Lucene search
+L

56 matches found

nvd
nvd
added 6 days ago6 views

CVE-2026-6440

The GoodMeet – Google Meet Integration for Webinar, Meeting & Video Conference plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to and including 1.1.8. This is due to a missing nonce verification in the resetcredential function, which handles the...

4.3CVSS0.00168EPSS
Exploits0References8
cve
cve
added 6 days ago8 views

CVE-2026-6440

The CVE concerns the WordPress plugin GoodMeet – Google Meet Integration for Webinar, Meeting & Video Conference. A CSRF vulnerability exists in versions up to 1.1.8 due to missing nonce verification in reset_credential() for the wp_ajax_goodmeet_reset_google_meet_credential action. Although user...

4.3CVSS6AI score0.00168EPSS
Exploits0References8
attackerkb
attackerkb
added 6 days ago8 views

CVE-2026-6440

The GoodMeet – Google Meet Integration for Webinar, Meeting & Video Conference plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to and including 1.1.8. This is due to a missing nonce verification in the resetcredential function, which handles the...

4.3CVSS6AI score0.00168EPSS
Exploits0References9
patchstack
patchstack
added last week5 views

WordPress GoodMeet – Google Meet Integration for Webinar, Meeting & Video Conference plugin <= 1.1.8 - Cross-Site Request Forgery to Google Meet Credential Reset vulnerability

Cross-Site Request Forgery to Google Meet Credential Reset vulnerability discovered by Legion Hunter in WordPress Plugin GoodMeet – Google Meet Integration for Webinar, Meeting & Video Conference versions = 1.1.8...

4.3CVSS6.1AI score0.00168EPSS
Exploits0References1Affected Software1
redhatcve
redhatcve
added 2026/06/05 7:29 p.m.10 views

CVE-2026-2400

CWE-93 Improper Neutralization of CRLF Sequences 'CRLF Injection' vulnerability exists that could cause application user credentials to reset when a Web Admin user alters the POST /setPCBEDesc request payload...

5.3CVSS5.5AI score0.0023EPSS
Exploits0References1
ptsecurity
ptsecurity
added 2026/06/05 12:0 a.m.14 views

PT-2026-47013

Name of the Vulnerable Software and Affected Versions NetMan version 204 Description NetMan contains a hard-coded backdoor account with the username and password eurek that provides administrative access. A remote, unauthenticated attacker can authenticate through the "/cgi-bin/login.cgi" endpoin...

9.8CVSS5.4AI score0.00432EPSS
Exploits0References9
vulnrichment
vulnrichment
added 2026/05/12 1:59 p.m.11 views

CVE-2026-6866 Initialization of a Resource with an Insecure Default vulnerability on EcoStruxure™ Panel Server

CWE-1188 Initialization of a Resource with an Insecure Default vulnerability exists that could cause unauthorized disclosure of sensitive information when credentials revert to initial settings in rare circumstances, enabling unauthorized authentication using known credentials...

8.2CVSS5.8AI score0.00291EPSS
Exploits0References1
cnvd
cnvd
added 2026/04/15 12:0 a.m.8 views

Schneider Electric PowerChute Serial Shutdown CRLF Injection Vulnerability

Schneider Electric PowerChute Serial Shutdown is a UPS management, normal shutdown and energy management software from Schneider Electric France. Schneider Electric PowerChute Serial Shutdown suffers from a CRLF injection vulnerability that stems from improper CRLF sequence neutralization, which...

5.3CVSS5.5AI score0.0023EPSS
Exploits0
cvelist
cvelist
added 2026/04/14 3:22 p.m.31 views

CVE-2026-2400

CWE-93 Improper Neutralization of CRLF Sequences 'CRLF Injection' vulnerability exists that could cause application user credentials to reset when a Web Admin user alters the POST /setPCBEDesc request payload...

5.3CVSS0.0023EPSS
Exploits0References1
cve
cve
added 2026/04/14 3:22 p.m.28 views

CVE-2026-2400

CVE-2026-2400 is tied to Schneider Electric PowerChute Serial Shutdown. The Nessus/PTSecurity entry confirms that PowerChute Serial Shutdown (pre-1.5) is affected by CRLF Injection via POST /setPCBEDesc, which could trigger credential resets for Web Admin users. The PTSecurity note states that af...

5.3CVSS5.8AI score0.0023EPSS
Exploits0References1Affected Software1
cnnvd
cnnvd
added 2026/04/14 12:0 a.m.8 views

Schneider Electric PowerChute Serial Shutdown 注入漏洞

Schneider Electric PowerChute Serial Shutdown is a UPS management, normal shutdown and energy management software from Schneider Electric France. Schneider Electric PowerChute Serial Shutdown suffers from a CRLF injection vulnerability that stems from improper CRLF sequence neutralization, which...

5.3CVSS5.8AI score0.0023EPSS
Exploits0References1
nvd
nvd
added 2025/12/09 6:15 p.m.5 views

CVE-2025-59808

An unverified password change vulnerability CWE-620 vulnerability in Fortinet FortiSOAR PaaS 7.6.0 through 7.6.2, FortiSOAR PaaS 7.5.0 through 7.5.1, FortiSOAR PaaS 7.4 all versions, FortiSOAR PaaS 7.3 all versions, FortiSOAR on-premise 7.6.0 through 7.6.2, FortiSOAR on-premise 7.5.0 through 7.5....

6.8CVSS0.00201EPSS
Exploits0References1
osv
osv
added 2025/12/09 6:15 p.m.4 views

CVE-2025-59808

An unverified password change vulnerability CWE-620 vulnerability in Fortinet FortiSOAR PaaS 7.6.0 through 7.6.2, FortiSOAR PaaS 7.5.0 through 7.5.1, FortiSOAR PaaS 7.4 all versions, FortiSOAR PaaS 7.3 all versions, FortiSOAR on-premise 7.6.0 through 7.6.2, FortiSOAR on-premise 7.5.0 through 7.5....

6.8CVSS5.8AI score0.00201EPSS
Exploits0References1
vulnrichment
vulnrichment
added 2025/12/09 5:19 p.m.2 views

CVE-2025-59808

An unverified password change vulnerability CWE-620 vulnerability in Fortinet FortiSOAR PaaS 7.6.0 through 7.6.2, FortiSOAR PaaS 7.5.0 through 7.5.1, FortiSOAR PaaS 7.4 all versions, FortiSOAR PaaS 7.3 all versions, FortiSOAR on-premise 7.6.0 through 7.6.2, FortiSOAR on-premise 7.5.0 through 7.5....

6.8CVSS6.6AI score0.00201EPSS
Exploits0References1
euvd
euvd
added 2025/12/09 5:19 p.m.7 views

EUVD-2025-202272

An unverified password change vulnerability CWE-620 vulnerability in Fortinet FortiSOAR PaaS 7.6.0 through 7.6.2, FortiSOAR PaaS 7.5.0 through 7.5.1, FortiSOAR PaaS 7.4 all versions, FortiSOAR PaaS 7.3 all versions, FortiSOAR on-premise 7.6.0 through 7.6.2, FortiSOAR on-premise 7.5.0 through 7.5....

6.8CVSS6.5AI score0.00201EPSS
Exploits0References2
cnnvd
cnnvd
added 2025/12/09 12:0 a.m.5 views

Fortinet FortiSOAR PaaS和Fortinet FortiSOAR on-premise 安全漏洞

Fortinet FortiSOAR PaaS and Fortinet FortiSOAR on-premise are both security orchestration, automation and response software from Fortinet, Inc. A security vulnerability exists in Fortinet FortiSOAR PaaS and Fortinet FortiSOAR on-premise that stems from insufficient password change validation, whi...

6.8CVSS6.9AI score0.00201EPSS
Exploits0References1
ptsecurity
ptsecurity
added 2025/12/09 12:0 a.m.9 views

PT-2025-50120

Name of the Vulnerable Software and Affected Versions Fortinet FortiSOAR PaaS versions 7.3 through 7.6.2 Fortinet FortiSOAR on-premise versions 7.3 through 7.6.2 Description An unverified password change issue exists that may allow an attacker with existing access to a user account to reset the...

6.8CVSS6.7AI score0.00201EPSS
Exploits0References3
thn
thn
added 2025/10/09 1:48 p.m.5 views

Hackers Access SonicWall Cloud Firewall Backups, Spark Urgent Security Checks

SonicWall on Wednesday disclosed that an unauthorized party accessed firewall configuration backup files for all customers who have used the cloud backup service. "The files contain encrypted credentials and configuration data; while encryption remains in place, possession of these files could...

6.5AI score
Exploits0
euvd
euvd
added 2025/10/07 12:30 a.m.7 views

EUVD-2017-3787

Malware in sbrugna...

8.8CVSS8.8AI score0.02182EPSS
Exploits0References4
euvd
euvd
added 2025/10/07 12:30 a.m.6 views

EUVD-2019-6141

Malware in sbrugna...

6.5CVSS6.6AI score0.02233EPSS
Exploits1References6
Rows per page
Query Builder