Lucene search
K

3786 matches found

Tenable Nessus
Tenable Nessus
added 2025/03/06 12:0 a.m.8 views

Linux Distros Unpatched Vulnerability : CVE-2025-21733

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: tracing/osnoise: Fix resetting of tracepoints If a timerlat tracer is started with the osnoi...

5.5CVSS6.2AI score0.00178EPSS
Exploits0References3
CVE
CVE
added 2025/03/05 11:22 a.m.46 views

CVE-2024-13471

CVE-2024-13471 affects DesignThemes Core Features for WordPress prior to patch/fix. The vulnerability arises from a missing capability check in dt_process_imported_file, allowing unauthenticated attackers to read arbitrary files on the server. Affected versions are DesignThemes Core Features

7.5CVSS7.1AI score0.00498EPSS
Exploits0References2
Cvelist
Cvelist
added 2025/03/05 11:22 a.m.11 views

CVE-2024-13471 DesignThemes Core Features <= 4.7 - Missing Authorization to Unauthenticated Arbitrary File Read via dt_process_imported_file

The DesignThemes Core Features plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the dtprocessimportedfile function in all versions up to, and including, 4.7. This makes it possible for unauthenticated attackers to read arbitrary files on the...

7.5CVSS0.00498EPSS
Exploits0References2
CNNVD
CNNVD
added 2025/03/05 12:0 a.m.2 views

WordPress plugin DesignThemes Core Features 路径遍历漏洞

WordPress and WordPress plugin are products of the WordPress Foundation, a blogging platform developed in the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A path traversal vulnerability exists in WordPress plugin...

7.5CVSS8.7AI score0.00498EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2025/03/05 12:0 a.m.3 views

Linux Distros Unpatched Vulnerability : CVE-2024-45017

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: net/mlx5: Fix IPsec RoCE MPV trace call Prevent the call trace below from happening, by not...

5.5CVSS5.6AI score0.00183EPSS
Exploits0References3
Patchstack
Patchstack
added 2025/03/04 11:22 p.m.4 views

WordPress DesignThemes Core Features plugin <= 4.7 - Missing Authorization to Unauthenticated Arbitrary File Read via dt_process_imported_file vulnerability

Missing Authorization to Unauthenticated Arbitrary File Read via dtprocessimportedfile vulnerability discovered by Tonn in WordPress Plugin DesignThemes Core Features versions = 4.7...

7.5CVSS7AI score0.00498EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2025/03/04 4:53 p.m.68 views

CVE-2025-27156

Tuleap CVE-2025-27156 affects the mass emailing feature, where HTML content in emails is not sanitized, enabling content injection that could facilitate phishing or indirect exploitation of recipients’ mail clients. Affected versions include Tuleap Community Edition prior to 16.4.99.1740567344 an...

5.4CVSS4.4AI score0.00242EPSS
Exploits0References3Affected Software1
OSV
OSV
added 2025/03/04 4:53 p.m.15 views

CVE-2025-27156 Tuleap allows content injection via emails sent by the mass emailing features

Tuleap is an Open Source Suite to improve management of software developments and collaboration. The mass emailing features do not sanitize the content of the HTML emails. A malicious user could use this issue to facilitate a phishing attempt or to indirectly exploit issues in the recipients mail...

4.1CVSS6.7AI score0.00242EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2025/03/04 8:1 a.m.26 views

Important: Red Hat Security Advisory: emacs security update

An update for emacs is now available for Red Hat Enterprise Linux 9.4 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...

8.8CVSS7.4AI score0.02679EPSS
Exploits0References2
Spring Security Advisories
Spring Security Advisories
added 2025/03/04 12:0 a.m.8 views

Spring gRPC 0.4.0 for great good!

NB : you can find the working code for this blog here There's a new release of the amazing—if experimental—Spring gRPC project: version 0.4.0. I won't get into the nitty-gritty of all that's new, but I just wanted to highlight how elated I am to use it and walk you through the step-by-step path t...

7.4AI score
Exploits0
RedHat Linux
RedHat Linux
added 2025/03/03 4:37 p.m.32 views

Important: Red Hat Security Advisory: emacs security update

An update for emacs is now available for Red Hat Enterprise Linux 7 Extended Lifecycle Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...

8.8CVSS7.4AI score0.02679EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 2025/03/03 1:48 a.m.15 views

Important: Red Hat Security Advisory: emacs security update

An update for emacs is now available for Red Hat Enterprise Linux 9.2 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...

8.8CVSS7.4AI score0.02679EPSS
Exploits0References2
CNVD
CNVD
added 2025/02/28 12:0 a.m.2 views

Microsoft Edge (Chromium-based) Security Feature Bypass Vulnerability (CNVD-2025-23063)

Microsoft Edge is a web browser from the American company Microsoft that comes with systems after Windows 10. A security feature bypass vulnerability exists in Microsoft Edge Chromium-based, which can be exploited by attackers to bypass certain features...

4.5CVSS6.5AI score0.00313EPSS
Exploits0References1
MongoDB
MongoDB
added 2025/02/27 1:15 p.m.31 views

MongoDB Shell may be susceptible to local privilege escalation in Windows

mongosh may be susceptible to local privilege escalation under certain conditions potentially enabling unauthorized actions on a user's system with elevated privilege, when a crafted file is stored in C:\nodemodules. This issue affects mongosh prior to 2.3.0...

7.8CVSS6.6AI score0.00135EPSS
Exploits0References1Affected Software1
Tenable Nessus
Tenable Nessus
added 2025/02/27 12:0 a.m.13 views

SUSE SLED15 / SLES15 / openSUSE 15 : Recommended update for Maven (SUSE-SU-2025:0719-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2025:0719-1 advisory. maven-dependency-analyzer was updated from version 1.13.2 to 1.15.1: - Key changes across versions: Bug...

9CVSS6.8AI score0.22709EPSS
Exploits0References3
CNNVD
CNNVD
added 2025/02/27 12:0 a.m.3 views

Memos 安全漏洞

Memos is a Memos open source open source hosted meme center with knowledge management and social features. A security vulnerability exists in Memos version 0.23.0 that stems from insufficient user-supplied URL validation, which could lead to an SSRF attack...

9.8CVSS6.3AI score0.02818EPSS
Exploits1References4
Debian CVE
Debian CVE
added 2025/02/26 1:56 a.m.7 views

CVE-2022-49273

In the Linux kernel, the following vulnerability has been resolved: rtc: pl031: fix rtc features null pointer dereference When there is no interrupt line, rtc alarm feature is disabled. The clearing of the alarm feature bit was being done prior to allocations of ldata-rtc device, resulting in a...

5.5CVSS5.4AI score0.0024EPSS
Exploits0
GithubExploit
GithubExploit
added 2025/02/25 8:26 a.m.590 views

Exploit for CVE-2025-23942

WP Load Gallery Exploit CVE-2025-23942 📌 Description Unr...

9.1CVSS8AI score0.02622EPSS
Exploits1
Tenable Nessus
Tenable Nessus
added 2025/02/25 12:0 a.m.3 views

Magento Installed Packages

Binary data adobemagentopackageenum.nbin...

7.3AI score
Exploits0
Fedora
Fedora
added 2025/02/22 1:29 a.m.7 views

[SECURITY] Fedora 40 Update: proftpd-1.3.8c-3.fc40

ProFTPD is an enhanced FTP server with a focus toward simplicity, security, and ease of configuration. It features a very Apache-like configuration syntax, and a highly customizable server infrastructure, including support for multiple 'virtual' FTP servers, anonymous FTP, and permission-based...

7.5CVSS6.3AI score0.01064EPSS
Exploits0
Rows per page
Query Builder