Lucene search
K

288 matches found

AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.3 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: Fix: Use strings instead of literals when defining tracepoints for DA monitors. Using DA monitor tracepoints with KASAN enabled triggers the following warning: Bug: KASAN: Global-out-of-bounds access in...

7.1CVSS5.5AI score0.00139EPSS
Exploits0References2
Packet Storm
Packet Storm
added 2026/05/21 12:0 a.m.70 views

📄 Lenovo LegionSpace 1.7.11.2 Unquoted Service Path

Lenovo LegionSpace version 1.7.11.2 suffers from an unquoted service path vulnerability. Exploit Title: Lenovo LegionSpace 1.7.11.2 - 'DAService' Unquoted Service Path Exploit Author: CENACIF-MX Discovery Date: 2025-12-04 Vendor Homepage: https://support.lenovo.com/es/es/solutions/legionspace...

5.8AI score
Exploits0
Exploit DB
Exploit DB
added 2026/05/21 12:0 a.m.80 views

Lenovo LegionSpace 1.7.11.2 - 'DAService' Unquoted Service Path

Exploit Title: Lenovo LegionSpace 1.7.11.2 - 'DAService' Unquoted Service Path Exploit Author: CENACIF-MX Discovery Date: 2025-12-04 Vendor Homepage: https://support.lenovo.com/es/es/solutions/legionspace Tested Version: 1.7.11.2 Vulnerability Type: Unquoted Service Path Tested on OS: Microsoft...

5.8AI score
Exploits0
Vulnrichment
Vulnrichment
added 2026/03/07 7:22 a.m.4 views

CVE-2026-1805 DA Media GigList <= 1.9.0 - Authenticated (Contributor+) Stored Cross-Site Scripting via 'list_title' Shortcode Attribute

The DA Media GigList plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's damediagiglist shortcode in all versions up to, and including, 1.9.0 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for...

6.4CVSS5.9AI score0.00197EPSS
Exploits0References5
Patchstack
Patchstack
added 2026/03/07 2:14 a.m.6 views

WordPress DA Media GigList plugin <= 1.9.0 - Authenticated (Contributor+) Stored Cross-Site Scripting via 'list_title' Shortcode Attribute vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting via 'listtitle' Shortcode Attribute vulnerability discovered by Muhammad Yudha - DJ in WordPress Plugin DA Media GigList versions = 1.9.0...

6.4CVSS5.8AI score0.00197EPSS
Exploits0References1Affected Software1
Positive Technologies
Positive Technologies
added 2026/03/07 12:0 a.m.5 views

PT-2026-23841

The DA Media GigList plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's damedia giglist shortcode in all versions up to, and including, 1.9.0 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for...

6.4CVSS5.9AI score0.00197EPSS
Exploits0References6
CNNVD
CNNVD
added 2026/03/07 12:0 a.m.7 views

WordPress plugin DA Media GigList 跨站脚本漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. WordPres...

6.4CVSS5.7AI score0.00197EPSS
Exploits0References6
RedhatCVE
RedhatCVE
added 2026/01/09 12:39 p.m.7 views

CVE-2023-43299

An issue in DA BUTCHERS mini-app on Line v13.6.1 allows attackers to send crafted malicious notifications via leakage of the channel access token...

5.3CVSS6.9AI score0.00508EPSS
Exploits1References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/01/07 11:51 p.m.9 views

Malicious code in rt-da-classic-card-collection (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 40df14bf87fe4eb4e065fda942f953028db00c5e8148c1c1ccc2f6cf623d3611 The package rt-da-classic-card-collection was found to contain malicious code. Source: ghsa-malware...

6.9AI score
Exploits0References1
OSV
OSV
added 2026/01/07 11:51 p.m.6 views

MAL-2026-137 Malicious code in rt-da-classic-card-collection (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 40df14bf87fe4eb4e065fda942f953028db00c5e8148c1c1ccc2f6cf623d3611 The package rt-da-classic-card-collection was found to contain malicious code. Source: ghsa-malware...

6.8AI score
Exploits0References1
EUVD
EUVD
added 2025/11/12 10:25 p.m.3 views

EUVD-2025-137807

Malicious code in astam-ifut-da npm...

6.6AI score
Exploits0
EUVD
EUVD
added 2025/11/12 10:25 p.m.4 views

EUVD-2025-136808

Malicious code in imugiay-ajvog-da npm...

6.6AI score
Exploits0
EUVD
EUVD
added 2025/11/12 10:25 p.m.3 views

EUVD-2025-137956

Malicious code in astam-ifst-da npm...

6.6AI score
Exploits0
EUVD
EUVD
added 2025/11/12 7:18 p.m.4 views

EUVD-2025-139116

Malicious code in nuyar-da-raatado npm...

6.6AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/11/12 7:18 p.m.3 views

Malicious code in nuyar-da-rof (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ffe7027c7c8d50505b1ae921ba1136f1d1140bc4878691976b4771d95a508025 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

6.9AI score
Exploits0
EUVD
EUVD
added 2025/11/12 7:18 p.m.0 views

EUVD-2025-139112

Malicious code in nuyar-da-radatidado npm...

6.6AI score
Exploits0
EUVD
EUVD
added 2025/11/12 7:18 p.m.2 views

EUVD-2025-139110

Malicious code in nuyar-da-rato npm...

6.6AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/11/12 7:18 p.m.2 views

Malicious code in nuyar-da-ratao (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 944062e1ceadd396c0968c90f811253c1b591dfb649f019a580e5a126aac04ee This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

6.9AI score
Exploits0
EUVD
EUVD
added 2025/11/12 7:18 p.m.0 views

EUVD-2025-139107

Malicious code in nuyar-da-rofa npm...

6.6AI score
Exploits0
EUVD
EUVD
added 2025/11/12 7:18 p.m.0 views

EUVD-2025-139106

Malicious code in nuyar-da-rofad npm...

6.6AI score
Exploits0
Rows per page
Query Builder