Lucene search
K

7 matches found

Positive Technologies
Positive Technologies
added 2026/04/03 12:0 a.m.4 views

PT-2026-30285

Severity: Medium CWE: CWE-352 Cross-Site Request Forgery Summary The player skin configuration endpoint at admin/playerUpdate.json.php does not validate CSRF tokens. The plugins table is explicitly excluded from the ORM's domain-based security check via ignoreTableSecurityCheck, removing the only...

4.3CVSS6AI score0.00134EPSS
Exploits1References4
UbuntuCve
UbuntuCve
added 2025/10/21 8:20 p.m.3 views

CVE-2025-53040

Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Optimizer. Supported versions that are affected are 8.0.0-8.0.43, 8.4.0-8.4.6 and 9.0.0-9.4.0. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MyS...

4.9CVSS7AI score0.00533EPSS
Exploits0References4
UbuntuCve
UbuntuCve
added 2025/10/21 8:20 p.m.3 views

CVE-2025-53053

Vulnerability in the MySQL Server product of Oracle MySQL component: Server: DML. Supported versions that are affected are 8.0.0-8.0.43, 8.4.0-8.4.6 and 9.0.0-9.4.0. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL...

5.5CVSS7AI score0.00438EPSS
Exploits0References4
UbuntuCve
UbuntuCve
added 2025/07/30 12:15 a.m.3 views

CVE-2025-43227

This issue was addressed through improved state management. This issue is fixed in Safari 18.6, iOS 18.6 and iPadOS 18.6, macOS Sequoia 15.6, tvOS 18.6, visionOS 2.6, watchOS 11.6. Processing maliciously crafted web content may disclose sensitive user information...

7.5CVSS7.1AI score0.0117EPSS
Exploits0References3
UbuntuCve
UbuntuCve
added 2025/07/22 9:15 p.m.5 views

CVE-2025-8037

Setting a nameless cookie with an equals sign in the value shadowed other cookies. Even if the nameless cookie was set over HTTP and the shadowed cookie included the Secure attribute. This vulnerability was fixed in Firefox 141, Firefox ESR 140.1, Thunderbird 141, and Thunderbird 140.1...

9.1CVSS7.3AI score0.00217EPSS
Exploits0References8
UbuntuCve
UbuntuCve
added 2025/07/15 8:15 p.m.3 views

CVE-2025-50095

Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Optimizer. Supported versions that are affected are 9.0.0-9.3.0. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks ...

4.9CVSS7AI score0.00485EPSS
Exploits0References2
UbuntuCve
UbuntuCve
added 2025/05/27 12:0 a.m.9 views

CVE-2025-5263

Error handling for script execution was incorrectly isolated from web content, which could have allowed cross-origin leak attacks. This vulnerability was fixed in Firefox 139, Firefox ESR 115.24, Firefox ESR 128.11, Thunderbird 139, and Thunderbird 128.11...

4.3CVSS6.8AI score0.00203EPSS
Exploits0References8
Rows per page
Query Builder