Lucene search
K

177 matches found

Vulnrichment
Vulnrichment
added 2026/06/09 11:48 p.m.7 views

CVE-2026-41714 In Spring AMQP the RabbitConnectionFactoryBean.setUri("amqps://...") bypasses secure SSL setup, uses TrustEverythingTrustManager

Applications that configure their broker connection via RabbitConnectionFactoryBean.setUri"amqps://..." without also calling setUseSSLtrue get TLS encryption with no certificate validation and no hostname verification. Affected versions: Spring AMQP 4.0.0 through 4.0.3; 3.2.0 through 3.2.10; 3.1....

4CVSS5.4AI score0.00132EPSS
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/03/20 4:45 a.m.8 views

Malicious code in kyxserver-everything (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7be104f8e720927f9b7ea1bb3d036db80ffa6b65c8b7f0a6c8af29d1d4631f43 The package kyxserver-everything was found to contain malicious code. Source: ghsa-malware...

5.7AI score
Exploits0References1
OSV
OSV
added 2026/03/20 4:45 a.m.3 views

MAL-2026-1955 Malicious code in kyxserver-everything (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7be104f8e720927f9b7ea1bb3d036db80ffa6b65c8b7f0a6c8af29d1d4631f43 The package kyxserver-everything was found to contain malicious code. Source: ghsa-malware...

5.7AI score
Exploits0References1
Packet Storm News
Packet Storm News
added 2026/03/02 12:0 a.m.3 views

Comparison of Credential Management Systems Based on the Standards of IEEE, ETSI, and YD/T 3957-2021

As V2X Vehicle-to-Everything technology becomes increasingly prevalent, the security of V2X networks has garnered growing attention worldwide. In North America, the IEEE 1609 series standards are primarily used, while Europe adopts the ETSI series standards, and China has also established its...

5.9AI score
Exploits0
RedhatCVE
RedhatCVE
added 2026/02/20 1:26 p.m.7 views

CVE-2026-27057

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in PenciDesign Penci Filter Everything penci-filter-everything allows Stored XSS.This issue affects Penci Filter Everything: from n/a through = 1.7...

6.5CVSS5.5AI score0.0013EPSS
Exploits0References1
NVD
NVD
added 2026/02/19 9:16 a.m.8 views

CVE-2026-27057

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in PenciDesign Penci Filter Everything penci-filter-everything allows Stored XSS.This issue affects Penci Filter Everything: from n/a through = 1.7...

6.5CVSS0.0013EPSS
Exploits0References1
CVE
CVE
added 2026/02/19 8:27 a.m.16 views

CVE-2026-27057

CVE-2026-27057 concerns the WordPress plugin Penci Filter Everything by PenciDesign (versions

6.5CVSS5.4AI score0.0013EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/02/19 8:27 a.m.3 views

CVE-2026-27057

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in PenciDesign Penci Filter Everything penci-filter-everything allows Stored XSS.This issue affects Penci Filter Everything: from n/a through = 1.7...

5.5AI score0.0013EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/02/19 8:27 a.m.31 views

CVE-2026-27057 WordPress Penci Filter Everything plugin <= 1.7 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in PenciDesign Penci Filter Everything penci-filter-everything allows Stored XSS.This issue affects Penci Filter Everything: from n/a through = 1.7...

6.5CVSS0.0013EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/02/19 12:0 a.m.8 views

PT-2026-20763

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in PenciDesign Penci Filter Everything penci-filter-everything allows Stored XSS.This issue affects Penci Filter Everything: from n/a through = 1.7...

5.5AI score0.0013EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/23 9:15 p.m.6 views

CVE-2026-24371

Missing Authorization vulnerability in bookingalgorithms BA Book Everything ba-book-everything allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects BA Book Everything: from n/a through = 1.8.16...

4.3CVSS5.4AI score0.00155EPSS
Exploits0References1
NVD
NVD
added 2026/01/22 5:16 p.m.4 views

CVE-2026-24371

Missing Authorization vulnerability in bookingalgorithms BA Book Everything ba-book-everything allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects BA Book Everything: from n/a through = 1.8.16...

4.3CVSS0.00155EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/01/22 4:52 p.m.20 views

CVE-2026-24371 WordPress BA Book Everything plugin <= 1.8.16 - Broken Access Control vulnerability

Missing Authorization vulnerability in bookingalgorithms BA Book Everything ba-book-everything allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects BA Book Everything: from n/a through = 1.8.16...

4.3CVSS0.00155EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/01/22 4:52 p.m.2 views

CVE-2026-24371

Missing Authorization vulnerability in bookingalgorithms BA Book Everything ba-book-everything allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects BA Book Everything: from n/a through = 1.8.16...

9.8CVSS5.3AI score0.00155EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/01/22 4:52 p.m.3 views

CVE-2026-24371 WordPress BA Book Everything plugin <= 1.8.16 - Broken Access Control vulnerability

Missing Authorization vulnerability in bookingalgorithms BA Book Everything ba-book-everything allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects BA Book Everything: from n/a through = 1.8.16...

4.3CVSS5.9AI score0.00155EPSS
Exploits0References1
CVE
CVE
added 2026/01/22 4:52 p.m.15 views

CVE-2026-24371

CVE-2026-24371 is a Missing Authorization (Broken Access Control) vulnerability in the WordPress plugin BA Book Everything (ba-book-everything) affecting versions up to 1.8.16. The RedHat/NVD entries describe an access-control weakness allowing exploitation via misconfigured security levels. The ...

4.3CVSS5.4AI score0.00155EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/01/22 12:0 a.m.4 views

WordPress plugin BA Book Everything security vulnerabilities

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. WordPres...

4.3CVSS5.8AI score0.00155EPSS
Exploits0References1
Patchstack
Patchstack
added 2026/01/11 7:45 p.m.7 views

WordPress Penci Filter Everything plugin <= 1.7 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by João Pedro S Alcântara Kinorth in WordPress Plugin Penci Filter Everything versions = 1.7...

6.5CVSS5.4AI score0.0013EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2026/01/08 6:46 p.m.6 views

WordPress BA Book Everything plugin <= 1.8.16 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Legion Hunter in WordPress Plugin BA Book Everything versions = 1.8.16...

9.8CVSS5.4AI score0.00155EPSS
Exploits0Affected Software1
EUVD
EUVD
added 2025/12/19 9:30 a.m.3 views

EUVD-2025-204470

The BA Book Everything plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's babe-search-form shortcode in all versions up to, and including, 1.8.14 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for...

6.4CVSS4.7AI score0.00155EPSS
Exploits0References3
Rows per page
Query Builder