Lucene search
K

1820 matches found

NVD
NVD
added 2026/06/25 3:16 p.m.10 views

CVE-2026-13225

Malicious HTML content could be injected into the email address of an order, which pretix showed without sanitization on the confirmation page for individual tickets in that order...

5.3CVSS0.00345EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/25 2:26 p.m.5 views

EUVD-2026-39418

Malicious HTML content could be injected into the email address of an order, which pretix showed without sanitization on the confirmation page for individual tickets in that order...

5.3CVSS5.9AI score0.00345EPSS
Exploits0References1
CVE
CVE
added 2026/06/25 2:26 p.m.18 views

CVE-2026-13225

The provided connected documents confirm CVE-2026-13225 as a Stored XSS in pretix. Malicious HTML content could be injected into the email address field of an order; pretix displays this on the confirmation page for individual tickets without sanitization. Affects pretix’s order confirmation page...

5.3CVSS5.9AI score0.00345EPSS
Exploits0References1
CVE
CVE
added 2026/06/23 6:0 p.m.37 views

CVE-2020-9695

CVE-2020-9695 is an out-of-bounds write vulnerability in Adobe Acrobat/Reader. Affects multiple releases (e.g., Acrobat Reader versions 2020.009.20074, 2020.001.30002, 2017.011.30171, 2015.006.30523 and earlier) and related Acrobat products. Root cause: out-of-bounds write in the affected code pa...

7.8CVSS6.4AI score0.00176EPSS
Exploits0References1Affected Software3
CVE
CVE
added 2026/06/23 5:58 p.m.35 views

CVE-2020-9711

CVE-2020-9711 describes an out-of-bounds read (CWE-125) in Adobe Acrobat/Reader. Affected products include multiple lines of Acrobat/Reader: DC Continuous and Classic channels, across 2015, 2017, 2020 release families (e.g., 2020.009.20074, 2020.001.30002, 2017.011.30171, 2015.006.30523 and earli...

5.5CVSS5.7AI score0.00185EPSS
Exploits0References1Affected Software3
CVE
CVE
added 2026/06/23 5:47 p.m.59 views

CVE-2020-9713

CVE-2020-9713 is an out-of-bounds read (CWE-125) in Adobe Acrobat and Reader. Affected are versions including 2020.009.20074 and earlier, 2020.001.30002, 2017.011.30171 and earlier, and 2015.006.30523 and earlier. The vulnerability could disclose sensitive memory and requires user interaction (vi...

5.5CVSS5.7AI score0.00185EPSS
Exploits0References1Affected Software3
CVE
CVE
added 2026/06/17 12:5 p.m.35 views

CVE-2024-35690

CVE-2024-35690 – WordPress Widget Options plugin up to version 4.0.1 is vulnerable to sensitive data exposure (Subscriber+). The Patchstack entries (and WPVulnDB reference) indicate vulnerable versions are

6.5CVSS5.2AI score0.00294EPSS
Exploits0References1
CVE
CVE
added 2026/06/17 12:3 p.m.43 views

CVE-2024-35648

No technical details are provided in the connected documents for CVE-2024-35648 beyond the description of a CSRF vulnerability in the Emergency Password Reset plugin (WordPress)

4.3CVSS5.2AI score0.00127EPSS
Exploits0References1
CVE
CVE
added 2026/06/17 11:53 a.m.37 views

CVE-2024-32729

CVE-2024-32729 concerns WordPress ChatBot Conversational Forms (QuantumCloud Conversational Forms for ChatBot)

7.5CVSS5.2AI score0.0043EPSS
Exploits0References1
CVE
CVE
added 2026/06/17 11:36 a.m.42 views

CVE-2024-31435

CVE-2024-31435 affects the WordPress plugin Social Media & Share Icons (versions up to 2.8.6). The issue is a Missing Authorization vulnerability caused by incorrectly configured access control levels, enabling access to protected functionality without proper permissions. The CVE entry lists a Pa...

4.3CVSS5.1AI score0.00208EPSS
Exploits0References1
CVE
CVE
added 2026/06/17 11:34 a.m.42 views

CVE-2024-33685

Technical details for CVE-2024-33685 (WordPress Startupzy theme) are not publicly provided in the supplied documents. No confirmed affected versions, root cause, impact, or remediation are stated here; monitor official advisories for updates.

4.3CVSS5.2AI score0.00155EPSS
Exploits0References1
CVE
CVE
added 2026/06/11 9:50 a.m.73 views

CVE-2022-44630

The CVE-2022-44630 entry pertains to the WordPress plugin YITH WooCommerce Product Slider Carousel (vulnerable:

4.6CVSS5.4AI score0.00144EPSS
Exploits0References1
CVE
CVE
added 2026/06/11 9:47 a.m.37 views

CVE-2022-42479

CVE-2022-42479 concerns a Broken Access Control in WordPress Soledad premium theme versions

5.4CVSS5.5AI score0.00177EPSS
Exploits0References1
CVE
CVE
added 2026/06/11 7:3 a.m.10708 views

CVE-2023-33999

Technical details on CVE-2023-33999 are not provided in the supplied documents. Please monitor for updates from vendors/security advisories before assessing impact, affected products, or fixes.

7.1CVSS7.8AI score0.00284EPSS
Exploits0References1
CVE
CVE
added 2026/06/10 8:9 p.m.47 views

CVE-2022-26758

CVE-2022-26758: macOS Monterey before 12.4 is affected by a memory corruption issue that may allow a malicious application to cause unexpected changes in memory shared between processes. The vulnerability is addressed in macOS Monterey 12.4 with improved state management. The CVE entry notes a lo...

7.1CVSS5.5AI score0.00099EPSS
Exploits0References2Affected Software1
RedhatCVE
RedhatCVE
added 2026/06/05 7:12 p.m.10 views

CVE-2026-39334

ChurchCRM is an open-source church management system. Prior to 7.1.0, an SQL injection vulnerability was found in the endpoint /SettingsIndividual.php in ChurchCRM 7.0.5. Authenticated users without any specific privileges can inject arbitrary SQL statements through the type array parameter via t...

8.8CVSS5.7AI score0.00253EPSS
Exploits0References1
CVE
CVE
added 2026/05/27 3:30 p.m.41 views

CVE-2022-41656

CVE-2022-41656 describes a Missing Authorization vulnerability in the WordPress plugin Account Manager for WooCommerce . Affected versions are up to 2.1.2 (per CVE notices) with a broken access control that allows exploiting incorrectly configured access levels. The core issue is missing authoriz...

4.3CVSS5.8AI score0.00218EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/27 12:0 a.m.10 views

free5GC 代码问题漏洞

free5GC is an open-source project for the 5th generation 5G mobile core network. Versions of free5GC prior to 4.2.2 contained code vulnerabilities. These vulnerabilities stemmed from null pointer dereferencing in the PCF’s app-sessions handler under certain conditions, which could lead to a 500...

6.5CVSS5.9AI score0.0035EPSS
Exploits1References5
CVE
CVE
added 2026/05/08 12:0 a.m.48 views

CVE-2024-33288

The CVE-2024-33288 entry covers a SQL injection vulnerability in Prison Management System Using PHP v1.0, exposed on the Admin login page via the username parameter. Multiple connected sources document an authentication bypass PoC and public exploits targeting admin access (e.g., by injecting adm...

7.3CVSS5.9AI score0.0081EPSS
Exploits3References2
CVE
CVE
added 2026/05/08 12:0 a.m.49 views

CVE-2024-33724

SOPlanning 1.52.00 is vulnerable to Cross Site Scripting (XSS) via the groupe_id parameter to process/groupe_save.php. Affected software is SOPlanning; the vulnerability arises in the groupe_id handling, enabling injection that can affect authenticated users and potentially hijack sessions (per C...

5.4CVSS5.8AI score0.00551EPSS
Exploits1References2
Rows per page
Query Builder