Lucene search
K

29 matches found

Tenable Nessus
Tenable Nessus
added 2026/05/06 12:0 a.m.10 views

RHCOS 4 : OpenShift Container Platform 4.4.3 cri-o (RHSA-2020:1937)

The remote Red Hat Enterprise Linux CoreOS 4 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2020:1937 advisory. - containers/image: Container images read entire image manifest into memory CVE-2020-1702 - proglottis/gpgme: Use-after-free in GPGM...

7.5CVSS5.8AI score0.05071EPSS
Exploits1References7
EUVD
EUVD
added 2025/10/07 12:30 a.m.10 views

EUVD-2017-6309

Malware in sbrugna...

6.5CVSS6.9AI score0.02456EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2024-29004

Malicious code in bioql PyPI...

7.1CVSS8.6AI score0.00195EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.3 views

EUVD-2021-33321

Malicious code in bioql PyPI...

7.8CVSS7.7AI score0.01955EPSS
Exploits0References2
NVD
NVD
added 2025/09/22 7:16 p.m.6 views

CVE-2025-58255

Cross-Site Request Forgery CSRF vulnerability in yonisink Custom Post Type Images custom-post-types-image allows Code Injection.This issue affects Custom Post Type Images: from n/a through = 0.5...

9.6CVSS0.00159EPSS
Exploits0References1
HackRead
HackRead
added 2025/08/23 2:11 p.m.4 views

Hackers Could Take Over Apple Devices Via Malicious Images – Patch Now!

Apple fixes CVE-2025-43300, a flaw letting hackers hijack devices via malicious images. Users urged to update iPhone, iPad,…...

8.8CVSS6.1AI score0.19972EPSS
Exploits9
GithubExploit
GithubExploit
added 2025/08/20 4:57 p.m.226 views

Exploit for CVE-2025-8889

Exploit Title: WordPress Compress Then Upload Plugin 1.0.3 Arb...

8AI score0.00265EPSS
Exploits2
RedhatCVE
RedhatCVE
added 2025/05/23 9:28 a.m.10 views

CVE-2024-5945

The WP SVG Images plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘type’ parameter in all versions up to, and including, 4.3 due to insufficient input sanitization. This makes it possible for authenticated attackers, with Author-level access and above, who have permissio...

6.4CVSS6.1AI score0.00328EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 12:20 a.m.6 views

CVE-2022-48161

Easy Images v2.0 was discovered to contain an arbitrary file download vulnerability via the component /application/down.php. This vulnerability is exploited via a crafted GET request...

7.5CVSS7.4AI score0.00759EPSS
Exploits1
RedhatCVE
RedhatCVE
added 2025/05/22 3:32 p.m.7 views

CVE-2020-35187

The official telegraf docker images before 1.9.4-alpine Alpine specific contain a blank password for a root user. System using the telegraf docker container deployed by affected versions of the docker image may allow a remote attacker to achieve root access with a blank password...

10CVSS7.3AI score0.02174EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2025/02/05 12:21 a.m.7 views

CVE-2024-31093

Cross-Site Request Forgery CSRF vulnerability in Kaloyan K. Tsvetkov Broken Images allows Cross-Site Scripting XSS.This issue affects Broken Images: from n/a through 0.2...

7.1CVSS8.5AI score0.00195EPSS
Exploits0References1
vulnersOsv
vulnersOsv
added 2024/07/10 6:33 a.m.7 views

08cms (=1.0.0), @artdotstyle/filepix (>=1.0.10 <=1.0.11) +427 more potentially affected by CVE-2024-21523 via images (>=2.0.2 <=3.2.4)

images NPM version =2.0.2, =1.0.10, =1.1.2, =0.0.1, =0.1.0, =1.0.1, =1.4.0, =1.1.2, =1.1.8, =0.4.0, =0.6.2 and more Source cves: CVE-2024-21523 Source advisory: OSV:GHSA-VJPV-X8P9-7P85...

7.5CVSS5.8AI score0.00597EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2024/02/20 2:13 p.m.6 views

08cms (=1.0.0), @artdotstyle/filepix (>=1.0.10 <=1.0.11) +427 more potentially affected by CVE-2024-21523 via images (>=2.0.2 <=3.2.4)

images NPM version =2.0.2, =1.0.10, =1.1.2, =0.0.1, =0.1.0, =1.0.1, =1.4.0, =1.1.2, =1.1.8, =0.4.0, =0.6.2 and more Source cves: CVE-2024-21523 Source advisory: SNYK:JS-IMAGES-6421826...

7.5CVSS5.8AI score0.00597EPSS
Exploits0
OSV
OSV
added 2023/09/21 3:15 p.m.7 views

PYSEC-2023-311

plone.namedfile allows users to handle File and Image fields targeting, but not depending on, Plone Dexterity content. Prior to versions 5.6.1, 6.0.3, 6.1.3, and 6.2.1, there is a stored cross site scripting vulnerability for SVG images. A security hotfix from 2021 already partially fixed this by...

5.4CVSS5.2AI score0.00475EPSS
Exploits0References9
NVD
NVD
added 2022/02/18 8:15 p.m.29 views

CVE-2021-46617

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley MicroStation CONNECT 10.16.0.80. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists...

7.8CVSS0.01878EPSS
Exploits0References2
Prion
Prion
added 2022/02/18 8:15 p.m.26 views

Design/Logic Flaw

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley MicroStation CONNECT 10.16.0.80. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists...

6.8CVSS7.8AI score0.01979EPSS
Exploits0References2Affected Software3
Prion
Prion
added 2022/02/18 8:15 p.m.18 views

Design/Logic Flaw

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley MicroStation CONNECT 10.16.0.80. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists...

6.8CVSS7.7AI score0.01878EPSS
Exploits0References2Affected Software3
IBM Security Bulletins
IBM Security Bulletins
added 2021/04/29 11:13 a.m.32 views

Security Bulletin: Images built from IBM App Connect Enterprise Certified Container images may be vulnerable to information exposure via CVE-2020-15095

Summary Images built from the App Connect Enterprise Certified Container images that perform an npm install may leak information through their logs when installing from a non-default location using basic auth credentials due to CVE-2020-15095. Vulnerability Details Third Party Entry: 184666...

4.4CVSS0.5AI score0.00417EPSS
Exploits0Affected Software1
Apple
Apple
added 2020/09/16 12:0 a.m.50 views

About the security content of watchOS 7.0

About the security content of watchOS 7.0 This document describes the security content of watchOS 7.0. About Apple security updates For our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches or releases are available...

9.3CVSS9.2AI score0.08491EPSS
Exploits3References1Affected Software1
RedhatCVE
RedhatCVE
added 2020/01/09 7:9 p.m.36 views

CVE-2020-5313

An out-of-bounds read was discovered in python-pillow in the way it decodes FLI images. An application that uses python-pillow to load untrusted images may be vulnerable to this flaw, which can allow an attacker to read the memory of the application they should be not allowed to read...

8.2CVSS3.2AI score0.02752EPSS
Exploits0References3
Rows per page
Query Builder