Lucene search
K

6052 matches found

Positive Technologies
Positive Technologies
added 2025/01/24 12:0 a.m.4 views

PT-2025-5465 · Unknown · Create With Code

Name of the Vulnerable Software and Affected Versions: Create with Code versions n/a through 1.4 Description: The issue is related to improper neutralization of input during web page generation, which allows for DOM-Based XSS. This enables potential attackers to inject malicious scripts into the...

6.5CVSS7AI score0.00334EPSS
Exploits0References3
CNNVD
CNNVD
added 2025/01/24 12:0 a.m.5 views

WordPress plugin Create with Code 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site scripting vulnerability exists...

6.5CVSS7.9AI score0.00334EPSS
Exploits0References2
PyPA
PyPA
added 2025/01/23 1:15 a.m.8 views

PYSEC-2025-131

lunasvg v3.0.0 was discovered to contain a allocation-size-too-big bug via the component plutovgsurfacecreate...

7.5CVSS5.7AI score0.0044EPSS
Exploits1References2Affected Software1
OSV
OSV
added 2025/01/23 1:15 a.m.5 views

PYSEC-2025-131

lunasvg v3.0.0 was discovered to contain a allocation-size-too-big bug via the component plutovgsurfacecreate...

7.5CVSS5.7AI score0.0044EPSS
Exploits1References2
Snyk
Snyk
added 2025/01/23 12:45 a.m.2 views

Denial of Service (DoS)

Overview Affected versions of this package are vulnerable to Denial of Service DoS via the plutovgsurfacecreate component. An attacker can cause a denial of service by creating a surface with an excessively large size. Details Denial of Service DoS describes a family of attacks, all aimed at maki...

8.7CVSS7AI score0.0044EPSS
Exploits1References2
Positive Technologies
Positive Technologies
added 2025/01/23 12:0 a.m.3 views

PT-2025-3550 · Lunasvg · Lunasvg

Name of the Vulnerable Software and Affected Versions: lunasvg version 3.0.0 Description: The issue is related to an allocation-size-too-big bug in the plutovg surface create component. This bug can be exploited. Recommendations: For lunasvg version 3.0.0, consider disabling the plutovg surface...

7.5CVSS6.9AI score0.0044EPSS
Exploits1References8
CNNVD
CNNVD
added 2025/01/23 12:0 a.m.3 views

LunaSVG 安全漏洞

LunaSVG is a standalone C SVG rendering library. A security vulnerability exists in LunaSVG that stems from the discovery of a containment allocation size oversize error via the component plutovgsurfacecreate. No detailed vulnerability details are provided at this time...

7.5CVSS6.8AI score0.0044EPSS
Exploits1References3
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/01/21 7:47 a.m.2 views

Malicious code in create-calypso-config (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware df093bf0b3032586592d593a554c740ebe09f794cffc403f26b07319dd426d84 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

6.9AI score
Exploits0References3
OSV
OSV
added 2025/01/21 7:47 a.m.1 views

MAL-2025-288 Malicious code in create-calypso-config (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware df093bf0b3032586592d593a554c740ebe09f794cffc403f26b07319dd426d84 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

7AI score
Exploits0References3
OSV
OSV
added 2025/01/18 2:15 p.m.1 views

CVE-2025-0559

A vulnerability, which was classified as problematic, has been found in Campcodes School Management Software 1.0. This issue affects some unknown processing of the file /create-id-card of the component Create Id Card Page. The manipulation of the argument ID Card Title leads to cross site...

4.8CVSS3.9AI score
Exploits0References5
Cvelist
Cvelist
added 2025/01/18 2:0 p.m.21 views

CVE-2025-0559 Campcodes School Management Software Create Id Card Page create-id-card cross site scripting

A vulnerability, which was classified as problematic, has been found in Campcodes School Management Software 1.0. This issue affects some unknown processing of the file /create-id-card of the component Create Id Card Page. The manipulation of the argument ID Card Title leads to cross site...

5.1CVSS0.00345EPSS
Exploits1References5
Positive Technologies
Positive Technologies
added 2025/01/18 12:0 a.m.7 views

PT-2025-3952 · Unknown · Campcodes School Management

Name of the Vulnerable Software and Affected Versions: Campcodes School Management Software version 1.0 Description: A cross-site scripting issue has been found in the Create Id Card Page component, specifically in the file /create-id-card. The manipulation of the ID Card Title argument leads to...

5.1CVSS6.3AI score0.00345EPSS
Exploits1References10
CNNVD
CNNVD
added 2025/01/18 12:0 a.m.6 views

Campcodes School Management Software 代码注入漏洞

Campcodes School Management Software is a school management software from Campcodes, Inc. A code injection vulnerability exists in Campcodes School Management Software version 1.0, which originates from a cross-site scripting vulnerability in the ID Card Title parameter of the /create-id-card fil...

5.1CVSS4.1AI score0.00345EPSS
Exploits1References6
RedHat Linux
RedHat Linux
added 2025/01/16 12:2 p.m.5 views

hornetq-core-client: Arbitrarily overwrite files or access sensitive information

A flaw was found in the createTempFile method of hornetq. Affected version of hornetq allows attackers to arbitrarily overwrite files or access sensitive information...

9.1CVSS5.7AI score0.00699EPSS
Exploits1References6
Positive Technologies
Positive Technologies
added 2025/01/14 12:0 a.m.6 views

PT-2025-2947 · Fortinet · Fortisiem

Name of the Vulnerable Software and Affected Versions: FortiSIEM versions 7.1.7 and below FortiSIEM versions 7.0.3 and below FortiSIEM versions 6.7.9 and below FortiSIEM versions 6.6.5 and below FortiSIEM versions 6.5.3 and below FortiSIEM versions 6.4.4 and below Description: The issue is relate...

6.8CVSS7AI score0.0048EPSS
Exploits0References6
Vulnrichment
Vulnrichment
added 2025/01/11 2:59 a.m.11 views

CVE-2025-0103 Expedition: SQL Injection Vulnerability

An SQL injection vulnerability in Palo Alto Networks Expedition enables an authenticated attacker to reveal Expedition database contents, such as password hashes, usernames, device configurations, and device API keys. This vulnerability also enables attackers to create and read arbitrary files on...

9.2CVSS7.8AI score0.00596EPSS
Exploits0References1
SUSE CVE
SUSE CVE
added 2025/01/10 12:22 a.m.2 views

SUSE CVE-2024-56606

In the Linux kernel, the following vulnerability has been resolved: afpacket: avoid erroring out after sockinitdata in packetcreate After sockinitdata the allocated sk object is attached to the provided sock object. On error, packetcreate frees the sk object leaving the dangling pointer in the so...

5.5CVSS7.7AI score0.00238EPSS
Exploits0References14
BDU FSTEC
BDU FSTEC
added 2025/01/10 12:0 a.m.7 views

The vulnerability of the `dc_state_create_copy()` function in the `drivers/gpu/drm/amd/display/dc/core/dc_state.c` file of the Linux kernel allows a attacker to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the dcstatecreatecopy function in the drivers/gpu/drm/amd/display/dc/core/dcstate.c file of the Linux kernel is related to the repeated release of previously released memory. Exploiting this vulnerability could allow an attacker to compromise the confidentiality, integrity, a...

7.8CVSS7.2AI score0.00201EPSS
Exploits0References9Affected Software3
OSV
OSV
added 2025/01/09 3:15 a.m.4 views

CVE-2024-13205

A vulnerability was found in kurniaramadhan E-Commerce-PHP 1.0. It has been rated as problematic. Affected by this issue is some unknown functionality of the file /admin/createproduct.php of the component Create Product Page. The manipulation of the argument Name leads to cross site scripting. Th...

5.4CVSS3.5AI score0.00526EPSS
Exploits1References5
NVD
NVD
added 2025/01/09 3:15 a.m.8 views

CVE-2024-13205

A vulnerability was found in kurniaramadhan E-Commerce-PHP 1.0. It has been rated as problematic. Affected by this issue is some unknown functionality of the file /admin/createproduct.php of the component Create Product Page. The manipulation of the argument Name leads to cross site scripting. Th...

5.4CVSS0.00526EPSS
Exploits1References5
Rows per page
Query Builder