Lucene search
+L

9 matches found

alpinelinux
alpinelinux
added 2026/04/07 4:38 p.m.4 views

CVE-2026-35611

Addressable is an alternative implementation to the URI implementation that is part of Ruby's standard library. From 2.3.0 to before 2.9.0, within the URI template implementation in Addressable, two classes of URI template generate regular expressions vulnerable to catastrophic backtracking...

7.5CVSS5.2AI score0.0036EPSS
Exploits0
githubexploit
githubexploit
added 2026/02/20 8:26 p.m.261 views

Exploit for CVE-2025-2304

CVE-2025-2304-Camaleon-C...

9.4CVSS5.3AI score0.00566EPSS
Exploits17
attackerkb
attackerkb
added 2022/07/11 1:15 p.m.6 views

CVE-2022-1910

The Shortcodes and extra features for Phlox WordPress plugin before 2.9.8 does not sanitise and escape a parameter before outputting it back in the response, leading to a Reflected Cross-Site Scripting...

6.1CVSS6.4AI score0.01347EPSS
Exploits1References3
osv
osv
added 2021/05/18 12:15 p.m.1 views

DEBIAN-CVE-2021-3518

There's a flaw in libxml2 in versions before 2.9.11. An attacker who is able to submit a crafted file to be processed by an application linked with libxml2 could trigger a use-after-free. The greatest impact from this flaw is to confidentiality, integrity, and availability...

8.8CVSS7.1AI score0.03653EPSS
Exploits0References1
cnnvd
cnnvd
added 2021/05/14 12:0 a.m.8 views

WordPress plugin Tree Sitemap 安全漏洞

WordPress is the Wordpress Foundation's set of blogging platform developed using the PHP language . The platform supports PHP and MySQL servers to set up a personal blog site.WordPress Plugin is a WordPress open source application plugin . An authorization issue vulnerability exists in versions o...

8.8CVSS5.8AI score0.01325EPSS
Exploits2References2
cnvd
cnvd
added 2020/08/05 12:0 a.m.1 views

Solidus Input Validation Error Vulnerability

Solidus is an open source e-commerce system. An input validation error vulnerability exists in Solidus versions prior to 2.8.6, prior to 2.9.6, and prior to 2.10.2. The vulnerability stems from a network system or product that does not properly validate incoming data. No detailed vulnerability...

5.3CVSS6.8AI score0.00896EPSS
Exploits1References1
redhat
redhat
added 2020/06/15 4:18 p.m.7 views

jackson-databind: server-side request forgery (SSRF) in axis2-jaxws class

FasterXML jackson-databind 2.x before 2.9.7 might allow remote attackers to conduct server-side request forgery SSRF attacks by leveraging failure to block the axis2-jaxws class from polymorphic deserialization...

10CVSS7.4AI score0.10458EPSS
Exploits0References4
cnvd
cnvd
added 2020/02/24 12:0 a.m.7 views

wolfSSL buffer overflow vulnerability (CNVD-2020-13495)

wolfSSL formerly known as CyaSSL is the United States wolfSSL company for embedded systems developers to use a small, portable embedded SSL programming library. A buffer overflow vulnerability exists in wolfSSL CyaSSL versions prior to 2.9.4. The vulnerability stems from a networked system or...

9.8CVSS7.3AI score0.0277EPSS
Exploits0References1
ptsecurity
ptsecurity
added 2018/11/29 12:0 a.m.8 views

PT-2018-13775

Name of the Vulnerable Software and Affected Versions Ansible Engine versions prior to 2.9 Description The issue allows for 'become' passwords to appear in EventLogs in plaintext when executing Ansible playbooks on Windows platforms with PowerShell ScriptBlock logging and Module logging enabled. ...

6.7CVSS7.2AI score0.00535EPSS
Exploits0References164
Rows per page
Query Builder