Lucene search
K

407 matches found

Cvelist
Cvelist
added 2025/12/12 8:36 p.m.20 views

CVE-2025-67634 Software Acquisition Guide Supplier Response Web Tool XSS

The CISA Software Acquisition Guide Supplier Response Web Tool before 2025-12-11 was vulnerable to cross-site scripting via text fields. If an attacker could convince a user to import a specially-crafted JSON file, the Tool would load JavaScript from the file into the page. The JavaScript would...

4.6CVSS0.00159EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2025/12/12 11:15 a.m.2 views

CVE-2025-14159 Secure Copy Content Protection and Content Locking <= 4.9.2 - Cross-Site Request Forgery to Data Export

The Secure Copy Content Protection and Content Locking plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 4.9.2. This is due to missing nonce validation on the 'ayssccpresultsexportfile' AJAX action. This makes it possible for unauthenticated...

4.3CVSS4.4AI score0.00137EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2025/12/12 12:0 a.m.8 views

PT-2025-50979

Name of the Vulnerable Software and Affected Versions CISA Software Acquisition Guide Supplier Response Web Tool versions prior to 2025-12-11 Description The CISA Software Acquisition Guide Supplier Response Web Tool was susceptible to cross-site scripting through text fields. An attacker could...

6.1CVSS6AI score0.00159EPSS
Exploits0References8
Tenable Nessus
Tenable Nessus
added 2025/12/12 12:0 a.m.4 views

Zoom Rooms Installed (Windows)

Binary data winzoomroomsinstalled.nbin...

7AI score
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2025/12/12 12:0 a.m.4 views

Smartbedded Meteobridge Web Detection

Binary data smartbeddedmeteobridgewebdetect.nbin...

7AI score
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/12/12 12:0 a.m.5 views

Zoom Rooms Installed (macOS)

Binary data macoszoomroomsinstalled.nbin...

7AI score
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2025/12/12 12:0 a.m.2 views

Unraid Installed (Linux)

Binary data unraidnixinstalled.nbin...

7AI score
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2025/12/11 12:0 a.m.3 views

JetBrains IntelliJ IDEA Plugins Installed (Windows)

Binary data jetbrainsintellijideapluginsenumwin.nbin...

7AI score
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2025/12/10 12:0 a.m.3 views

Microsoft Windows 10 22H2 ESU Status Check

Binary data wmiwin1022h2esustatus.nbin...

7AI score
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2025/12/09 12:0 a.m.5 views

Progress Telerik Document Processing Libraries Installed (Windows)

Binary data progresstelerikdocumentprocessinglibrarieswininstalled.nbin...

7AI score
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2025/12/05 12:0 a.m.2 views

Photon OS 5.0: Linux PHSA-2025-5.0-0702

An update of the linux package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2025-5.0-0702. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...

7.1CVSS7.3AI score0.00149EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/11/24 12:0 a.m.3 views

Gladinet Triofox Installed (Windows)

Binary data gladinettriofoxwininstalled.nbin...

7AI score
Exploits0References1
Zero Day Initiative
Zero Day Initiative
added 2025/11/20 12:0 a.m.9 views

(0Day) Digilent DASYLab DSB File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Digilent DASYLab. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of DS...

7.8CVSS7AI score0.0025EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/11/15 1:38 p.m.11 views

CVE-2025-11918

Rockwell Automation Arena® suffers from a stack-based buffer overflow vulnerability. The specific flaw exists within the parsing of DOE files. Local attackers are able to exploit this issue to potentially execute arbitrary code on affected installations of Arena®. Exploiting the vulnerability...

7.3CVSS7.9AI score0.00136EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2025/11/14 12:0 a.m.4 views

Autodesk Installer Installed

Binary data autodeskinstallerinstalled.nbin...

7AI score
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2025/11/13 12:0 a.m.5 views

Photon OS 5.0: Vim PHSA-2025-5.0-0672

An update of the vim package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2025-5.0-0672. The text itself is copyright C VMware, Inc. include'compat.inc'; if description scriptid27530...

5.5CVSS5.7AI score0.00195EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2025/11/13 12:0 a.m.8 views

Photon OS 4.0: Mc PHSA-2025-4.0-0902

An update of the mc package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2025-4.0-0902. The text itself is copyright C VMware, Inc. include'compat.inc'; if description scriptid275319...

7.5CVSS7.6AI score0.02216EPSS
Exploits1References2
OSV
OSV
added 2025/11/12 4:47 p.m.2 views

MAL-2025-156609 Malicious code in inufgi-goa-jamufi (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 5949b8c5e7db9698c5c442aa992894c6e8a336d955593ddaf940e725367e9e4e This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

6.8AI score
Exploits0
OSV
OSV
added 2025/11/11 8:46 p.m.4 views

MAL-2025-127412 Malicious code in informal_puma_z3n (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 4387ff1a31187a1dd4943e2eb7c61f3df4e2b85b2f2a1d49617b0ffad7f16a02 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

6.8AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/11/11 8:46 p.m.3 views

Malicious code in okta-lupis76-riris (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 95e7cadc887c0d824e3a76de414c021f5dcc599bbedfeeea8203243234708f00 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

6.9AI score
Exploits0
Rows per page
Query Builder