Lucene search
K

91 matches found

RedHat Linux
RedHat Linux
added 2026/06/22 6:28 a.m.8 views

kernel: libceph: prevent potential out-of-bounds reads in handle_auth_done()

In the Linux kernel, the following vulnerability has been resolved: libceph: prevent potential out-of-bounds reads in handleauthdone Perform an explicit bounds check on payloadlen to avoid a possible out-of-bounds access in the callout. idryomov: changelog...

9.8CVSS5.7AI score0.00351EPSS
Exploits0References5
RedhatCVE
RedhatCVE
added 2026/06/05 7:24 p.m.11 views

CVE-2026-8885

The DeMomentSomTres Shortcodes plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'callout' shortcode in all versions up to, and including, 1.1.1. This is due to insufficient input sanitization and output escaping on the 'width' and 'align' shortcode attributes...

6.4CVSS5.7AI score0.00181EPSS
Exploits0References1
NVD
NVD
added 2026/06/02 9:16 a.m.17 views

CVE-2026-8885

The DeMomentSomTres Shortcodes plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'callout' shortcode in all versions up to, and including, 1.1.1. This is due to insufficient input sanitization and output escaping on the 'width' and 'align' shortcode attributes...

6.4CVSS0.00181EPSS
Exploits0References3
EUVD
EUVD
added 2026/06/02 7:48 a.m.14 views

EUVD-2026-33893

The DeMomentSomTres Shortcodes plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'callout' shortcode in all versions up to, and including, 1.1.1. This is due to insufficient input sanitization and output escaping on the 'width' and 'align' shortcode attributes...

6.4CVSS6AI score0.00181EPSS
Exploits0References3
CVE
CVE
added 2026/06/02 7:48 a.m.15 views

CVE-2026-8885

The CVE-2026-8885 entry concerns the WordPress plugin DeMomentSomTres Shortcodes (versions

6.4CVSS6AI score0.00181EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2026/06/02 7:48 a.m.8 views

CVE-2026-8885 DeMomentSomTres Shortcodes <= 1.1.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode Attributes

The DeMomentSomTres Shortcodes plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'callout' shortcode in all versions up to, and including, 1.1.1. This is due to insufficient input sanitization and output escaping on the 'width' and 'align' shortcode attributes...

6.4CVSS6AI score0.00181EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/06/02 7:48 a.m.37 views

CVE-2026-8885 DeMomentSomTres Shortcodes <= 1.1.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode Attributes

The DeMomentSomTres Shortcodes plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'callout' shortcode in all versions up to, and including, 1.1.1. This is due to insufficient input sanitization and output escaping on the 'width' and 'align' shortcode attributes...

6.4CVSS0.00181EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2026/06/02 7:48 a.m.7 views

CVE-2026-8885

The DeMomentSomTres Shortcodes plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'callout' shortcode in all versions up to, and including, 1.1.1. This is due to insufficient input sanitization and output escaping on the 'width' and 'align' shortcode attributes...

6.4CVSS6AI score0.00181EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2026/06/02 12:0 a.m.15 views

PT-2026-45710

Name of the Vulnerable Software and Affected Versions DeMomentSomTres Shortcodes versions prior to 1.1.2 Description The DeMomentSomTres Shortcodes plugin for WordPress contains a Stored Cross-Site Scripting issue. This occurs because the st callout function fails to properly sanitize input and...

6.4CVSS6AI score0.00181EPSS
Exploits0References8
CVE
CVE
added 2026/01/23 3:24 p.m.39 views

CVE-2026-22984

CVE-2026-22984 affects the Linux kernel libceph path (handle_auth_done) and is resolved by an explicit bounds check on payload_len to prevent out-of-bounds reads. Upstream patch exists and has been incorporated in newer kernel releases (e.g., 6.6.130 per Mageia advisory); vendors: update to a ker...

9.8CVSS5.2AI score0.00351EPSS
Exploits0References6Affected Software1
Tenable Nessus
Tenable Nessus
added 2026/01/20 12:0 a.m.6 views

MiracleLinux 8 : pcre-8.42-6.el8 (AXSA:2021-2716:01)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2021-2716:01 advisory. pcre: Buffer over-read in JIT when UTF is disabled and \X or \R has fixed quantifier greater than 1 CVE-2019-20838 pcre: Integer overflow when parsi...

7.5CVSS7AI score0.04182EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/14 4:35 a.m.5 views

EUVD-2025-34135

Malicious code in private-callout-queue npm...

6.6AI score
Exploits0References1
Snyk
Snyk
added 2025/10/14 4:35 a.m.3 views

Malicious Package

Overview private-callout-queue is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...

9.8CVSS6.8AI score
Exploits0References2
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/10/14 3:46 a.m.5 views

Malicious code in private-callout-queue (npm)

The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 7962ea070e8c6d0dc03b62736d3b83c52ac2367d2f5949252c86fa295aac63b2 Any computer that has this package installed or running should be considered...

6.8AI score
Exploits0References1
OSV
OSV
added 2025/10/14 3:46 a.m.5 views

MAL-2025-48411 Malicious code in private-callout-queue (npm)

The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 7962ea070e8c6d0dc03b62736d3b83c52ac2367d2f5949252c86fa295aac63b2 Any computer that has this package installed or running should be considered...

6.8AI score
Exploits0References1
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2018-17508

Malware in sbrugna...

7.5CVSS6.9AI score0.01876EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.7 views

EUVD-2022-28982

Malicious code in bioql PyPI...

8.2CVSS8.1AI score0.00301EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2025-30235

Malicious code in bioql PyPI...

5.4CVSS6.3AI score0.00361EPSS
Exploits1References4
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2022-38298

Malicious code in bioql PyPI...

8.2CVSS8.1AI score0.00326EPSS
Exploits1References3
EUVD
EUVD
added 2025/10/03 8:7 p.m.3 views

EUVD-2024-36082

Malicious code in bioql PyPI...

7.5CVSS6.6AI score0.00152EPSS
Exploits0References2
Rows per page
Query Builder