Lucene search
K

6 matches found

Vulnrichment
Vulnrichment
added 2026/04/07 3:49 p.m.2 views

CVE-2026-35567

...

5.9AI score0.00047EPSS
Exploits0
Packet Storm News
Packet Storm News
added 2025/09/02 12:0 a.m.4 views

Poisoned at Scale: a Scalable Audit Uncovers Hidden Scam Endpoints in Production LLMs

Large Language Models LLMs have become critical to modern software development, but their reliance on internet datasets for training introduces a significant security risk: the absorption and reproduction of malicious content. To evaluate this threat, this paper introduces a scalable, automated...

7.4AI score
Exploits0
RedhatCVE
RedhatCVE
added 2025/05/23 2:6 a.m.10 views

CVE-2023-6737

The Enable Media Replace plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the SHORTPIXELDEBUG parameter in all versions up to, and including, 4.1.4 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject...

6.1CVSS6.3AI score0.00493EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/04/15 12:0 a.m.5 views

PT-2025-16473 · Jellyfin +1 · Jellyfin +1

Name of the Vulnerable Software and Affected Versions: Jellyfin versions prior to 10.10.7 Description: Jellyfin is an open source self-hosted media server. The issue concerns argument injection in FFmpeg, which can potentially lead to remote code execution by anyone with credentials to a...

7.6CVSS7.6AI score0.00616EPSS
Exploits0References6
Vulnrichment
Vulnrichment
added 2023/02/28 6:32 p.m.8 views

CVE-2023-1065

This vulnerability in the Snyk Kubernetes Monitor can result in irrelevant data being posted to a Snyk Organization, which could in turn obfuscate other, relevant, security issues. It does not expose the user of the integration to any direct security risk and no user data can be leaked. To exploi...

6.5CVSS6.9AI score0.00624EPSS
Exploits0References4
OSV
OSV
added 2021/04/22 9:15 p.m.4 views

CVE-2021-24234

The Search Forms page of the Ivory Search WordPress lugin before 4.6.1 did not properly sanitise the tab parameter before output it in the page, leading to a reflected Cross-Site Scripting issue when opening a malicious crafted link as a high privilege user. Knowledge of a form id is required to...

6.1CVSS5.8AI score0.01173EPSS
Exploits2References3
Rows per page
Query Builder