Lucene search
K

334 matches found

OSSF Malicious Packages
OSSF Malicious Packages
added 2025/08/14 6:52 p.m.2 views

Malicious code in @zalastax/nolb-dn (npm)

The package @zalastax/nolb-dn was found to contain malicious code...

7AI score
Exploits0
OSV
OSV
added 2025/08/14 6:52 p.m.0 views

MAL-2025-11179 Malicious code in @zalastax/nolb-dn (npm)

The package @zalastax/nolb-dn was found to contain malicious code...

7.2AI score
Exploits0
OSV
OSV
added 2025/08/14 6:52 p.m.1 views

MAL-2025-9936 Malicious code in @zalastax/nolb-_dn (npm)

The package @zalastax/nolb-dn was found to contain malicious code...

7.2AI score
Exploits0
RedhatCVE
RedhatCVE
added 2025/05/23 6:37 a.m.5 views

CVE-2024-11842

The DN Shipping by Weight for WooCommerce WordPress plugin before 1.2 does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them via a CSRF attack...

4.3CVSS6.8AI score0.00211EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/04/25 6:2 p.m.5 views

CVE-2025-32535

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in digireturn DN Shipping by Weight for WooCommerce dn-shipping-by-weight allows Reflected XSS.This issue affects DN Shipping by Weight for WooCommerce: from n/a through = 1.2...

7.1CVSS7.2AI score0.00235EPSS
Exploits0References1
NVD
NVD
added 2025/04/17 4:15 p.m.4 views

CVE-2025-32535

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in digireturn DN Shipping by Weight for WooCommerce dn-shipping-by-weight allows Reflected XSS.This issue affects DN Shipping by Weight for WooCommerce: from n/a through = 1.2...

7.1CVSS0.00235EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/04/17 3:47 p.m.10 views

CVE-2025-32535 WordPress DN Shipping by Weight for WooCommerce Plugin <= 1.2 - Reflected Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in digireturn DN Shipping by Weight for WooCommerce allows Reflected XSS. This issue affects DN Shipping by Weight for WooCommerce: from n/a through 1.2...

7.1CVSS7AI score0.00235EPSS
Exploits0References1
CVE
CVE
added 2025/04/17 3:47 p.m.45 views

CVE-2025-32535

CVE-2025-32535 describes a Reflected XSS in the WordPress plugin Shipping by Weight for WooCommerce (DN Shipping by Weight). Affected versions include up to 1.2; attack vector is network-based with user interaction (REFLECTED XSS). The CVE’s base metrics indicate a HIGH impact on confidentiality,...

7.1CVSS7.2AI score0.00235EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/04/17 12:0 a.m.3 views

PT-2025-17106 · Woocommerce · Dn Shipping By Weight For Woocommerce

Name of the Vulnerable Software and Affected Versions: DN Shipping by Weight for WooCommerce versions 1.2 and earlier Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting, which allows Reflected XSS. This means an...

7.1CVSS7.3AI score0.00235EPSS
Exploits0References3
RedHat Linux
RedHat Linux
added 2025/04/08 1:8 a.m.6 views

389-ds-base: null pointer dereference leads to denial of service

A flaw was found in the 389-ds-base LDAP Server. This issue occurs when issuing a Modify DN LDAP operation through the ldap protocol, when the function return value is not tested and a NULL pointer is dereferenced. If a privileged user performs a ldap MODDN operation after a failed operation, it...

4.9CVSS5.7AI score0.00553EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2025/04/08 12:15 a.m.19 views

389-ds-base: null pointer dereference leads to denial of service

A flaw was found in the 389-ds-base LDAP Server. This issue occurs when issuing a Modify DN LDAP operation through the ldap protocol, when the function return value is not tested and a NULL pointer is dereferenced. If a privileged user performs a ldap MODDN operation after a failed operation, it...

4.9CVSS5.7AI score0.00553EPSS
Exploits0References5
RedhatCVE
RedhatCVE
added 2025/04/03 4:18 p.m.6 views

CVE-2025-31839

Cross-Site Request Forgery CSRF vulnerability in digireturn DN Footer Contacts dn-footer-contacts allows Cross Site Request Forgery.This issue affects DN Footer Contacts: from n/a through = 1.8.1...

4.3CVSS7.2AI score0.00197EPSS
Exploits0References1
NVD
NVD
added 2025/04/01 3:16 p.m.4 views

CVE-2025-31839

Cross-Site Request Forgery CSRF vulnerability in digireturn DN Footer Contacts dn-footer-contacts allows Cross Site Request Forgery.This issue affects DN Footer Contacts: from n/a through = 1.8.1...

4.3CVSS0.00197EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/04/01 12:0 a.m.2 views

WordPress plugin DN Footer Contacts 跨站请求伪造漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site request forger...

4.3CVSS6.1AI score0.00197EPSS
Exploits0References2
SUSE CVE
SUSE CVE
added 2025/03/19 2:51 a.m.1 views

SUSE CVE-2025-2487

A flaw was found in the 389-ds-base LDAP Server. This issue occurs when issuing a Modify DN LDAP operation through the ldap protocol, when the function return value is not tested and a NULL pointer is dereferenced. If a privileged user performs a ldap MODDN operation after a failed operation, it...

7.5CVSS6.5AI score0.00553EPSS
Exploits0References6
ATTACKERKB
ATTACKERKB
added 2025/03/18 5:15 p.m.2 views

CVE-2025-2487

A flaw was found in the 389-ds-base LDAP Server. This issue occurs when issuing a Modify DN LDAP operation through the ldap protocol, when the function return value is not tested and a NULL pointer is dereferenced. If a privileged user performs a ldap MODDN operation after a failed operation, it...

4.9CVSS5.8AI score0.00553EPSS
Exploits0References8Affected Software8
OSV
OSV
added 2025/03/18 5:15 p.m.11 views

CVE-2025-2487

A flaw was found in the 389-ds-base LDAP Server. This issue occurs when issuing a Modify DN LDAP operation through the ldap protocol, when the function return value is not tested and a NULL pointer is dereferenced. If a privileged user performs a ldap MODDN operation after a failed operation, it...

4.9CVSS6.6AI score0.00553EPSS
Exploits0References6
CVE
CVE
added 2025/03/18 4:25 p.m.86 views

CVE-2025-2487

CVE-2025-2487 affects the 389-ds-base LDAP server. The vulnerability stems from a path where a Modify DN (MODDN) operation can trigger a NULL pointer dereference when the operation sequence follows a failed operation, allowing a privileged, unauthenticated or authenticated user to cause a Denial ...

4.9CVSS4.9AI score0.00553EPSS
Exploits0References7
Positive Technologies
Positive Technologies
added 2025/03/18 12:0 a.m.3 views

PT-2025-11631

Name of the Vulnerable Software and Affected Versions 389-ds-base LDAP Server affected versions not specified Description A flaw was found in the 389-ds-base LDAP Server. This issue occurs when issuing a Modify DN LDAP operation through the ldap protocol, when the function return value is not...

6.8CVSS5.8AI score0.00553EPSS
Exploits0References47
NVD
NVD
added 2025/03/03 2:15 p.m.4 views

CVE-2025-23753

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in digireturn DN Sitemap Control dn-sitemap-control allows Reflected XSS.This issue affects DN Sitemap Control: from n/a through = 1.0.6...

7.1CVSS0.00363EPSS
Exploits0References1
Rows per page
Query Builder