Lucene search
+L

92 matches found

Vulnrichment
Vulnrichment
added 2025/11/26 6:0 a.m.3 views

CVE-2025-12061 Tax Service Electronic HDM < 1.2.1 - Unauthenticated Arbitrary SQL Execution

The TAX SERVICE Electronic HDM WordPress plugin before 1.2.1 does not authorization and CSRF checks in an AJAX action, allowing unauthenticated users to import and execute arbitrary SQL statements...

7.5AI score0.00158EPSS
Exploits0References1
CVE
CVE
added 2025/11/26 6:0 a.m.25 views

CVE-2025-12061

The CVE-2025-12061 entry concerns the TAX SERVICE Electronic HDM WordPress plugin prior to 1.2.1. Concretely, the vulnerability is a lack of authorization and CSRF checks in an AJAX action, enabling unauthenticated users to import and execute arbitrary SQL statements. This affects plugin versions...

8.6CVSS7.5AI score0.00158EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/11/26 12:0 a.m.6 views

WordPress plugin TAX SERVICE Electronic HDM 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress plugin is an application plugin. A lack of authorization vulnerability exists in WordPress TAX SERVICE Electronic HDM, which stems from a lack of authorization and CSRF checks in AJAX operations. An attacker...

8.6CVSS6.5AI score0.00158EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2025/11/26 12:0 a.m.10 views

PT-2025-48130

Name of the Vulnerable Software and Affected Versions TAX SERVICE Electronic HDM WordPress plugin versions prior to 1.2.1 Description The TAX SERVICE Electronic HDM WordPress plugin does not perform authorization and Cross-Site Request Forgery CSRF checks in an AJAX action. This allows...

8.6CVSS7.3AI score0.00158EPSS
Exploits0References7
Positive Technologies
Positive Technologies
added 2025/10/10 12:0 a.m.4 views

PT-2025-49050

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contains a flaw within the MOST Media Over Serial Transport USB subsystem, specifically in the hdm disconnect function. This function, when called, can lead to a...

4.4CVSS6.5AI score0.00179EPSS
Exploits0
Positive Technologies
Positive Technologies
added 2025/10/10 12:0 a.m.14 views

PT-2025-51662

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the Linux kernel related to the hdm probe function within the most USB subsystem. An early error path in hdm probe could call put device before the device was fully...

4.6CVSS7.5AI score0.00167EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2025/02/05 4:3 a.m.7 views

CVE-2024-54261

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in HK Digital Agency LLC TAX SERVICE Electronic HDM virtual-hdm-for-taxservice-am allows SQL Injection.This issue affects TAX SERVICE Electronic HDM: from n/a through = 1.2.2...

10CVSS7.3AI score0.00639EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/12/13 2:24 p.m.11 views

CVE-2024-54261 WordPress TAX SERVICE Electronic HDM plugin <= 1.2.2 - SQL Injection vulnerability

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in HK Digital Agency LLC TAX SERVICE Electronic HDM virtual-hdm-for-taxservice-am allows SQL Injection.This issue affects TAX SERVICE Electronic HDM: from n/a through = 1.2.2...

10CVSS8.9AI score0.00639EPSS
Exploits0References1
CVE
CVE
added 2024/12/13 2:24 p.m.44 views

CVE-2024-54261

CVE-2024-54261 is a SQL Injection vulnerability affecting the WordPress plugin TAX SERVICE Electronic HDM (HK Digital Agency LLC) with affected versions from n/a up to 1.1.2. Public sources indicate a patched version release to address this issue (e.g., WordPress CVE entry and Patchstack referenc...

10CVSS7.3AI score0.00639EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/12/13 2:24 p.m.22 views

CVE-2024-54261 WordPress TAX SERVICE Electronic HDM plugin <= 1.2.2 - SQL Injection vulnerability

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in HK Digital Agency LLC TAX SERVICE Electronic HDM virtual-hdm-for-taxservice-am allows SQL Injection.This issue affects TAX SERVICE Electronic HDM: from n/a through = 1.2.2...

10CVSS0.00639EPSS
Exploits0References1
CNNVD
CNNVD
added 2024/12/13 12:0 a.m.4 views

WordPress plugin TAX SERVICE Electronic HDM SQL注入漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation. WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A SQL injection vulnerability...

10CVSS8.6AI score0.00639EPSS
Exploits0References1
Patchstack
Patchstack
added 2024/12/06 12:49 p.m.4 views

WordPress TAX SERVICE Electronic HDM plugin <= 1.2.2 - SQL Injection vulnerability

SQL Injection vulnerability discovered by stealthcopter in WordPress Plugin TAX SERVICE Electronic HDM versions = 1.2.2...

10CVSS8.1AI score0.00639EPSS
Exploits0Affected Software1
SUSE CVE
SUSE CVE
added 2024/06/08 3:1 a.m.4 views

SUSE CVE-2024-26761

In the Linux kernel, the following vulnerability has been resolved: cxl/pci: Fix disabling memory if DVSEC CXL Range does not match a CFMWS window The Linux CXL subsystem is built on the assumption that HPA == SPA. That is, the host physical address HPA the HDM decoder registers are programmed wi...

5.5CVSS6.1AI score0.00236EPSS
Exploits0References23
NVD
NVD
added 2024/05/21 4:15 p.m.28 views

CVE-2022-48707

In the Linux kernel, the following vulnerability has been resolved: cxl/region: Fix null pointer dereference for resetting decoder Not all decoders have a reset callback. The CXL specification allows a host bridge with a single root port to have no explicit HDM decoders. Currently the region driv...

5.5CVSS6.5AI score0.00205EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2024/04/04 12:33 a.m.22 views

CVE-2024-26761

In the Linux kernel, the following vulnerability has been resolved: cxl/pci: Fix disabling memory if DVSEC CXL Range does not match a CFMWS window The Linux CXL subsystem is built on the assumption that HPA == SPA. That is, the host physical address HPA the HDM decoder registers are programmed wi...

4.4CVSS6.6AI score0.00236EPSS
Exploits0References4
UbuntuCve
UbuntuCve
added 2024/04/03 5:15 p.m.32 views

CVE-2024-26761

In the Linux kernel, the following vulnerability has been resolved: cxl/pci: Fix disabling memory if DVSEC CXL Range does not match a CFMWS window The Linux CXL subsystem is built on the assumption that HPA == SPA. That is, the host physical address HPA the HDM decoder registers are programmed wi...

5.5CVSS6.3AI score0.00236EPSS
Exploits0References6
OSV
OSV
added 2024/04/03 5:15 p.m.3 views

UBUNTU-CVE-2024-26761

In the Linux kernel, the following vulnerability has been resolved: cxl/pci: Fix disabling memory if DVSEC CXL Range does not match a CFMWS window The Linux CXL subsystem is built on the assumption that HPA == SPA. That is, the host physical address HPA the HDM decoder registers are programmed wi...

5.5CVSS6.6AI score0.00236EPSS
Exploits0References7
Vulnrichment
Vulnrichment
added 2024/04/03 5:0 p.m.17 views

CVE-2024-26761 cxl/pci: Fix disabling memory if DVSEC CXL Range does not match a CFMWS window

In the Linux kernel, the following vulnerability has been resolved: cxl/pci: Fix disabling memory if DVSEC CXL Range does not match a CFMWS window The Linux CXL subsystem is built on the assumption that HPA == SPA. That is, the host physical address HPA the HDM decoder registers are programmed wi...

6.5AI score0.00236EPSS
Exploits0References4
Debian CVE
Debian CVE
added 2024/04/03 5:0 p.m.28 views

CVE-2024-26761

In the Linux kernel, the following vulnerability has been resolved: cxl/pci: Fix disabling memory if DVSEC CXL Range does not match a CFMWS window The Linux CXL subsystem is built on the assumption that HPA == SPA. That is, the host physical address HPA the HDM decoder registers are programmed wi...

5.5CVSS7.1AI score0.00236EPSS
Exploits0
Cvelist
Cvelist
added 2024/04/03 5:0 p.m.49 views

CVE-2024-26761 cxl/pci: Fix disabling memory if DVSEC CXL Range does not match a CFMWS window

In the Linux kernel, the following vulnerability has been resolved: cxl/pci: Fix disabling memory if DVSEC CXL Range does not match a CFMWS window The Linux CXL subsystem is built on the assumption that HPA == SPA. That is, the host physical address HPA the HDM decoder registers are programmed wi...

7.5AI score0.00236EPSS
Exploits0References4
Rows per page
Query Builder