Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

9 matches found

CNNVD
CNNVDadded 2026/05/21 12:0 a.m.5 views

WordPress plugin Avada (Fusion) Builder 注入漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. There is...

9.8CVSS6.1AI score0.00138EPSS
Exploits2References1
EUVD
EUVDadded 2025/10/03 8:7 p.m.5 views

EUVD-2025-32134

Malicious code in bioql PyPI...

6.5CVSS6.5AI score0.00038EPSS
Exploits3References3
OSV
OSVadded 2025/10/02 2:15 p.m.3 views

CVE-2025-56380

Frappe Framework v15.72.4 was discovered to contain a SQL injection vulnerability via the fieldname parameter in the frappe.client.getvalue API endpoint and a crafted script to the fieldname parameter...

6.5CVSS8.4AI score0.00038EPSS
Exploits3References2
NVD
NVDadded 2025/10/02 2:15 p.m.4 views

CVE-2025-56380

Frappe Framework v15.72.4 was discovered to contain a SQL injection vulnerability via the fieldname parameter in the frappe.client.getvalue API endpoint and a crafted script to the fieldname parameter...

6.5CVSS0.00038EPSS
Exploits3References2
CVE
CVEadded 2025/10/02 12:0 a.m.12 views

CVE-2025-56380

CVE-2025-56380 affects Frappe Framework/ERPNext codebase (Frappe v15.72.4; ERPNext v15.67.0) via a SQL injection in the fieldname parameter of the frappe.client.get_value API endpoint. The vulnerability arises from unsafe concatenation of user input into SQL within the /api/method/frappe.client.g...

6.5CVSS8AI score0.00038EPSS
Exploits3References2Affected Software2
Cvelist
Cvelistadded 2025/10/02 12:0 a.m.5 views

CVE-2025-56380

Frappe Framework v15.72.4 was discovered to contain a SQL injection vulnerability via the fieldname parameter in the frappe.client.getvalue API endpoint and a crafted script to the fieldname parameter...

0.00038EPSS
Exploits3References2
OSV
OSVadded 2021/01/13 12:1 a.m.16 views

OSV-2018-159 Use-of-uninitialized-value in AAT::LookupFormat8<OT::IntType<unsigned short, 2u> >::get_value

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=10953 Crash type: Use-of-uninitialized-value Crash state: AAT::LookupFormat8 ::getvalue AAT::Lookup ::getvalue AAT::StateTable::getclass...

7.2AI score
Exploits0References1
exploitpack
exploitpackadded 2015/12/16 12:0 a.m.18 views

Wireshark - memcpy get_value dissect_btatt SIGSEGV

Wireshark - memcpy getvalue dissectbtatt SIGSEGV Source: https://code.google.com/p/google-security-research/issues/detail?id=653 The following SIGSEGV crash due to an invalid memory write can be observed in an ASAN build of Wireshark current git master, by feeding a malformed file to tshark "$...

7.4AI score
Exploits0
0day.today
0day.todayadded 2015/12/16 12:0 a.m.48 views

Wireshark - memcpy (get_value / dissect_btatt) SIGSEGV

Exploit for multiple platform in category dos / poc Source: https://code.google.com/p/google-security-research/issues/detail?id=653 The following SIGSEGV crash due to an invalid memory write can be observed in an ASAN build of Wireshark current git master, by feeding a malformed file to tshark "$...

4.3CVSS5.7AI score0.00597EPSS
Exploits1
Rows per page
Query Builder