Lucene search
K

2633 matches found

Positive Technologies
Positive Technologies
added 2026/06/06 12:0 a.m.29 views

PT-2026-47132

Name of the Vulnerable Software and Affected Versions Click to Chat – WA Widget versions prior to 4.39 Description The plugin is subject to Stored Cross-Site Scripting. Authenticated attackers with Contributor-level access or higher can inject arbitrary web scripts into pages. This occurs because...

6.4CVSS5.9AI score0.00288EPSS
Exploits0References14
CNNVD
CNNVD
added 2026/06/06 12:0 a.m.10 views

WordPress plugin Click to Chat – WA Widget 跨站脚本漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. The...

6.4CVSS5.3AI score0.00288EPSS
Exploits0References12
RedhatCVE
RedhatCVE
added 2026/06/05 7:35 p.m.10 views

CVE-2026-5243

The The Plus Addons for Elementor – Addons for Elementor, Page Templates, Widgets, Mega Menu, WooCommerce plugin for WordPress is vulnerable to stored cross-site scripting via the menuhoverclick parameter of the Navigation Menu Lite widget in all versions up to, and including, 6.4.11 due to...

6.4CVSS5.4AI score0.00205EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:19 p.m.10 views

CVE-2026-49194

The debugging routine SCREENCLICK5053 enables a connection to skip the standard device login prompt entirely and directly enter an interactive shell interface...

9.4CVSS5.5AI score0.00232EPSS
Exploits0References1
Patchstack
Patchstack
added 2026/06/05 1:37 p.m.10 views

WordPress Click to Chat – HoliThemes plugin <= 4.39 - Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting vulnerability discovered by Valatty in WordPress Plugin Click to Chat versions = 4.39...

6.4CVSS5.4AI score0.00288EPSS
Exploits0References1Affected Software1
NVD
NVD
added 2026/06/04 7:16 a.m.14 views

CVE-2026-49194

The debugging routine SCREENCLICK5053 enables a connection to skip the standard device login prompt entirely and directly enter an interactive shell interface...

9.4CVSS0.00232EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/06/04 6:21 a.m.8 views

CVE-2026-49194 SCREEN_CLICK Authentication Bypass

The debugging routine SCREENCLICK5053 enables a connection to skip the standard device login prompt entirely and directly enter an interactive shell interface...

9.4CVSS5.8AI score0.00232EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/04 6:21 a.m.11 views

EUVD-2026-34213

The debugging routine SCREENCLICK5053 enables a connection to skip the standard device login prompt entirely and directly enter an interactive shell interface...

9.4CVSS5.8AI score0.00232EPSS
Exploits0References1
CVE
CVE
added 2026/06/04 6:21 a.m.28 views

CVE-2026-49194

Technical details about CVE-2026-49194 are not publicly available in the provided documents; monitor for updates.

9.4CVSS5.8AI score0.00232EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2026/06/04 6:21 a.m.40 views

CVE-2026-49194 SCREEN_CLICK Authentication Bypass

The debugging routine SCREENCLICK5053 enables a connection to skip the standard device login prompt entirely and directly enter an interactive shell interface...

9.4CVSS0.00232EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/04 12:0 a.m.13 views

Acer M6E 安全漏洞

The Acer M6E is a portable 5G mobile hotspot device from Acer, a company based in Taiwan, China. The Acer M6E has a security vulnerability. This vulnerability stems from the debugging routine SCREENCLICK5053, which allows connections to completely bypass standard device login prompts and directly...

9.4CVSS5.3AI score0.00232EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/06/04 12:0 a.m.20 views

PT-2026-46152

The debugging routine SCREEN CLICK5053 enables a connection to skip the standard device login prompt entirely and directly enter an interactive shell interface...

9.4CVSS5.8AI score0.00232EPSS
Exploits0References2
The Hacker News
The Hacker News
added 2026/06/03 5:58 p.m.18 views

Microsoft Fixes One-Click GitHub Dev Attack That Let Attackers Steal OAuth Tokens

Cybersecurity researchers have disclosed a one-click attack via Microsoft Visual Studio Code VS Code that makes it possible to steal a user's GitHub token. "Just by clicking a link, it's possible for an attacker to steal a GitHub token that can read and write to your repos, including private ones...

5.7AI score
Exploits0
CNNVD
CNNVD
added 2026/06/02 12:0 a.m.9 views

Transmission 安全漏洞

Transmission is an open-source BitTorrent client application developed by Transmission. This program primarily provides features such as file downloading. Versions of Transmission 4.1.1 and earlier contained security vulnerabilities, which were due to a click hijacking vulnerability in the...

5.3CVSS5.3AI score0.00305EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/06/01 12:0 a.m.11 views

Google Android 安全漏洞

Google Android is an open-source operating system based on Linux, developed by Google Inc. There are security vulnerabilities in Google Android, which stem from click-jacking/cross-scripting attacks involving multiple functions in WindowState.java, potentially leading to local privilege escalatio...

5.9CVSS5.3AI score0.00073EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/01 12:0 a.m.8 views

Google Android 安全漏洞

Google Android is an open-source operating system based on Linux, developed by Google Inc. There is a security vulnerability in Google Android, which stems from the hide method in WindowState.java. This method allows for click hijacking/cross-session attacks, potentially leading users to grant...

6.8CVSS5.3AI score0.00075EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/06/01 12:0 a.m.10 views

Google Android 安全漏洞

Google Android is an open-source operating system based on Linux, developed by Google Inc. There is a security vulnerability in Google Android, which stems from a click hijacking issue in the addWindow function, potentially leading to local privilege escalation...

7.8CVSS5.3AI score0.00067EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/01 12:0 a.m.10 views

Google Android 安全漏洞

Google Android is an open-source operating system based on Linux, developed by Google Inc. There is a security vulnerability in Google Android, which stems from the InputInterceptor method in Letterbox.java. This method allows for click hijacking/coverage attacks, potentially leading users to...

6.2CVSS5.3AI score0.00076EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/06/01 12:0 a.m.11 views

Google Android 安全漏洞

Google Android is an open-source operating system based on Linux, developed by Google Inc. There is a security vulnerability in Google Android, which stems from the startAnimation method in StageCoordinator.java. This method allows for click hijacking/cross-session attacks, potentially leading to...

7.8CVSS5.3AI score0.00072EPSS
Exploits0References1
GithubExploit
GithubExploit
added 2026/05/31 5:29 p.m.98 views

Exploit for Improper Authentication in Google Android

DEDSECBKIF DEDSECBKIF is a keystroke injection tool for Androi...

6.3CVSS7AI score0.07879EPSS
Exploits8
Rows per page
Query Builder