Lucene search
K

83 matches found

Cvelist
Cvelist
added 2025/10/27 6:44 p.m.10 views

CVE-2025-32785 Pi-hole Admin Interface vulnerable to persistent XSS on Subscribed lists group management (Adress Field)

Pi-hole Admin Interface is a web interface for managing Pi-hole, a network-level advertisement and internet tracker blocking application. Pi-hole Admin Interface versions prior to 6.3 are vulnerable to cross-site scripting XSS via the Address field in the Subscribed Lists group management section...

5.1CVSS0.00228EPSS
Exploits1References1
Positive Technologies
Positive Technologies
added 2025/10/27 12:0 a.m.7 views

PT-2025-44010

Name of the Vulnerable Software and Affected Versions Pi-hole Admin Interface versions prior to 6.3 Description The Pi-hole Admin Interface, a web interface for managing the Pi-hole advertisement and internet tracker blocking application, is susceptible to a cross-site scripting XSS issue. This...

5.1CVSS5.7AI score0.00228EPSS
Exploits1References4
Tenable Nessus
Tenable Nessus
added 2025/10/25 12:0 a.m.8 views

Photon OS 4.0: Mysql PHSA-2025-4.0-0894

An update of the mysql package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2025-4.0-0894. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...

6.8CVSS5.6AI score0.00908EPSS
Exploits1References61
OSV
OSV
added 2025/10/14 12:0 a.m.4 views

DLA-4332-1 distro-info-data - database update

Bulletin has no description...

7AI score
Exploits0
EUVD
EUVD
added 2025/10/07 12:30 a.m.7 views

EUVD-2021-0625

Malware in sbrugna...

6.5CVSS5.6AI score0.01329EPSS
Exploits0References11
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2017-12024

Malware in sbrugna...

9.3CVSS8.9AI score0.02448EPSS
Exploits2References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2025-32129

Malicious code in bioql PyPI...

9.8CVSS6.6AI score0.00329EPSS
Exploits0References2
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/08/14 6:52 p.m.5 views

Malicious code in database-update-send-email (npm)

The package database-update-send-email was found to contain malicious code...

7AI score
Exploits0
OSV
OSV
added 2025/08/14 6:52 p.m.2 views

MAL-2025-17996 Malicious code in database-update-send-email (npm)

The package database-update-send-email was found to contain malicious code...

7.2AI score
Exploits0
Microsoft KB
Microsoft KB
added 2025/08/12 7:0 a.m.13 views

KB5063760 - Description of the security update for SQL Server 2017 GDR: August 12, 2025

KB5063760 - Description of the security update for SQL Server 2017 GDR: August 12, 2025 Summary Improvements and fixes included in this update How to obtain and install the update More information File information Information about protection and security Summary This security update contains fix...

8.8CVSS6.3AI score0.01516EPSS
Exploits2
OSV
OSV
added 2025/08/09 12:0 a.m.3 views

DLA-4266-1 distro-info-data - database update

Bulletin has no description...

7.2AI score
Exploits0
Vulnrichment
Vulnrichment
added 2025/05/19 2:45 p.m.8 views

CVE-2025-48264 WordPress Product Code for WooCommerce plugin <= 1.5.0 - CSRF to Database Update vulnerability

Cross-Site Request Forgery CSRF vulnerability in artiosmedia Product Code for WooCommerce product-code-for-woocommerce allows Cross Site Request Forgery.This issue affects Product Code for WooCommerce: from n/a through = 1.5.0...

4.3CVSS5.2AI score0.00128EPSS
Exploits0References1
CVE
CVE
added 2025/05/19 2:45 p.m.27 views

CVE-2025-48264

CVE-2025-48264 : WordPress plugin Product Code for WooCommerce has a CSRF-to-database-update vulnerability affecting versions

4.3CVSS5.9AI score0.00128EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/05/19 2:45 p.m.26 views

CVE-2025-48264 WordPress Product Code for WooCommerce plugin <= 1.5.0 - CSRF to Database Update vulnerability

Cross-Site Request Forgery CSRF vulnerability in artiosmedia Product Code for WooCommerce product-code-for-woocommerce allows Cross Site Request Forgery.This issue affects Product Code for WooCommerce: from n/a through = 1.5.0...

4.3CVSS0.00128EPSS
Exploits0References1
Packet Storm News
Packet Storm News
added 2025/05/12 12:0 a.m.7 views

Securing WiFi Fingerprint-Based Indoor Localization Systems from Malicious Access Points

WiFi fingerprint-based indoor localization schemes deliver highly accurate location data by matching the received signal strength indicator RSSI with an offline database using machine learning ML or deep learning DL models. However, over time, RSSI values degrade due to the malicious behavior of...

7AI score
Exploits0
OSV
OSV
added 2025/04/26 12:0 a.m.10 views

DLA-4138-1 distro-info-data - database update

Bulletin has no description...

7.2AI score
Exploits0
Cvelist
Cvelist
added 2024/12/04 7:32 a.m.22 views

CVE-2024-10664 Knowledge Base documentation & wiki plugin – BasePress Docs <= 2.16.3.3 - Missing Authorization to Authenticated (Subscriber+) Database Update

The Knowledge Base documentation & wiki plugin – BasePress Docs plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the basepressdbpostsupdate function in all versions up to, and including, 2.16.3.3. This makes it possible for authenticated...

4.3CVSS0.00267EPSS
Exploits0References2
Patchstack
Patchstack
added 2024/12/03 10:10 p.m.5 views

WordPress BasePress Docs plugin <= 2.16.3.3 - Missing Authorization to Authenticated (Subscriber+) Database Update vulnerability

Missing Authorization to Authenticated Subscriber+ Database Update vulnerability discovered by BrokenAC ignore in WordPress Plugin Knowledge Base documentation & wiki plugin – BasePress versions = 2.16.3.3...

4.3CVSS6.9AI score0.00267EPSS
Exploits0References1Affected Software1
SUSE Linux
SUSE Linux
added 2024/11/08 7:57 a.m.2 views

Security update for govulncheck-vulndb

This update for govulncheck-vulndb fixes the following issues: Update to version 0.0.20241104T154416 2024-11-04T15:44:16Z. Refs jscPED-11136 Go CVE Numbering Authority IDs added or updated with aliases: GO-2024-3233 CVE-2024-46872 GHSA-762g-9p7f-mrww GO-2024-3234 CVE-2024-47401 GHSA-762v-rq7q-ff9...

8.9CVSS6.7AI score0.37055EPSS
Exploits4References26
CNVD
CNVD
added 2024/09/04 12:0 a.m.10 views

SportsNET SQL Injection Vulnerability (CNVD-2024-37600)

SportsNET is a sports event network application from SportsNET, Inc. SportsNET suffers from a SQL injection vulnerability that can be exploited by an attacker to retrieve, update, and delete all information in the database via a specially crafted SQL query...

9.8CVSS7.4AI score0.00408EPSS
Exploits0References1
Rows per page
Query Builder