Lucene search
+L

328 matches found

Vulnrichment
Vulnrichment
added 2026/02/07 5:52 a.m.4 views

CVE-2025-12803 Bold Builder <= 5.5.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via bt_bb_tabs Shortcode

The Bold Page Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin 'btbbtabs' shortcode in all versions up to, and including, 5.5.1 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated...

6.4CVSS5.7AI score0.00245EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2026/02/04 7:28 p.m.5 views

CVE-2026-25487

Craft Commerce is an ecommerce platform for Craft CMS. In versions from 4.0.0-RC1 to 4.10.0 and from 5.0.0 to 5.5.1, a stored XSS vulnerability in Craft Commerce allows attackers to execute malicious JavaScript in an administrator's browser. This occurs because the Tax Rates 'Name' field in the...

6.1CVSS5.5AI score0.00261EPSS
Exploits1References1
Positive Technologies
Positive Technologies
added 2026/02/04 12:0 a.m.7 views

PT-2026-6058

Name of the Vulnerable Software and Affected Versions Hillstone Networks Operation and Maintenance Security Gateway versions V5.5ST00001B113 Hillstone Networks Security Gateway version V5.5 Description The software contains a flaw related to unrestricted file uploads, potentially allowing an...

2.7CVSS5.4AI score0.00311EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2026/02/02 12:0 a.m.12 views

PT-2026-6294

Name of the Vulnerable Software and Affected Versions Craft Commerce versions 4.0.0-RC1 through 4.10.0 Craft Commerce versions 5.0.0 through 5.5.1 Description Craft Commerce, an ecommerce platform for Craft CMS, contains a stored cross-site scripting XSS issue. The issue resides in the Shipping...

6.2CVSS5.5AI score0.00261EPSS
Exploits1References9
Tenable Nessus
Tenable Nessus
added 2026/01/20 12:0 a.m.3 views

MiracleLinux 7 : mariadb-5.5.68-1.el7 (AXSA:2020-660:02)

The remote MiracleLinux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2020-660:02 advisory. mysql: Server: Optimizer unspecified vulnerability CPU Oct 2019 CVE-2019-2974 mysql: C API unspecified vulnerability CPU Apr 2020 CVE-2020-2752 mysql...

6.5CVSS7.2AI score0.03726EPSS
Exploits0References6
Tenable Nessus
Tenable Nessus
added 2026/01/16 12:0 a.m.10 views

MiracleLinux 4 : mysql55-mysql-5.5.50-1.AXS4 (AXSA:2016-581:02)

The remote MiracleLinux 4 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2016-581:02 advisory. MySQL is a multi-user, multi-threaded SQL database server. MySQL is a client/server implementation consisting of a server daemon mysqld and many...

7.2CVSS7AI score0.30146EPSS
Exploits6References27
Tenable Nessus
Tenable Nessus
added 2026/01/16 12:0 a.m.7 views

MiracleLinux 7 : mariadb-5.5.64-1.el7 (AXSA:2019-4127:01)

The remote MiracleLinux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2019-4127:01 advisory. mysql: MyISAM unspecified vulnerability CPU Jul 2018 CVE-2018-3058 mysql: Server: Security: Privileges unspecified vulnerability CPU Jul 2018...

6.5CVSS6.6AI score0.0461EPSS
Exploits0References10
Tenable Nessus
Tenable Nessus
added 2026/01/16 12:0 a.m.4 views

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-004000)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-004000 advisory. There is a use-after-free in kernel versions before 5.5 due to a race condition between the release of ptpclock and cdev while resource deallocation. When a high...

6.5CVSS6.8AI score0.00359EPSS
Exploits0References9
Tenable Nessus
Tenable Nessus
added 2026/01/16 12:0 a.m.6 views

MiracleLinux 3 : tomcat5-5.5.23-0jpp.40.0.1.AXS3 (AXSA:2013-538:02)

The remote MiracleLinux 3 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2013-538:02 advisory. Tomcat is the servlet container that is used in the official Reference Implementation for the Java Servlet and JavaServer Pages technologies. The Java Servlet...

6.9CVSS7.6AI score0.00372EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2026/01/16 12:0 a.m.4 views

Unity Linux 20.1070e Security Update: kernel (UTSA-2026-001346)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-001346 advisory. A flaw was found in the Linux kernel netfilter implementation in versions prior to 5.5-rc7. A user with root CAPSYSADMIN access is able to panic the system when...

4.9CVSS6.3AI score0.00242EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/01/16 12:0 a.m.16 views

MiracleLinux 7 : mysql55-mysql-5.5.50-1.el7 (AXSA:2016-579:01)

The remote MiracleLinux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2016-579:01 advisory. Security issues fixed with this release: CVE-2015-4792 Unspecified vulnerability in Oracle MySQL Server 5.5.45 and earlier and 5.6.26 and earlier...

8.1CVSS6.7AI score0.30146EPSS
Exploits6References41
Tenable Nessus
Tenable Nessus
added 2026/01/16 12:0 a.m.7 views

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-004449)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-004449 advisory. A flaw was found in the Linux kernel's implementation of string matching within a packet. A privileged user with root or CAPNETADMIN when inserting iptables rules...

4.4CVSS6.4AI score0.00277EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/01/16 12:0 a.m.5 views

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-003846)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-003846 advisory. In the Linux kernel before 5.5.8, getrawsocket in drivers/vhost/net.c lacks validation of an skfamily field, which might allow attackers to trigger kernel stack...

5.4CVSS6.5AI score0.00962EPSS
Exploits1References18
Tenable Nessus
Tenable Nessus
added 2026/01/16 12:0 a.m.7 views

MiracleLinux 7 : php55-php-5.5.21-5.el7 (AXSA:2016-632:01)

The remote MiracleLinux 7 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2016-632:01 advisory. Security issues fixed with this release: CVE-2016-5385 PHP through 7.0.8 does not attempt to address RFC 3875 section 4.1.18 namespace conflicts and therefore...

8.1CVSS7.2AI score0.50427EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/01/14 12:0 a.m.8 views

MiracleLinux 3 : tomcat5-5.5.23-0jpp.22.0.1.AXS3 (AXSA:2012-53:01)

The remote MiracleLinux 3 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2012-53:01 advisory. Tomcat is the servlet container that is used in the official Reference Implementation for the Java Servlet and JavaServer Pages technologies. The Java...

5CVSS5.9AI score0.10228EPSS
Exploits3References5
NVD
NVD
added 2026/01/13 5:15 p.m.5 views

CVE-2025-46684

Dell SupportAssist OS Recovery, versions prior to 5.5.15.1, contain a Creation of Temporary File With Insecure Permissions vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Information Tampering...

6.6CVSS0.00095EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/01/13 4:36 p.m.27 views

CVE-2025-46685

Dell SupportAssist OS Recovery, versions prior to 5.5.15.1, contain a Creation of Temporary File With Insecure Permissions vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Elevation of privileges...

7.5CVSS0.00089EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/01/13 12:0 a.m.6 views

Dell SupportAssist OS Recovery 安全漏洞

Dell SupportAssist OS Recovery is a Dell USA company that provides a recovery environment that contains tools for diagnosing and resolving problems that may occur before the computer boots into the operating system. A security vulnerability exists in Dell SupportAssist OS Recovery versions prior ...

7.8CVSS5.8AI score0.00089EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 11:29 a.m.5 views

CVE-2021-27581

The Blog module in Kentico CMS 5.5 R2 build 5.5.3996 allows SQL injection via the tagname parameter...

9.8CVSS8AI score0.01632EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 10:0 a.m.9 views

CVE-2020-7198

There is a remote escalation of privilege possible for a malicious user that has a OneView account in OneView and Synergy Composer. HPE has provided updates to Oneview and Synergy Composer: Update to version 5.5 of OneView, Composer, or Composer2...

8.8CVSS7.6AI score0.0203EPSS
Exploits0References1
Rows per page
Query Builder