Lucene search
K

17 matches found

Patchstack
Patchstack
added 2026/01/23 8:31 a.m.11 views

WordPress All-in-One Video Gallery plugin <= 4.6.4 - Missing Authorization to Unauthenticated Bunny Stream Video Creation/Deletion vulnerability

Missing Authorization to Unauthenticated Bunny Stream Video Creation/Deletion vulnerability discovered by andrea bocchetti in WordPress Plugin All-in-One Video Gallery versions = 4.6.4...

6.5CVSS5.5AI score0.00369EPSS
Exploits0References1Affected Software1
Positive Technologies
Positive Technologies
added 2025/12/24 12:0 a.m.4 views

PT-2025-53053

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A memory leak exists in the RDMA/irdma component of the Linux kernel related to PBLE Persistent Binding List Entry objects. When the irdma module is removed, the memory allocated for the...

7.8CVSS6.2AI score0.00462EPSS
Exploits2References896
CVE
CVE
added 2025/12/12 3:20 a.m.18 views

CVE-2025-14162

CVE-2025-14162 affects the BMLT WordPress Plugin (

4.3CVSS5AI score0.00129EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2025/05/23 5:20 a.m.4 views

CVE-2023-21934

Vulnerability in the Java VM component of Oracle Database Server. Supported versions that are affected are 19c and 21c. Difficult to exploit vulnerability allows low privileged attacker having User Account privilege with network access via TLS to compromise Java VM. Successful attacks of this...

6.8CVSS6.2AI score0.00536EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/03/20 12:0 a.m.4 views

PT-2025-12365

Name of the Vulnerable Software and Affected Versions kcp versions prior to 0.26.3 Description The issue allows creating or deleting an object via the APIExport VirtualWorkspace in any arbitrary target workspace for pre-existing resources, even if there is no APIBinding in that workspace or the...

9.8CVSS7AI score0.99098EPSS
Exploits23References56
CNNVD
CNNVD
added 2024/10/15 12:0 a.m.4 views

Oracle E-Business Suite 安全漏洞

Oracle E-Business Suite is a set of fully integrated global business management software from Oracle USA. The software provides customer relationship management, service management, financial management, and other functions. A security vulnerability exists in Oracle Site Hub versions 12.2.3 throu...

8.1CVSS7.9AI score0.00435EPSS
Exploits0References2
CNNVD
CNNVD
added 2023/01/18 12:0 a.m.3 views

Oracle E-Business Suite 安全漏洞

Oracle E-Business Suite E-Business Suite is a set of fully integrated global business management software from Oracle Oracle. The software provides customer relationship management, service management, financial management and other functions. A security vulnerability exists in Oracle E-Business...

7.5CVSS7.8AI score0.00517EPSS
Exploits0References2
CNNVD
CNNVD
added 2022/10/13 12:0 a.m.3 views

MQTT 跨站请求伪造漏洞

MQTT Message Queuing Telemetry Transport is an ISO standard ISO/IEC PRF 20922 based on the Publish/Subscribe paradigm of messaging protocols, which works on the TCP/IP family of protocols, and is designed for remote devices with low hardware performance and poor network conditions. It works on th...

4.3CVSS5.4AI score0.00254EPSS
Exploits1References2
BDU FSTEC
BDU FSTEC
added 2022/08/15 12:0 a.m.5 views

The vulnerability of the iControl REST API for BIG-IP application protection interfaces allows a attacker to execute arbitrary commands, disable arbitrary services, and create or delete arbitrary files.

The vulnerability of the iControl REST API for BIG-IP application protection interfaces is related to incorrect session duration settings. Exploiting this vulnerability allows a malicious actor to execute arbitrary commands remotely, disable arbitrary services, and create or delete arbitrary file...

10CVSS8.1AI score0.00587EPSS
Exploits0References2Affected Software12
CNNVD
CNNVD
added 2022/07/19 12:0 a.m.3 views

Oracle MySQL 输入验证错误漏洞

Oracle MySQL is an open source relational database management system from Oracle Corporation. MySQL Server is one of the database server components, and an input validation error vulnerability exists in Oracle MySQL 8.0.28 and earlier versions, which originates in the PAM Auth component of MySQL...

4.9CVSS5.2AI score0.00866EPSS
Exploits0References7
OSV
OSV
added 2021/11/04 10:15 a.m.5 views

CVE-2021-34594

TwinCAT OPC UA Server in TF6100 and TS6100 in product versions before 4.3.48.0 or with TcOpcUaServer versions below 3.2.0.194 are prone to a relative path traversal that allow administrators to create or delete any files on the system...

6.5CVSS6.7AI score0.0109EPSS
Exploits0References1
CNVD
CNVD
added 2021/01/20 12:0 a.m.3 views

Unspecified Vulnerability in Oracle Outside In Technology (CNVD-2021-07111)

Oracle Outside In Technology is a software development kit SDK that provides developers with a comprehensive solution for extracting, normalizing, cleaning, converting, and viewing content in more than 600 unstructured file formats. A security vulnerability exists in the Outside In Filters...

8.6CVSS9.1AI score0.01355EPSS
Exploits0References1
CNVD
CNVD
added 2020/02/11 12:0 a.m.3 views

Rumpus FTP Server Web File Manager Cross-Site Request Forgery Vulnerability

Rumpus FTP Server is an Internet file transfer solution for the Mac platform. A cross-site request forgery vulnerability exists in the Create/Delete Account feature of Web File Manager in Rumpus FTP Server version 8.2.9.1. The vulnerability stems from the WEB application not adequately verifying...

6.5CVSS6.8AI score0.00435EPSS
Exploits0References1
OSV
OSV
added 2020/01/03 6:15 p.m.5 views

CVE-2019-11993

A security vulnerability has been identified in HPE SimpliVity 380 Gen 9, HPE SimpliVity 380 Gen 10, HPE SimpliVity 380 Gen 10 G, HPE SimpliVity 2600 Gen 10, SimpliVity OmniCube, SimpliVity OmniStack for Cisco, SimpliVity OmniStack for Lenovo and SimpliVity OmniStack for Dell nodes. Two now...

7.5CVSS7.2AI score0.0153EPSS
Exploits0References1
0day.today
0day.today
added 2019/11/01 12:0 a.m.68 views

ownCloud 10.3.0 stable - Cross-Site Request Forgery Vulnerability

Exploit for linux platform in category web applications Exploit Title: ownCloud 10.3.0 stable - Cross-Site Request Forgery Exploit Author: Ozer Goker Vendor Homepage: https://owncloud.org Software Link: https://owncloud.org/download/ Version: 10.3 CVE: N/A Introduction Your personal cloud...

Exploits0
CNVD
CNVD
added 2019/02/27 12:0 a.m.4 views

WordPress plugin 'FormCraft' cross-site request forgery vulnerability

WordPress is a set of WordPress Software Foundation's blogging platform developed using the PHP language, which supports personal blog sites on servers with PHP and MySQL. A cross-site request forgery vulnerability exists in the WordPress plugin 'FormCraft'. If a user logs into the WordPress admi...

8.8CVSS6.8AI score0.00833EPSS
Exploits0References1
CNVD
CNVD
added 2016/11/17 12:0 a.m.6 views

Lynxspring JENEsys BAS Bridge Cross-Site Request Forgery Vulnerability

Lynxspring is a US based company.BAS Bridge is a web based SCADA system.BAS servers are deployed in areas such as commercial facilities, manufacturing, energy, water and wastewater systems and many more. A cross-site request forgery vulnerability exists in Lynxspring JENEsys BAS Bridge. Due to th...

8.8CVSS6.8AI score0.00641EPSS
Exploits0References1
Rows per page
Query Builder