Lucene search
K

32 matches found

RedhatCVE
RedhatCVE
added 2026/05/04 8:21 p.m.8 views

CVE-2026-5337

During the analysis, it was identified that authenticated attackers with Subscriber-level access or higher are able to perform an Insecure Direct Object Reference IDOR attack. This vulnerability exists because the Frontend File Manager Plugin WordPress plugin through 23.6 does not properly valida...

6.5CVSS5.8AI score0.00212EPSS
Exploits0References1
Snyk
Snyk
added 2025/09/15 7:39 a.m.3 views

Embedded Malicious Code

Overview Affected versions of this package are vulnerable to Embedded Malicious Code. Compromised versions of this package contain a file called bundle.js that exfiltrates secrets from the user's accounts, including credentials and API tokens. It also downloads malicious files and repackages them...

9.8CVSS7AI score
Exploits0References2
NCSC
NCSC
added 2025/04/17 7:11 a.m.7 views

Vulnerability fixed in Cisco Webex App

Cisco has fixed a vulnerability in the Cisco Webex App. The vulnerability is in the way the Cisco Webex App handles its custom URL parser. Unauthenticated remote malicious actors can exploit this vulnerability to trick users into downloading arbitrary files, which can lead to unauthorized command...

8.8CVSS7AI score0.00939EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/11/26 1:33 p.m.19 views

CVE-2024-11693

The executable file warning was not presented when downloading .library-ms files. Note: This issue only affected Windows operating systems. Other operating systems are unaffected. This vulnerability affects Firefox 133, Firefox ESR 128.5, Thunderbird 133, and Thunderbird 128.5...

0.00833EPSS
Exploits0References5
Vulnrichment
Vulnrichment
added 2024/10/24 7:47 a.m.16 views

CVE-2024-6049 Unauthenticated Path Traversal

The web server of Lawo AG vsm LTC Time Sync vTimeSync is affected by a "..." triple dot path traversal vulnerability. By sending a specially crafted HTTP request, an unauthenticated remote attacker could download arbitrary files from the operating system. As a limitation, the exploitation is only...

7.3AI score0.04325EPSS
Exploits1References2
Prion
Prion
added 2023/10/25 6:17 p.m.28 views

Command injection

The executable file warning was not presented when downloading .msix, .msixbundle, .appx, and .appxbundle files, which can run commands on a user's computer. Note: This issue only affected Windows operating systems. Other operating systems are unaffected. This vulnerability affects Firefox 119,...

4.3CVSS6.9AI score0.00863EPSS
Exploits0References4Affected Software3
RedHat Linux
RedHat Linux
added 2023/08/01 8:55 a.m.49 views

Moderate: Red Hat Security Advisory: curl security update

An update for curl is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the C...

5.9CVSS6.6AI score0.02211EPSS
Exploits2References3
OSV
OSV
added 2023/08/01 12:0 a.m.41 views

ALSA-2023:4354 Moderate: curl security update

The curl packages provide the libcurl library and the curl utility for downloading files from servers using various protocols, including HTTP, FTP, and LDAP. Security Fixes: curl: IDN wildcard match may lead to Improper Cerificate Validation CVE-2023-28321 curl: more POST-after-PUT confusion...

5.9CVSS7AI score0.02211EPSS
Exploits2References6
Debian CVE
Debian CVE
added 2023/06/02 12:0 a.m.36 views

CVE-2023-25729

Permission prompts for opening external schemes were only shown for ContentPrincipals resulting in extensions being able to open them without user interaction via ExpandedPrincipals. This could lead to further malicious actions such as downloading files or interacting with software already...

8.8CVSS8.4AI score0.00681EPSS
Exploits0
OSV
OSV
added 2023/05/16 12:0 a.m.30 views

ALSA-2023:2963 Low: curl security and bug fix update

The curl packages provide the libcurl library and the curl utility for downloading files from servers using various protocols, including HTTP, FTP, and LDAP. Security Fixes: curl: Incorrect handling of control code characters in cookies CVE-2022-35252 curl: Use-after-free triggered by an HTTP pro...

5.9CVSS7.1AI score0.02511EPSS
Exploits2References6
RedHat Linux
RedHat Linux
added 2023/05/09 11:16 a.m.43 views

Moderate: Red Hat Security Advisory: curl security update

An update for curl is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the C...

5.9CVSS6.7AI score0.01607EPSS
Exploits1References2
Prion
Prion
added 2023/05/08 9:15 p.m.18 views

Path traversal

AgilePoint NX v8.0 SU2.2 & SU2.3 - Path traversal - Vulnerability allows path traversal and downloading files from the server, by an unspecified request...

5CVSS7.6AI score0.00701EPSS
Exploits0References1Affected Software1
Rockylinux
Rockylinux
added 2023/02/22 1:8 a.m.33 views

curl bug fix and enhancement update

An update is available for curl. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The curl packages provide the libcurl library and the curl utility for downloadi...

0.6AI score
Exploits0
OSV
OSV
added 2023/01/23 2:30 p.m.29 views

RLSA-2023:0333 Moderate: curl security update

The curl packages provide the libcurl library and the curl utility for downloading files from servers using various protocols, including HTTP, FTP, and LDAP. Security Fixes: curl: POST following PUT confusion CVE-2022-32221 For more details about the security issues, including the impact, a CVSS...

4.8CVSS7.9AI score0.04325EPSS
Exploits1References2
OSV
OSV
added 2023/01/23 12:0 a.m.53 views

ALSA-2023:0333 Moderate: curl security update

The curl packages provide the libcurl library and the curl utility for downloading files from servers using various protocols, including HTTP, FTP, and LDAP. Security Fixes: curl: POST following PUT confusion CVE-2022-32221 For more details about the security issues, including the impact, a CVSS...

9.8CVSS7.9AI score0.04325EPSS
Exploits1References4
RedHat Linux
RedHat Linux
added 2022/11/15 3:3 p.m.38 views

Low: Red Hat Security Advisory: curl security update

An update for curl is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Low. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE...

7.5CVSS6.7AI score0.02794EPSS
Exploits1References3
AlmaLinux
AlmaLinux
added 2022/11/15 12:0 a.m.42 views

Low: curl security update

The curl packages provide the libcurl library and the curl utility for downloading files from servers using various protocols, including HTTP, FTP, and LDAP. Security Fixes: curl: bad local IPv6 connection reuse CVE-2022-27775 For more details about the security issues, including the impact, a CV...

7.5CVSS7.7AI score0.02794EPSS
Exploits1References4
Wordfence Blog
Wordfence Blog
added 2022/06/15 12:0 p.m.18 views

Top Five Attacking IPs This Month: Their Locations May Not Be Where You Think

At Wordfence, we see large amounts of threat actor data, and often that data tells unexpected stories. Taking a look at just the top five attacking IP addresses over a 30 day period, you might be surprised to find out where these attacks are originating, and what they are doing. When most people...

Exploits0
RedHat Linux
RedHat Linux
added 2021/11/02 9:6 a.m.86 views

Moderate: Red Hat Security Advisory: curl security update

An update for curl is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the C...

7.5CVSS6.8AI score0.04224EPSS
Exploits2References3
OSV
OSV
added 2021/11/02 7:49 a.m.36 views

RLSA-2021:4059 Moderate: curl security update

The curl packages provide the libcurl library and the curl utility for downloading files from servers using various protocols, including HTTP, FTP, and LDAP. Security Fixes: curl: Requirement to use TLS not properly enforced for IMAP, POP3, and FTP protocols CVE-2021-22946 curl: Server responses...

7.5CVSS7AI score0.04224EPSS
Exploits2References3
Rows per page
Query Builder