Lucene search
+L

608 matches found

Vulnrichment
Vulnrichment
added 2024/10/05 10:31 a.m.13 views

CVE-2024-9146 WordPress CSS JS Files plugin <= 1.5.0 - Directory Traversal to File Read vulnerability

Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in jamesdlow CSS JS Files css-js-files allows Path Traversal.This issue affects CSS JS Files: from n/a through = 1.5.0...

4.9CVSS5.2AI score0.00564EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/10/05 10:31 a.m.31 views

CVE-2024-9146 WordPress CSS JS Files plugin <= 1.5.0 - Directory Traversal to File Read vulnerability

Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in jamesdlow CSS JS Files css-js-files allows Path Traversal.This issue affects CSS JS Files: from n/a through = 1.5.0...

4.9CVSS0.00564EPSS
Exploits0References1
Fedora
Fedora
added 2024/09/14 2:1 a.m.24 views

[SECURITY] Fedora 40 Update: mingw-expat-2.6.3-1.fc40

This is expat, the C library for parsing XML, written by James Clark. Expat is a stream oriented XML parser. This means that you register handlers with the parser prior to starting the parse. These handlers are called when the parser discovers the associated structures in the document being parse...

9.8CVSS9.5AI score0.01686EPSS
Exploits0
Fedora
Fedora
added 2024/09/14 1:26 a.m.25 views

[SECURITY] Fedora 39 Update: mingw-expat-2.6.3-1.fc39

This is expat, the C library for parsing XML, written by James Clark. Expat is a stream oriented XML parser. This means that you register handlers with the parser prior to starting the parse. These handlers are called when the parser discovers the associated structures in the document being parse...

9.8CVSS9.5AI score0.01686EPSS
Exploits0
Fedora
Fedora
added 2024/09/10 2:10 a.m.31 views

[SECURITY] Fedora 40 Update: expat-2.6.3-1.fc40

This is expat, the C library for parsing XML, written by James Clark. Expat is a stream oriented XML parser. This means that you register handlers with the parser prior to starting the parse. These handlers are called when the parser discovers the associated structures in the document being parse...

9.8CVSS7.2AI score0.01686EPSS
Exploits0
Patchstack
Patchstack
added 2024/09/04 12:0 a.m.4 views

Drupal Paragraphs table module < 1.23.0,2.0.0-2.0.1 - Authenticated Multiple Vulnerabilities

Authenticated Multiple Vulnerabilities discovered by James Williams in WordPress Module Paragraphs table versions 1.23.0,2.0.0-2.0.1...

7AI score
Exploits0References1Affected Software1
Packet Storm
Packet Storm
added 2024/09/01 12:0 a.m.516 views

Log4Shell HTTP Scanner

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Log4Shell HTTP Scanner', 'Description' = %q Versions of Apache Log4j2 impacted by CVE-2021-44228 which allow JNDI features used in configuration,...

10CVSS10AI score0.99999EPSS
Exploits357
NVD
NVD
added 2024/08/26 9:15 p.m.39 views

CVE-2024-43915

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Dylan James Zephyr Project Manager allows Reflected XSS.This issue affects Zephyr Project Manager: from n/a through .3.102...

5.5CVSS0.00248EPSS
Exploits0References1
OSV
OSV
added 2024/08/26 9:15 p.m.4 views

CVE-2024-43916

Authorization Bypass Through User-Controlled Key vulnerability in Dylan James Zephyr Project Manager.This issue affects Zephyr Project Manager: from n/a through 3.3.102...

7.1CVSS5.8AI score0.00321EPSS
Exploits0References1
CVE
CVE
added 2024/08/26 8:31 p.m.68 views

CVE-2024-43915

CVE-2024-43915 affects the Zephyr Project Manager WordPress plugin (versions up to 3.3.102). The issue is a Reflected Cross-Site Scripting (XSS) vulnerability arising from improper input neutralization during page generation. Public documentation from Patchstack cites vulnerable versions

5.5CVSS7AI score0.00248EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2024/08/26 8:23 p.m.26 views

CVE-2024-43916 WordPress Zephyr Project Manager plugin <= 3.3.102 - Insecure Direct Object References (IDOR) vulnerability

Authorization Bypass Through User-Controlled Key vulnerability in Dylan James Zephyr Project Manager.This issue affects Zephyr Project Manager: from n/a through 3.3.102...

4.3CVSS7AI score0.00321EPSS
Exploits0References1
CVE
CVE
added 2024/08/26 8:23 p.m.58 views

CVE-2024-43916

CVE-2024-43916 : Zephyr Project Manager WordPress plugin vulnerable to an Authorization Bypass Through User-Controlled Key (IDOR). Affects Zephyr Project Manager versions

7.1CVSS7AI score0.00321EPSS
Exploits0References1Affected Software1
NVD
NVD
added 2024/08/18 10:15 p.m.26 views

CVE-2024-43322

Authorization Bypass Through User-Controlled Key vulnerability in Dylan James Zephyr Project Manager.This issue affects Zephyr Project Manager: from n/a through 3.3.100...

9.8CVSS0.00367EPSS
Exploits0References1
OSV
OSV
added 2024/08/18 10:15 p.m.4 views

CVE-2024-43322

Authorization Bypass Through User-Controlled Key vulnerability in Dylan James Zephyr Project Manager.This issue affects Zephyr Project Manager: from n/a through 3.3.100...

9.8CVSS5.8AI score0.00367EPSS
Exploits0References1
CVE
CVE
added 2024/08/01 9:26 p.m.58 views

CVE-2024-38761

CVE-2024-38761 is a vulnerability in the WordPress Zephyr Project Manager plugin, affecting Zephyr Project Manager versions n/a through 3.3.99 (i.e.,

7.5CVSS7.5AI score0.00447EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2024/08/01 9:26 p.m.14 views

CVE-2024-38761 WordPress Zephyr Project Manager plugin <= 3.3.99 - Sensitive Data Exposure via Export File vulnerability

Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Dylan James Zephyr Project Manager.This issue affects Zephyr Project Manager: from n/a through 3.3.99...

7.5CVSS6.9AI score0.00447EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2024/07/24 12:0 a.m.13 views

Ubuntu 24.04 LTS : provd vulnerability (USN-6912-1)

The remote Ubuntu 24.04 LTS host has a package installed that is affected by a vulnerability as referenced in the USN-6912-1 advisory. James Henstridge discovered that provd incorrectly handled environment variables. A local attacker could possibly use this issue to run arbitrary programs and...

8.8CVSS5.8AI score0.00263EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2024/07/18 12:0 a.m.44 views

Oracle Primavera Unifier (Jul 2024 CPU)

The versions of Primavera Unifier installed on the remote host are affected by multiple vulnerabilities as referenced in the July 2024 CPU advisory. - Vulnerability in the Primavera Unifier product of Oracle Construction and Engineering component: Integration Apache James MIME4J. Supported versio...

8.1CVSS6.5AI score0.01191EPSS
Exploits2References5
Vulnrichment
Vulnrichment
added 2024/07/09 11:47 a.m.11 views

CVE-2024-37484 WordPress Zephyr Project Manager plugin <= 3.3.97 - Privilege Escalation vulnerability

Improper Privilege Management vulnerability in Dylan James Zephyr Project Manager allows Privilege Escalation.This issue affects Zephyr Project Manager: from n/a through 3.3.97...

8.8CVSS7AI score0.00443EPSS
Exploits0References1
Schneier on Security
Schneier on Security
added 2024/06/28 11:4 a.m.11 views

James Bamford on Section 702 Extension

Longtime NSA-watcher James Bamford has a long article on the reauthorization of Section 702 of the Foreign Intelligence Surveillance Act FISA...

7.3AI score
Exploits0
Rows per page
Query Builder