Lucene search
K

31 matches found

NVD
NVD
added 2026/06/20 7:16 p.m.13 views

CVE-2026-56347

AVideo TopMenu plugin through version 26.0 contains a stored cross-site scripting vulnerability in menu item rendering due to missing output encoding of icon classes, URLs, and text labels. Attackers can inject malicious JavaScript through unescaped menu item fields that execute for all site...

6.1CVSS0.00167EPSS
Exploits0References2
CNNVD
CNNVD
added 2025/12/01 12:0 a.m.6 views

vLLM 代码注入漏洞

vLLM is a vLLM open source high throughput and memory efficient inference and service engine for LLM. A code injection vulnerability exists in vLLM versions prior to 0.11.1 that stems from the presence of a remote code execution vector in the NemotronNanoVLConfig configuration class, which could...

8.8CVSS6.5AI score0.00598EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2008-2359

Malware in sbrugna...

9.3CVSS6AI score0.05849EPSS
Exploits1References13
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2021-2594

Malware in sbrugna...

9.8CVSS9.2AI score0.02137EPSS
Exploits0References6
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2024-0913

Malicious code in bioql PyPI...

8.8CVSS8.6AI score0.01555EPSS
Exploits3References10
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2024-50260

Malicious code in bioql PyPI...

8.8CVSS6.6AI score0.00758EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/09/24 12:0 a.m.14 views

RHEL 8 : kpatch-patch-4_18_0-553_16_1, kpatch-patch-4_18_0-553_30_1, kpatch-patch-4_18_0-553_40_1, kpatch-patch-4_18_0-553_53_1, and kpatch-patch-4_18_0-553_72_1 (RHSA-2025:16582)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2025:16582 advisory. This is a kernel live patch module which can be loaded by the kpatch command line utility to modify the code of a running kernel. This patc...

7.8CVSS7.4AI score0.00369EPSS
Exploits3References11
BDU FSTEC
BDU FSTEC
added 2025/02/24 12:0 a.m.4 views

The vulnerability of the XWiki.SearchSuggestSourceClass class in the XWiki platform, a collaborative web application platform. This vulnerability allows attackers to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the XWiki.SearchSuggestSourceClass in the XWiki platform is related to improper code generation management. Exploiting this vulnerability allows a malicious actor to compromise the confidentiality, integrity, and accessibility of the protected information...

9.9CVSS5.5AI score0.75575EPSS
Exploits1References2Affected Software1
RedhatCVE
RedhatCVE
added 2025/02/05 5:12 p.m.7 views

CVE-2019-19849

An issue was discovered in TYPO3 before 8.7.30, 9.x before 9.5.12, and 10.x before 10.2.2. It has been discovered that the classes QueryGenerator and QueryView are vulnerable to insecure deserialization. One exploitable scenario requires having the system extension ext:lowlevel Backend Module: DB...

8.8CVSS6.6AI score0.01267EPSS
Exploits0References1
CNNVD
CNNVD
added 2024/05/14 12:0 a.m.2 views

Laundry Management System 授权问题漏洞

Laundry Management System is a laundry management system. An authorization issue vulnerability exists in Online Laundry Management System version 1.0, which stems from an improper authorization vulnerability in the adminclass.php file...

8.8CVSS4.9AI score0.00818EPSS
Exploits1References6
CNNVD
CNNVD
added 2024/03/29 12:0 a.m.4 views

CodeIgniter 安全漏洞

CodeIgniter is an open source web framework written in the PHP language. A security vulnerability exists in CodeIgniter v4.4.7 and earlier versions, which stems from a security issue contained in the Language class, and can be exploited by an attacker to consume large amounts of server memory...

7.5CVSS7.2AI score0.00773EPSS
Exploits0References3
AlmaLinux
AlmaLinux
added 2023/05/16 12:0 a.m.28 views

Moderate: python-mako security update

Mako is a template library written in Python. It provides a familiar, non-XML syntax which compiles into Python modules for maximum performance. Security Fixes: mako: REDoS in Lexer class CVE-2022-40023 For more details about the security issues, including the impact, a CVSS score, acknowledgment...

7.5CVSS6.7AI score0.01656EPSS
Exploits1References4
CNNVD
CNNVD
added 2023/04/28 12:0 a.m.5 views

Faculty Evaluation System SQL注入漏洞

Faculty Evaluation System is a faculty evaluation system by the individual developer Carlo Montero. A SQL injection vulnerability exists in Faculty Evaluation System version 1.0, which stems from an SQL injection issue in the id parameter of ajax.php?action=deleteclass...

9.8CVSS7.2AI score0.00798EPSS
Exploits1References4
CNNVD
CNNVD
added 2023/04/14 12:0 a.m.2 views

Video Sharing Website SQL注入漏洞

Video Sharing Website is a video sharing website. A SQL injection vulnerability exists in Campcodes Video Sharing Website version 1.0, which stems from a problem with the file adminclass.php, where manipulation of the parameter email can lead to sql injection...

7.5CVSS6.9AI score0.00605EPSS
Exploits1References4
CNNVD
CNNVD
added 2023/03/23 12:0 a.m.7 views

Automatic Question Paper Generator System SQL注入漏洞

Automatic Question Paper Generator System is an automatic question paper generator system by Carlo Montero Personal Developer. A SQL injection vulnerability exists in SourceCodester Automatic Question Paper Generator System version 1.0, which is caused by unknown code in admin/courses/viewclass.p...

9.8CVSS7AI score0.00541EPSS
Exploits0References3
Prion
Prion
added 2022/02/21 6:15 p.m.21 views

Path traversal

"Sametime Android potential path traversal vulnerability when using File class"...

2.1CVSS5.6AI score0.00247EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2021/11/29 12:25 p.m.36 views

CVE-2021-43697

Workerman-ThinkPHP-Redis last update Mar 16, 2018 is affected by a Cross Site Scripting XSS vulnerability. In file Controller.class.php, the exit function will terminate the script and print the message to the user. The message will contain $GETC'VARJSONPHANDLER' then there is a XSS vulnerability...

6AI score0.00641EPSS
Exploits1References1
Tenable Nessus
Tenable Nessus
added 2021/09/16 12:0 a.m.53 views

Ubuntu 16.04 ESM : Python vulnerabilities (USN-5083-1)

The remote Ubuntu 16.04 ESM host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-5083-1 advisory. It was discovered that Python incorrectly handled certain RFCs. An attacker could possibly use this issue to cause a denial of service. This issue only...

7.5CVSS7.1AI score0.11586EPSS
Exploits2References3
Snyk
Snyk
added 2021/06/24 10:55 a.m.3 views

Denial of Service (DoS)

Overview bindata is a BinData is a declarative way to read and write binary file formats. This means the programmer specifies what the format of the binary data is, and BinData works out how to read and write data in this format. It is an easier and more readable alternative to ruby's pack and...

4.3CVSS6.9AI score0.01866EPSS
Exploits1References2
Prion
Prion
added 2021/05/25 2:15 p.m.14 views

Information disclosure

An information disclosure vulnerability was discovered in /index.class.php via port 8181 on NetWave System 1.0 which allows unauthenticated attackers to exfiltrate sensitive information from the system...

5CVSS7.2AI score0.01058EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder