordPress Background animation blocks Plugin <= 2.1.5 - Local File Inclusion vulnerability

Local File Inclusion vulnerability discovered by LVT-tholv2k in WordPress Plugin Background animation blocks versions = 2.1.5...

8.1CVSS7AI score0.00879EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2025/01/16 6:41 p.m.2 views

WordPress WP Background Tile plugin <= 1.0 - CSRF to Stored XSS vulnerability

CSRF to Stored XSS vulnerability discovered by SOPROBRO in WordPress Plugin WP Background Tile versions = 1.0...

7.1CVSS6.2AI score0.00184EPSS
Exploits0Affected Software1
Positive Technologies
Positive Technologies
added 2025/01/16 12:0 a.m.2 views

PT-2025-4947 · WordPress · Wp Background Tile

Name of the Vulnerable Software and Affected Versions: WP Background Tile versions n/a through 1.0 Description: The issue is related to a Cross-Site Request Forgery CSRF vulnerability that allows Stored XSS. This means an attacker can trick a user into performing unintended actions on a web...

7.1CVSS9.1AI score0.00184EPSS
Exploits0References3
CNNVD
CNNVD
added 2025/01/16 12:0 a.m.3 views

WordPress plugin WP Background Tile 跨站请求伪造漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site request forger...

7.1CVSS8.2AI score0.00184EPSS
Exploits0References1
Rows per page
Query Builder