Lucene search
K

822 matches found

Tenable Nessus
Tenable Nessus
added 2026/01/24 12:0 a.m.3 views

SUSE SLES15: libsoup-2_4-1 / libsoup2-devel / libsoup2-lang / etc (SUSE-SU-2026:0258-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:0258-1 advisory. - CVE-2025-14523: Reject duplicated Host in headers and followed upstream update bsc1254876. - CVE-2026-0719: Fixed overflow for...

8.6CVSS6.7AI score0.00557EPSS
Exploits0References7
EUVD
EUVD
added 2026/01/23 2:58 a.m.6 views

EUVD-2026-4473

ALGO 8180 IP Audio Alerter Web UI Command Injection Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of ALGO 8180 IP Audio Alerter devices. Authentication is required to exploit this vulnerability. The specific fla...

7.2CVSS6.5AI score0.0148EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2026/01/23 12:0 a.m.4 views

Unity Linux 20.1050e Security Update: kernel (UTSA-2026-004834)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-004834 advisory. In the Linux kernel, the following vulnerability has been resolved: ceph: avoid putting the realm twice when decoding snaps fails When decoding the snaps fails it...

7.8CVSS5.3AI score0.0019EPSS
Exploits0References4
EUVD
EUVD
added 2026/01/22 4:52 p.m.4 views

EUVD-2026-3819

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in PenciDesign Penci Shortcodes & Performance penci-shortcodes allows DOM-Based XSS.This issue affects Penci Shortcodes & Performance: from n/a through = 6.1...

5.4AI score0.0013EPSS
Exploits0References2
SUSE Linux
SUSE Linux
added 2026/01/22 4:8 p.m.5 views

Security update for libsoup2

This update for libsoup2 fixes the following issues: CVE-2025-14523: Reject duplicated Host in headers and followed upstream update bsc1254876. CVE-2026-0719: Fixed overflow for password md4sum bsc1256399 Patch Instructions: To install this SUSE update use the SUSE recommended installation method...

9.2CVSS5.5AI score0.00557EPSS
Exploits0References8
OSV
OSV
added 2026/01/22 4:8 p.m.5 views

SUSE-SU-2026:0253-1 Security update for libsoup2

This update for libsoup2 fixes the following issues: - CVE-2025-14523: Reject duplicated Host in headers and followed upstream update bsc1254876. - CVE-2026-0719: Fixed overflow for password md4sum bsc1256399...

8.6CVSS5.8AI score0.00557EPSS
Exploits0References5
OSV
OSV
added 2026/01/21 4:13 p.m.6 views

GHSA-FQCV-8859-86X2 CoreShop Vulnerable to SQL Injection via Admin customer-company-modifier

SQL Injection in CustomerTransformerController Summary An error-based SQL Injection vulnerability was identified in the CustomerTransformerController within the CoreShop admin panel. The affected endpoint improperly interpolates user-supplied input into a SQL query, leading to database error...

6.9CVSS6.2AI score0.00381EPSS
Exploits0References5
Github Security Blog
Github Security Blog
added 2026/01/21 4:13 p.m.10 views

CoreShop Vulnerable to SQL Injection via Admin customer-company-modifier

SQL Injection in CustomerTransformerController Summary An error-based SQL Injection vulnerability was identified in the CustomerTransformerController within the CoreShop admin panel. The affected endpoint improperly interpolates user-supplied input into a SQL query, leading to database error...

6.9CVSS6.2AI score0.00381EPSS
Exploits0References5Affected Software1
Positive Technologies
Positive Technologies
added 2026/01/21 12:0 a.m.8 views

PT-2026-3891

Name of the Vulnerable Software and Affected Versions CoreShop versions prior to 4.1.9 Description An error-based SQL Injection issue exists in the CustomerTransformerController within the CoreShop admin panel. The affected endpoint improperly incorporates user-supplied input into a SQL query,...

6.9CVSS5.9AI score0.00381EPSS
Exploits0References6
EUVD
EUVD
added 2026/01/19 5:2 a.m.5 views

EUVD-2026-3239

A vulnerability has been found in UTT 进取 520W 1.7.7-180627. This vulnerability affects the function strcpy of the file /goform/ConfigExceptMSN. The manipulation leads to buffer overflow. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used...

9CVSS6AI score0.00855EPSS
Exploits1References5
SUSE Linux
SUSE Linux
added 2026/01/14 1:47 p.m.3 views

Security update for libsoup

This update for libsoup fixes the following issues: CVE-2025-14523: Reject duplicated Host in headers bsc1254876. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can run the command listed fo...

8.3CVSS7AI score0.00496EPSS
Exploits0References4
EUVD
EUVD
added 2026/01/14 12:31 a.m.8 views

EUVD-2026-2609

EUVD-2026-2609...

8.5CVSS6.4AI score0.00185EPSS
Exploits1References4
Tenable Nessus
Tenable Nessus
added 2026/01/14 12:0 a.m.3 views

MiracleLinux 8 : libsoup-2.62.3-11.el8_10 (AXSA:2026-026:01)

The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2026-026:01 advisory. libsoup: libsoup: Duplicate Host Header Handling Causes Host-Parsing Discrepancy First- vs Last-Value Wins CVE-2025-14523 Tenable has extracted the preceding...

8.2CVSS5.4AI score0.00496EPSS
Exploits0References2
Patchstack
Patchstack
added 2026/01/13 9:13 p.m.5 views

WordPress WP Duplicate Page plugin <= 1.8 - Missing Authorization to Authenticated (Contributor+) Arbitrary Post Duplication vulnerability

Missing Authorization to Authenticated Contributor+ Arbitrary Post Duplication vulnerability discovered by Sarawut Poolkhet MisterHelloz in WordPress Plugin WP Duplicate Page versions = 1.8...

5.4CVSS6.8AI score0.00227EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2026/01/13 11:21 a.m.26 views

CVE-2025-14001 WP Duplicate Page <= 1.8 - Missing Authorization to Authenticated (Contributor+) Arbitrary Post Duplication

The WP Duplicate Page plugin for WordPress is vulnerable to unauthorized modification of data due to missing capability checks on the 'duplicateBulkHandle' and 'duplicateBulkHandleHPOS' functions in all versions up to, and including, 1.8. This makes it possible for authenticated attackers, with...

5.4CVSS0.00227EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2026/01/13 11:21 a.m.4 views

CVE-2025-14001 WP Duplicate Page <= 1.8 - Missing Authorization to Authenticated (Contributor+) Arbitrary Post Duplication

The WP Duplicate Page plugin for WordPress is vulnerable to unauthorized modification of data due to missing capability checks on the 'duplicateBulkHandle' and 'duplicateBulkHandleHPOS' functions in all versions up to, and including, 1.8. This makes it possible for authenticated attackers, with...

5.4CVSS4.9AI score0.00227EPSS
Exploits0References4
CVE
CVE
added 2026/01/13 11:21 a.m.17 views

CVE-2025-14001

CVE-2025-14001 relates to the WordPress plugin WP Duplicate Page (versions

5.4CVSS4.9AI score0.00227EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2026/01/09 11:11 a.m.10 views

CVE-2016-10840

cPanel before 11.54.0.4 allows arbitrary code execution during locale duplication SEC-72...

9CVSS7.8AI score0.02058EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 9:5 a.m.12 views

CVE-2024-41565

JustEnoughItems JEI 19.5.0.33 and before contains an Improper Validation of Specified Index, Position, or Offset in Input vulnerability. The specific issue is a failure to validate slot index in JEI for Minecraft, which allows in-game item duplication...

5.3CVSS6.8AI score0.00311EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 9:4 a.m.5 views

CVE-2024-41564

EMI v.1.1.10 and before, fixed in v.1.1.11, contains an Improper Validation of Specified Index, Position, or Offset in Input vulnerability. The specific issue is a failure to validate slot index and decrement stack count in EMI mod for Minecraft, which allows in-game item duplication...

5.3CVSS6.8AI score0.00266EPSS
Exploits0References1
Rows per page
Query Builder