Lucene search
K

13 matches found

CVE
CVE
added 2026/05/30 9:29 a.m.39 views

CVE-2026-7459

The CVE concerns the Simple History – Track, Log, and Audit WordPress Changes plugin for WordPress (

7.5CVSS5.8AI score0.00593EPSS
Exploits1References12
OSV
OSV
added 2026/05/29 3:59 p.m.9 views

GHSA-PJWM-PJ3P-43MV axios's shouldBypassProxy does not recognize IPv4-mapped IPv6 addresses, allowing NO_PROXY bypass (incomplete fix for CVE-2025-62718)

Summary shouldBypassProxy, introduced in v1.15.0 to fix CVE-2025-62718, does not normalise IPv4-mapped IPv6 addresses. When NOPROXY lists an IPv4 address such as 127.0.0.1 or 169.254.169.254, a request URL using the IPv4-mapped IPv6 form ::ffff:7f00:1, ::ffff:a9fe:a9fe still routes through the...

8.6CVSS6.6AI score0.01186EPSS
Exploits2References3
RedhatCVE
RedhatCVE
added 2026/01/08 3:14 a.m.4 views

CVE-2025-46696

Dell Secure Connect Gateway SCG 5.0 Appliance and Application, versions versions 5.26 to 5.30, contains an Execution with Unnecessary Privileges vulnerability. A high privileged attacker with local access could potentially exploit this vulnerability, leading to Elevation of privileges...

6.4CVSS6.3AI score0.00099EPSS
Exploits0References1
NVD
NVD
added 2026/01/06 3:15 p.m.5 views

CVE-2025-46696

Dell Secure Connect Gateway SCG 5.0 Appliance and Application, versions versions 5.26 to 5.30, contains an Execution with Unnecessary Privileges vulnerability. A high privileged attacker with local access could potentially exploit this vulnerability, leading to Elevation of privileges...

6.7CVSS0.00099EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/01/06 3:1 p.m.5 views

CVE-2025-46696

Dell Secure Connect Gateway SCG 5.0 Appliance and Application, versions versions 5.26 to 5.30, contains an Execution with Unnecessary Privileges vulnerability. A high privileged attacker with local access could potentially exploit this vulnerability, leading to Elevation of privileges...

6.4CVSS6AI score0.00099EPSS
Exploits0References1
CVE
CVE
added 2025/10/18 6:42 a.m.30 views

CVE-2025-11517

CVE-2025-11517 affects the WordPress plugin “Event Tickets and Registration” (

7.5CVSS5.6AI score0.0037EPSS
Exploits0References2
CNNVD
CNNVD
added 2025/09/09 12:0 a.m.6 views

Baicells EG7035E-M11 跨站脚本漏洞

The Baicells EG7035E-M11 is an LTE base station from Baicells. A cross-site scripting vulnerability exists in the Baicells EG7035E-M11 BaiCEBM2.5.26NA version, which stems from improper input neutralization could lead to a cross-site scripting attack...

6.1CVSS6AI score0.00181EPSS
Exploits0References1
OSV
OSV
added 2023/10/12 5:15 p.m.3 views

DEBIAN-CVE-2023-45143

Undici is an HTTP/1.1 client written from scratch for Node.js. Prior to version 5.26.2, Undici already cleared Authorization headers on cross-origin redirects, but did not clear Cookie headers. By design, cookie headers are forbidden request headers, disallowing them to be set in...

3.5CVSS6.2AI score0.01223EPSS
Exploits0References1
CNNVD
CNNVD
added 2023/05/10 12:0 a.m.5 views

Western Digital My Cloud 操作系统命令注入漏洞

Western Digital My Cloud is a personal cloud storage device from Western Digital. A security vulnerability exists in Western Digital My Cloud OS 5 prior to version 5.26.119, which stems from an operating system command injection vulnerability that can be exploited by an attacker to remotely execu...

9.8CVSS8.5AI score0.01483EPSS
Exploits0References2
SUSE CVE
SUSE CVE
added 2023/02/15 4:30 a.m.2 views

SUSE CVE-2018-6797

An issue was discovered in Perl 5.18 through 5.26. A crafted regular expression can cause a heap-based buffer overflow, with control over the bytes written...

4CVSS9.5AI score0.07425EPSS
Exploits0References24
OSV
OSV
added 2020/04/15 7:15 p.m.6 views

CVE-2019-20660

Certain NETGEAR devices are affected by stored XSS. This affects RBR20 before 2.3.5.26, RBS20 before 2.3.5.26, RBK20 before 2.3.5.26, RBR40 before 2.3.5.30, RBS40 before 2.3.5.30, RBK40 before 2.3.5.30, RBR50 before 2.3.5.30, RBS50 before 2.3.5.30, and RBK50 before 2.3.5.30...

4.8CVSS5.8AI score0.00439EPSS
Exploits0References1
OSV
OSV
added 2018/10/29 12:29 p.m.4 views

CVE-2018-18748

Sandboxie 5.26 allows a Sandbox Escape via an "import os" statement, followed by os.system"cmd" or os.system"powershell", within a .py file. NOTE: the vendor disputes this issue because the observed behavior is consistent with the product's intended functionality...

10CVSS5.8AI score0.02428EPSS
Exploits1References2
OSV
OSV
added 2018/04/14 12:0 a.m.5 views

UBUNTU-CVE-2018-6798

An issue was discovered in Perl 5.22 through 5.26. Matching a crafted locale dependent regular expression can cause a heap-based buffer over-read and potentially information disclosure...

7.5CVSS7.3AI score0.04005EPSS
Exploits0References3
Rows per page
Query Builder