Lucene search
K

57 matches found

Nuclei
Nuclei
added 13 hours ago33 views

Email Subscribers & Newsletters <= 5.3.1 - Authenticated SQL Injection

The Email Subscribers & Newsletters WordPress plugin before 5.3.2 does not correctly escape the order and orderby parameters to the ajaxfetchreportlist action, making it vulnerable to blind SQL injection attacks by users with roles as low as Subscriber. Further, it does not have any CSRF protecti...

8.8CVSS7.2AI score0.04184EPSS
Exploits3References2
Tenable Nessus
Tenable Nessus
added 2026/06/19 12:0 a.m.6 views

Oracle Coherence 15.1.1.0.x < 15.1.1.0.3 Multiple Vulnerabilities (June 2026 CPU)

The 15.1.1.0.0 version of Coherence installed on the remote host is affected by multiple vulnerabilities as referenced in the June 2026 CPU advisory. - Vulnerability in the Oracle Coherence product of Oracle Fusion Middleware component: Centralized Third Party Jars. The supported version that is...

9.3CVSS6AI score0.00353EPSS
Exploits0References4
CNNVD
CNNVD
added 2026/06/03 12:0 a.m.9 views

Securly Chrome Extension 安全漏洞

Securly Chrome Extension is a web filtering and student online security management browser extension developed by the American company Securly. Version 3.0.7 of Securly Chrome Extension contains a security vulnerability. This vulnerability stems from multiple exposed endpoints allowing unauthoriz...

7.5CVSS5.3AI score0.00211EPSS
Exploits0References1
Snyk
Snyk
added 2026/05/03 12:31 a.m.11 views

Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')

Overview sglang is a SGLang is a fast serving framework for large language models and vision language models. Affected versions of this package are vulnerable to Improper Neutralization of Special Elements in Output Used by a Downstream Component 'Injection' via the gettokenizer function in the...

6.3CVSS5.8AI score0.00368EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/03/09 12:0 a.m.6 views

PT-2026-24120

Name of the Vulnerable Software and Affected Versions Misskey versions 8.45.0 through 2026.3.0 Description Misskey, an open source, federated social media platform, has an issue where insufficient permission checks and proper input validation can allow unauthorized access to data. This can occur...

9.2CVSS5.8AI score0.00249EPSS
Exploits0References9
OSV
OSV
added 2026/03/05 10:16 p.m.3 views

CVE-2026-21622

Insufficient Session Expiration vulnerability in hexpm hexpm/hexpm 'Elixir.Hexpm.Accounts.PasswordReset' module allows Account Takeover. Password reset tokens generated via the "Reset your password" flow do not expire. When a user requests a password reset, Hex sends an email containing a reset...

9.8CVSS5.8AI score0.0039EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/03/05 9:18 p.m.25 views

CVE-2026-21622 Password Reset Tokens Do Not Expire

Insufficient Session Expiration vulnerability in hexpm hexpm/hexpm 'Elixir.Hexpm.Accounts.PasswordReset' module allows Account Takeover. Password reset tokens generated via the "Reset your password" flow do not expire. When a user requests a password reset, Hex sends an email containing a reset...

9.5CVSS0.0039EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2026/02/17 12:0 a.m.6 views

PT-2026-20232

Name of the Vulnerable Software and Affected Versions IBM DB2 Recovery Expert for LUW version 5.5 Interim Fix 002 Description The software reveals sensitive information within an environment variable. This disclosure could potentially assist in subsequent attacks against the system. Recommendatio...

5.3CVSS5.8AI score0.00197EPSS
Exploits0References5
RedhatCVE
RedhatCVE
added 2025/10/14 5:40 a.m.10 views

CVE-2025-31995

HCL Unica MaxAI Workbench is vulnerable to improper input validation. This allows attackers to exploit vulnerabilities such as SQL Injection, XSS, or command injection, leading to unauthorized access or data breaches, etc...

3.5CVSS7.7AI score0.00517EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2017-12470

Malware in sbrugna...

8.2CVSS8.3AI score0.01237EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/07 12:30 a.m.2 views

EUVD-2014-7318

Malware in sbrugna...

5.4CVSS6.4AI score0.00266EPSS
Exploits0References4
EUVD
EUVD
added 2025/10/07 12:30 a.m.3 views

EUVD-2021-16643

Malware in sbrugna...

8.2CVSS7.2AI score0.00933EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2019-13946

Malware in sbrugna...

7.5CVSS6.1AI score0.00976EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/07 12:30 a.m.9 views

EUVD-2020-5828

Malware in sbrugna...

8.8CVSS8.3AI score0.01032EPSS
Exploits1References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2017-1833

Malware in sbrugna...

5.3CVSS5.9AI score0.02002EPSS
Exploits0References4
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2024-44134

Malicious code in bioql PyPI...

7.5CVSS7.7AI score0.00523EPSS
Exploits1References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.13 views

EUVD-2025-16939

Malicious code in bioql PyPI...

9.4CVSS6.5AI score0.00508EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2022-33748

Malicious code in bioql PyPI...

8.8CVSS8.6AI score0.00862EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2024-19875

Malicious code in bioql PyPI...

7.5CVSS7.6AI score0.00185EPSS
Exploits0References2
CNNVD
CNNVD
added 2025/09/26 12:0 a.m.5 views

Unitree多款产品 安全漏洞

Unitree Go2 is a robot dog, Unitree G1 is a humanoid robot, Unitree H1 is a humanoid robot, Unitree Go2 is a robot dog, Unitree G1 is a humanoid robot, Unitree H1 is a humanoid robot, Unitree H1 is a humanoid robot. A security vulnerability exists in several Unitree products that stems from the u...

4.7CVSS6.4AI score0.00177EPSS
Exploits0References3
Rows per page
Query Builder