Lucene search
+L

251 matches found

Nuclei
Nuclei
added 7 hours ago24 views

Liferay Portal & DXP - Cross-Site Scripting

Liferay Portal 7.4.0 through 7.4.3.133 and Liferay DXP 2024.Q1.1 through 2025.Q1.4 contain a reflected XSS caused by improper sanitization in entrycoverimagecaption.jsp, letting remote non-authenticated attackers inject JavaScript. id: CVE-2025-4576 info: name: Liferay Portal & DXP - Cross-Site...

6.9CVSS5.2AI score0.00588EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 6 days ago8 views

Linux Distros Unpatched Vulnerability : CVE-2026-61861

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ImageMagick before 7.1.2-26 contains a use-after-free vulnerability in the FormatMagickCaption method when memory allocation fails. Attackers can trigger memory...

7.5CVSS6.2AI score0.00323EPSS
Exploits0References3
OSV
OSV
added 2026/07/11 2:16 p.m.3 views

DEBIAN-CVE-2026-61861

ImageMagick before 7.1.2-26 contains a use-after-free vulnerability in the FormatMagickCaption method when memory allocation fails. Attackers can trigger memory allocation failures to cause a dangling pointer to reference freed memory, potentially enabling denial of service or code execution...

7.5CVSS6.2AI score0.00323EPSS
Exploits0References1
OSV
OSV
added 2026/07/11 1:1 p.m.4 views

CVE-2026-61861 ImageMagick before 7.1.2-26 Use-After-Free in FormatMagickCaption

ImageMagick before 7.1.2-26 contains a use-after-free vulnerability in the FormatMagickCaption method when memory allocation fails. Attackers can trigger memory allocation failures to cause a dangling pointer to reference freed memory, potentially enabling denial of service or code execution...

6.3CVSS6.2AI score0.00323EPSS
Exploits0References4
CVE
CVE
added 2026/07/11 1:1 p.m.20 views

CVE-2026-61861

CVE-2026-61861 affects ImageMagick prior to 7.1.2-26. A use-after-free in the FormatMagickCaption path occurs when memory allocation fails, allowing a dangling pointer to reference freed memory. This can lead to denial of service or potentially arbitrary code execution. Multiple sources (NVD, Deb...

7.5CVSS6.2AI score0.00323EPSS
Exploits0References2Affected Software1
Positive Technologies
Positive Technologies
added 2026/07/11 12:0 a.m.8 views

PT-2026-57446

Name of the Vulnerable Software and Affected Versions ImageMagick versions prior to 7.1.2-26 Description A use-after-free issue exists in the FormatMagickCaption function. This occurs when memory allocation fails, causing a dangling pointer to reference memory that has already been freed. An...

7.5CVSS6.3AI score0.00323EPSS
Exploits0References18
CVE
CVE
added 2026/06/30 6:0 a.m.13 views

CVE-2026-11581

The CVE-2026-11581 entry concerns the Kali Forms — Contact Form & Drag-and-Drop Builder for WordPress, vulnerable before version 2.4.13. The form captions (columns on the form-entries admin screen) are not sanitized, allowing stored XSS where a user with Contributor-level access (or higher) can i...

5.9CVSS5.8AI score0.0014EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/30 6:0 a.m.9 views

EUVD-2026-40261

The Kali Forms — Contact Form & Drag-and-Drop Builder WordPress plugin before 2.4.13 does not sanitise a form field's caption before outputting it as a column header on the administrator form-entries screen, allowing users with Contributor-level access or above to store JavaScript that executes i...

5.9CVSS5.8AI score0.0014EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:36 p.m.9 views

CVE-2026-41127

BigBlueButton is an open-source virtual classroom. Versions prior to 3.0.24 have a missing authorization that allows viewers to inject/overwrite captions Version 3.0.24 tightened the permissions on who is able to submit captions. No known workarounds are available...

6.5CVSS5.5AI score0.00178EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:29 p.m.11 views

CVE-2026-4665

The WP Carousel Free plugin for WordPress is vulnerable to Stored Cross-Site Scripting via crafted fancybox data-caption attributes in all versions up to, and including, 2.7.10. This is due to the fancybox-config.js script reading the carousel container's id attribute directly from the DOM to...

6.4CVSS5.7AI score0.00281EPSS
Exploits0References1
EUVD
EUVD
added 2026/05/27 5:31 a.m.15 views

EUVD-2026-32072

The Mutual Funds Data plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'title' shortcode attribute in versions up to, and including, 1.2.1. This is due to insufficient input sanitization and output escaping on the user supplied 'title' attribute in the mfdshortcode...

6.4CVSS6AI score0.00235EPSS
Exploits0References3
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.5 views

Astra Linux – Vulnerability in Chromium

The use of “after free” in the Live Caption feature in Google Chrome before version 108.0.5359.71 allowed a remote attacker who convinced a user to engage in specific UI interactions to potentially exploit heap corruption through such interactions. Chromium security severity: Medium...

8.8CVSS7.3AI score0.0083EPSS
Exploits0References2
EUVD
EUVD
added 2026/05/05 6:31 a.m.9 views

EUVD-2026-27181

The WP Carousel Free plugin for WordPress is vulnerable to Stored Cross-Site Scripting via crafted fancybox data-caption attributes in all versions up to, and including, 2.7.10. This is due to the fancybox-config.js script reading the carousel container's id attribute directly from the DOM to...

6.4CVSS6AI score0.00281EPSS
Exploits0References5
NVD
NVD
added 2026/05/05 4:16 a.m.12 views

CVE-2026-4665

The WP Carousel Free plugin for WordPress is vulnerable to Stored Cross-Site Scripting via crafted fancybox data-caption attributes in all versions up to, and including, 2.7.10. This is due to the fancybox-config.js script reading the carousel container's id attribute directly from the DOM to...

6.4CVSS0.00281EPSS
Exploits0References4
Cvelist
Cvelist
added 2026/05/05 3:37 a.m.69 views

CVE-2026-4665 WP Carousel Free <= 2.7.10 - Authenticated (Contributor+) Stored Cross-Site Scripting via 'data-caption' Attribute

The WP Carousel Free plugin for WordPress is vulnerable to Stored Cross-Site Scripting via crafted fancybox data-caption attributes in all versions up to, and including, 2.7.10. This is due to the fancybox-config.js script reading the carousel container's id attribute directly from the DOM to...

6.4CVSS0.00281EPSS
Exploits0References4
ATTACKERKB
ATTACKERKB
added 2026/05/05 3:37 a.m.4 views

CVE-2026-4665

The WP Carousel Free plugin for WordPress is vulnerable to Stored Cross-Site Scripting via crafted fancybox data-caption attributes in all versions up to, and including, 2.7.10. This is due to the fancybox-config.js script reading the carousel container's id attribute directly from the DOM to...

6.4CVSS6AI score0.00281EPSS
Exploits0References5
Vulnrichment
Vulnrichment
added 2026/05/05 3:37 a.m.6 views

CVE-2026-4665 WP Carousel Free <= 2.7.10 - Authenticated (Contributor+) Stored Cross-Site Scripting via 'data-caption' Attribute

The WP Carousel Free plugin for WordPress is vulnerable to Stored Cross-Site Scripting via crafted fancybox data-caption attributes in all versions up to, and including, 2.7.10. This is due to the fancybox-config.js script reading the carousel container's id attribute directly from the DOM to...

6.4CVSS6AI score0.00281EPSS
Exploits0References4
CVE
CVE
added 2026/05/05 3:37 a.m.20 views

CVE-2026-4665

The CVE-2026-4665 entry concerns the WP Carousel Free plugin for WordPress (versions up to 2.7.10). Concrete details from connected documents describe a Stored Cross-Site Scripting flaw in the handling of fancybox data-caption attributes. The root cause is the fancybox-config.js logic reading the...

6.4CVSS6AI score0.00281EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2026/05/05 12:0 a.m.15 views

PT-2026-36965

The WP Carousel Free plugin for WordPress is vulnerable to Stored Cross-Site Scripting via crafted fancybox data-caption attributes in all versions up to, and including, 2.7.10. This is due to the fancybox-config.js script reading the carousel container's id attribute directly from the DOM to...

6.4CVSS6AI score0.00281EPSS
Exploits0References5
CVE
CVE
added 2026/04/24 2:57 a.m.31 views

CVE-2026-41318

AnythingLLM prior to v1.12.1 is vulnerable to stored DOM-based XSS via an unsafe image rendering rule and unsanitized chart captions in the Chartable component. The vulnerability arises because renderMarkdown(...) output is sanitized in all call sites except Chartable, where LLM-generated caption...

5.4CVSS5.7AI score0.00195EPSS
Exploits1References2Affected Software1
Rows per page
Query Builder