Lucene search
K

5161 matches found

Nuclei
Nuclei
added yesterday81 views

Duplicate Page WordPress - Stored Cross-Site Scripting

Duplicate Page WordPress plugin = 4.4.2 contains a stored cross-site scripting caused by unsanitized Duplicate Post Suffix settings in output, letting high privilege users execute malicious scripts, exploit requires high privilege user role. id: CVE-2021-24681 info: name: Duplicate Page WordPress...

4.8CVSS6.1AI score0.0087EPSS
Exploits2References3
EUVD
EUVD
added 4 days ago8 views

EUVD-2026-42712

A Use of Multiple Resources with Duplicate Identifier vulnerability in the IKE daemon iked of Juniper Networks Junos OS on MX with SPC3 and SRX Series allows an unauthenticated, network-based attacker to cause a Denial-of-Service DoS. On an MX with SPC3 and SRX devices configured for VPN service,...

6.9CVSS5.9AI score0.00417EPSS
Exploits0References2
NVD
NVD
added 5 days ago7 views

CVE-2026-57024

A Use of Multiple Resources with Duplicate Identifier vulnerability in the IKE daemon iked of Juniper Networks Junos OS on MX with SPC3 and SRX Series allows an unauthenticated, network-based attacker to cause a Denial-of-Service DoS. On an MX with SPC3 and SRX devices configured for VPN service,...

6.9CVSS0.00417EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 5 days ago8 views

CVE-2026-57024

A Use of Multiple Resources with Duplicate Identifier vulnerability in the IKE daemon iked of Juniper Networks Junos OS on MX with SPC3 and SRX Series allows an unauthenticated, network-based attacker to cause a Denial-of-Service DoS. On an MX with SPC3 and SRX devices configured for VPN service,...

6.9CVSS5.9AI score0.00417EPSS
Exploits0References2Affected Software1
NVD
NVD
added 6 days ago8 views

CVE-2026-54779

CoreWCF is a port of the service side of Windows Communication Foundation WCF to .NET Core. Prior to 1.8.1 and 1.9.1, CoreWCF SAML token replay protection is inoperative because DefaultTokenReplayCache.TryAdd does not reject duplicate tokens when DetectReplayedTokens is enabled, allowing a captur...

5.9CVSS0.00268EPSS
Exploits0References6
EUVD
EUVD
added 6 days ago6 views

EUVD-2026-42300

js-yaml is a JavaScript YAML parser and dumper. From 5.0.0 before 5.2.1, YAML11SCHEMA support for the !!omap tag in src/tag/sequence/omap.ts uses omapTag.addItem to perform a linear duplicate-key scan on every insertion, causing On^2 CPU consumption when yaml.load parses a crafted ordered-map...

5.3CVSS6AI score0.00358EPSS
Exploits1References3
Debian CVE
Debian CVE
added 6 days ago5 views

CVE-2026-59870

js-yaml is a JavaScript YAML parser and dumper. From 5.0.0 before 5.2.1, YAML11SCHEMA support for the !!omap tag in src/tag/sequence/omap.ts uses omapTag.addItem to perform a linear duplicate-key scan on every insertion, causing On^2 CPU consumption when yaml.load parses a crafted ordered-map...

7.5CVSS6.5AI score0.00358EPSS
Exploits1
OSV
OSV
added 2026/07/02 7:46 p.m.4 views

GHSA-HHM7-QRV5-H4R6 Zebra: Repeated Non-Finalized Shielded Transaction Aborts Zebra Before Duplicate-Nullifier Rejection

Am I affected You are affected if: 1. You run zebrad up to and including v4.4.1. 2. Your node processes blocks past the checkpoint height non-finalized state is active. 3. The network has NU5 or later activated. All default configurations are affected. Summary Chain::push in the non-finalized sta...

5.9CVSS5.7AI score
Exploits0References5
NVD
NVD
added 2026/07/02 5:17 p.m.8 views

CVE-2026-50281

Craft CMS is a content management system CMS. Versions 5.7.0 and above, prior to 5.9.21 contain a mass-assignment flaw in the bulk-duplicate element action. An attacker who is only able to duplicate their own entires can submit an arbitrary id through the newAttributes request parameter. The...

7.1CVSS0.00253EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/07/02 4:2 p.m.35 views

CVE-2026-50281 Craft CMS: Mass assignment via id in newAttributes during bulk duplicate overwrites existing elements

Craft CMS is a content management system CMS. Versions 5.7.0 and above, prior to 5.9.21 contain a mass-assignment flaw in the bulk-duplicate element action. An attacker who is only able to duplicate their own entires can submit an arbitrary id through the newAttributes request parameter. The...

7.1CVSS0.00253EPSS
Exploits0References2
EUVD
EUVD
added 2026/07/02 4:2 p.m.7 views

EUVD-2026-41409

Craft CMS is a content management system CMS. Versions 5.7.0 and above, prior to 5.9.21 contain a mass-assignment flaw in the bulk-duplicate element action. An attacker who is only able to duplicate their own entires can submit an arbitrary id through the newAttributes request parameter. The...

7.1CVSS5.9AI score0.00253EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/07/02 4:2 p.m.8 views

CVE-2026-50281

Craft CMS is a content management system CMS. Versions 5.7.0 and above, prior to 5.9.21 contain a mass-assignment flaw in the bulk-duplicate element action. An attacker who is only able to duplicate their own entires can submit an arbitrary id through the newAttributes request parameter. The...

7.1CVSS5.9AI score0.00253EPSS
Exploits0References3Affected Software1
CVE
CVE
added 2026/07/02 4:2 p.m.18 views

CVE-2026-50281

Craft CMS vulnerability CVE-2026-50281 affects versions 5.7.0 through 5.9.20. A mass-assignment flaw in the bulk-duplicate element action allows an attacker who can duplicate their own entries to submit an arbitrary id via the newAttributes parameter. The duplication flow clones the source elemen...

7.1CVSS5.9AI score0.00253EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 2026/07/01 6:54 p.m.6 views

gnutls: gnutls: Denial of Service via DTLS packet reordering vulnerability

A flaw was found in gnutls. A remote attacker could exploit an issue in the Datagram Transport Layer Security DTLS packet reordering logic. The comparator function, responsible for ordering DTLS packets by sequence numbers, did not correctly handle packets with duplicate sequence numbers. This...

7.5CVSS5.8AI score0.01335EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2026/06/29 3:13 p.m.5 views

gnutls: gnutls: Denial of Service via DTLS packet reordering vulnerability

A flaw was found in gnutls. A remote attacker could exploit an issue in the Datagram Transport Layer Security DTLS packet reordering logic. The comparator function, responsible for ordering DTLS packets by sequence numbers, did not correctly handle packets with duplicate sequence numbers. This...

7.5CVSS5.8AI score0.01335EPSS
Exploits0References5
IBM Security Bulletins
IBM Security Bulletins
added 2026/06/29 10:17 a.m.7 views

Security Bulletin: Multiple security vulnerabilities are addressed with IBM Cloud Pak for Business Automation iFixes for June 2026.

Summary In addition to many updates of operating system level packages, the following security vulnerabilities are addressed with IBM Cloud Pak for Business Automation released in June 2026. Vulnerability Details CVEID:CVE-2025-12635 DESCRIPTION: IBM WebSphere Application Server 8.5, 9.0 and IBM...

9.8CVSS8.2AI score0.01815EPSS
Exploits5Affected Software2
RedHat Linux
RedHat Linux
added 2026/06/29 10:17 a.m.8 views

gnutls: gnutls: Denial of Service via DTLS packet reordering vulnerability

A flaw was found in gnutls. A remote attacker could exploit an issue in the Datagram Transport Layer Security DTLS packet reordering logic. The comparator function, responsible for ordering DTLS packets by sequence numbers, did not correctly handle packets with duplicate sequence numbers. This...

7.5CVSS5.8AI score0.01335EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2026/06/29 2:54 a.m.4 views

gnutls: gnutls: Denial of Service via DTLS packet reordering vulnerability

A flaw was found in gnutls. A remote attacker could exploit an issue in the Datagram Transport Layer Security DTLS packet reordering logic. The comparator function, responsible for ordering DTLS packets by sequence numbers, did not correctly handle packets with duplicate sequence numbers. This...

7.5CVSS5.8AI score0.01335EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2026/06/29 2:40 a.m.5 views

gnutls: gnutls: Denial of Service via DTLS packet reordering vulnerability

A flaw was found in gnutls. A remote attacker could exploit an issue in the Datagram Transport Layer Security DTLS packet reordering logic. The comparator function, responsible for ordering DTLS packets by sequence numbers, did not correctly handle packets with duplicate sequence numbers. This...

7.5CVSS5.8AI score0.01335EPSS
Exploits0References5
OSV
OSV
added 2026/06/26 10:49 p.m.3 views

GHSA-M34P-749J-X6M6 js-toml has silent type confusion via falsy-primitive duplicate-key bypass

Summary js-toml's interpreter checks whether a key already exists in a parser-built container with if objectkey instead of if key in object. When the prior value is a falsy primitive — false, 0, 0n, 0.0, -0, or "" — the duplicate-key branch is skipped and the value is silently overwritten by a...

5.3CVSS5.8AI score
Exploits0References2
Rows per page
Query Builder