Lucene search
K

22 matches found

Amd
Amd
added 2025/06/10 12:0 a.m.10 views

Unauthorized Access to AMD Secure Processor’s Crypto-Co-Processor

CVE Details Refer to Glossary for explanation of terms CVE| CVSS Score| CVE Description ---|---|--- CVE-2023-20599| 7.9 High CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:N| Improper register access control in ASP may allow a privileged attacker to perform unauthorized access to ASP’s Crypto...

7.9CVSS7.1AI score0.00157EPSS
Exploits0
OpenVAS
OpenVAS
added 2025/04/29 12:0 a.m.16 views

Mozilla Firefox Security Advisory (MFSA2025-28) - Linux

The remote host is missing an update for Mozilla Firefox, announced via the advisory MFSA2025-28. SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-on...

9.1CVSS6.7AI score0.00534EPSS
Exploits0References10
Packet Storm
Packet Storm
added 2025/04/07 12:0 a.m.163 views

📄 YesWiki 4.5.1 Path Traversal

YesWiki version 4.5.1 suffers from an unauthenticated path traversal vulnerability. Exploit Title: YesWiki 4.5.2 - Unauthenticated Path Traversal Exploit Author: Al Baradi Joy Exploit Date: April 6, 2025 CVE ID: CVE-2025-31131 Vendor Homepage: https://yeswiki.net/ Software Link:...

8.6CVSS9.1AI score0.05366EPSS
Exploits6
Packet Storm
Packet Storm
added 2025/03/24 12:0 a.m.130 views

Chamilo LMS 1.11.24 Shell Upload

Chamilo LMS versions 1.11.24 and below remote shell upload exploit. Exploit Title: Chamilo LMS 1.11.24 - Remote Code Execution RCE Exploit Author: 0x00-null - Mohamed Kamel BOUZEKRIA Exploit Date: September 3, 2024 Vendor Homepage: https://chamilo.org/ Software Link: https://chamilo.org/ Version:...

8.1CVSS7.5AI score0.76084EPSS
Exploits27
Exploit DB
Exploit DB
added 2025/03/18 12:0 a.m.364 views

Chamilo LMS 1.11.24 - Remote Code Execution (RCE)

Exploit Title: Chamilo LMS 1.11.24 - Remote Code Execution RCE Exploit Author: 0x00-null - Mohamed Kamel BOUZEKRIA Exploit Date: September 3, 2024 Vendor Homepage: https://chamilo.org/ Software Link: https://chamilo.org/ Version: 1.11.24 Beersel Tested Versions: 1.11.24 Beersel - August 31, 2023...

8.1CVSS7AI score0.76084EPSS
Exploits27
OpenVAS
OpenVAS
added 2025/02/25 12:0 a.m.4 views

openSUSE Security Advisory (SUSE-SU-2024:0817-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS7.2AI score0.01433EPSS
Exploits0References4
Packet Storm
Packet Storm
added 2025/02/20 12:0 a.m.386 views

LTL Freight Quotes – Estes Edition 3.3.7 SQL Injection

LTL Freight Quotes – Estes Edition versions 3.3.7 and below suffer from an unauthenticated remote SQL injection vulnerability. CVE-2024-13488 LTL Freight Quotes – Estes Edition = 3.3.7 - Unauthenticated SQL Injection Description The LTL Freight Quotes – Estes Edition plugin for WordPress is...

7.5CVSS8.8AI score0.01059EPSS
Exploits3
0day.today
0day.today
added 2025/02/20 12:0 a.m.235 views

LTL Freight Quotes – SAIA Edition 2.2.10 SQL Injection Vulnerability

CVE-2024-13483 LTL Freight Quotes – SAIA Edition = 5.6 AND error-based - WHERE, HAVING...

7.5CVSS6.8AI score0.00736EPSS
Exploits3
Packet Storm
Packet Storm
added 2025/02/20 12:0 a.m.338 views

LTL Freight Quotes – Old Dominion Edition 4.2.10 SQL Injection

LTL Freight Quotes – Old Dominion Edition versions 4.2.10 and below suffer from an unauthenticated remote SQL injection vulnerability. CVE-2024-13489 LTL Freight Quotes – Old Dominion Edition = 4.2.10 - Unauthenticated SQL Injection Description The LTL Freight Quotes – Old Dominion Edition plugin...

7.5CVSS8.4AI score0.0073EPSS
Exploits3
0day.today
0day.today
added 2025/02/20 12:0 a.m.306 views

LTL Freight Quotes – Estes Edition 3.3.7 SQL Injection Vulnerability

CVE-2024-13488 LTL Freight Quotes – Estes Edition = 5.6 AND error-based - WHERE, HAVING...

7.5CVSS9.6AI score0.01059EPSS
Exploits3
Talos
Talos
added 2025/02/11 12:0 a.m.9 views

NVIDIA nvJPEG2000 cSIZ out-of-bounds write vulnerability

Talos Vulnerability Report TALOS-2024-2080 NVIDIA nvJPEG2000 cSIZ out-of-bounds write vulnerability February 11, 2025 CVE Number CVE-2024-0142 SUMMARY A memory corruption vulnerability exists in the Image Decoding functionality of NVIDIA nvJPEG2000 0.8.0. A specially crafted .jp2 file can lead to...

6.8CVSS7.1AI score0.00629EPSS
Exploits0
0day.today
0day.today
added 2025/01/15 12:0 a.m.246 views

WordPress ARPrice 4.0.3 PHP Object Injection Vulnerability

CVE-2024-49699 ARPrice...

8.8CVSS8.9AI score0.0076EPSS
Exploits3
0day.today
0day.today
added 2025/01/15 12:0 a.m.155 views

WordPress SuperBackup 2.3.3 Missing Authorization Vulnerability

CVE-2024-56067 WP SuperBackup = 2.3.3 - Missing Authorization to Unauthenticated Back-Up File Download Description The Super Backup & Clone - Migrate for WordPress plugin for WordPress is vulnerable to unauthorized access due to a missing capability check on a function in all versions up to, and...

7.5CVSS7.1AI score0.10034EPSS
Exploits2
Talos
Talos
added 2025/01/14 12:0 a.m.22 views

Wavlink AC3000 fw_check.sh Firmware Upload vulnerability

Talos Vulnerability Report TALOS-2024-2037 Wavlink AC3000 fwcheck.sh Firmware Upload vulnerability January 14, 2025 CVE Number CVE-2024-39273 SUMMARY A firmware update vulnerability exists in the fwcheck.sh functionality of Wavlink AC3000 M33A8.V5030.210505. A specially crafted HTTP request can...

9CVSS6.7AI score0.01046EPSS
Exploits1
Positive Technologies
Positive Technologies
added 2024/12/10 12:0 a.m.6 views

PT-2024-9328

Name of the Vulnerable Software and Affected Versions Windows Lightweight Directory Access Protocol LDAP versions prior to the fixed version Description The vulnerability is related to an integer overflow in the Windows Lightweight Directory Access Protocol LDAP service, allowing remote attackers...

10CVSS10AI score0.70906EPSS
Exploits3References153
Tibco
Tibco
added 2024/11/19 6:46 p.m.18 views

TIBCO Security Advisory: November 19, 2024 - TIBCO API Exchange Gateway - CVE-2024-10514

TIBCO APIX - XML External Entity XXE Injection Vulnerability Original release date: November 19, 2024 Last revised: --- CVE-2024-10514 Source: TIBCO Software Inc. Products Affected TIBCO API Exchange Gateway 2.4.0 and 2.5.0 Component Affected API Exchange Gateway Description The TIBCO API Exchang...

7.3AI score
Exploits0
Hacker One
Hacker One
added 2024/10/08 5:25 a.m.21 views

MTN Group: Information disclosure due to debug mode enabled at Laravel instance https://mpos.mtn.co.sz/

The Laravel framework contained a vulnerability known as CVE-2021-3129, which allowed remote code execution due to unsafe usage of PHP in the Ignition debug module. This vulnerability was relatively easy to exploit and did not require user authentication, resulting in a high CVSS score of 9.8. Th...

9.8CVSS8.3AI score0.99943EPSS
Exploits36
Packet Storm
Packet Storm
added 2023/09/05 12:0 a.m.341 views

WordPress WP Statistics 13.1.5 SQL Injection

Exploit Title: WP Statistics Plugin = 13.1.5 currentpageid - Time based SQL injection Unauthenticated Date: 13/02/2022 Exploit Author: psychoSherlock Vendor Homepage: https://wp-statistics.com/ Software Link: https://downloads.wordpress.org/plugin/wp-statistics.13.1.5.zip Version: 13.1.5 and prio...

9.8CVSS7.1AI score0.81363EPSS
Exploits4
Intel
Intel
added 2022/08/09 12:0 a.m.23 views

Intel® IPP Cryptography Advisory

Summary: A potential security vulnerability in an Intel® Integrated Performance Primitives IPP Cryptography software library may allow information disclosure. Intel is releasing software updates to mitigate this potential vulnerability. Vulnerability Details: CVEID: CVE-2022-26083 Description:...

7.5CVSS7.1AI score0.00176EPSS
Exploits0
The Hacker News
The Hacker News
added 2014/10/09 11:41 p.m.20 views

Authentication Flaw in PayPal mobile API Allows Access to Blocked Accounts

.jpg Payment services provider PayPal is vulnerable to an authentication restriction bypass vulnerability, which could allow an attacker to bypass a filter or restriction of the online-service to get unauthorized access to a blocked users’ PayPal account. The security vulnerability actually resid...

6.8AI score
Exploits0
Rows per page
Query Builder