Lucene search
K

8 matches found

CVE
CVE
added 2026/06/25 1:47 p.m.18 views

CVE-2026-57588

CVE-2026-57588 is a SQL injection vulnerability in Nessus. A crafted malicious scan result file, when imported by a privileged user, injects SQL into the scan results database, potentially exfiltrating scan data. The vulnerability affects Nessus in scenarios where a scan-result file is imported b...

4.6CVSS5.9AI score0.00158EPSS
Exploits0References1Affected Software1
Positive Technologies
Positive Technologies
added 2026/01/29 12:0 a.m.6 views

PT-2026-5274

BacklinkSpeed 2.4 contains a buffer overflow vulnerability that allows attackers to corrupt the Structured Exception Handler SEH chain through malicious file import. Attackers can craft a specially designed payload file to overwrite SEH addresses, potentially executing arbitrary code and gaining...

9.8CVSS6.2AI score0.00365EPSS
Exploits0References5
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2024-3067

Malicious code in bioql PyPI...

6.1CVSS6.3AI score0.00487EPSS
Exploits1References5
EUVD
EUVD
added 2025/10/03 8:7 p.m.9 views

EUVD-2021-9896

Malicious code in bioql PyPI...

7.8CVSS7.7AI score0.00665EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 10:7 p.m.3 views

CVE-2022-3380

The Customizer Export/Import WordPress plugin before 0.9.5 unserializes the content of an imported file, which could lead to PHP object injection issues when an admin imports intentionally or not a malicious file and a suitable gadget chain is present on the blog...

7.2CVSS7.1AI score0.01126EPSS
Exploits1References1
Positive Technologies
Positive Technologies
added 2022/12/12 12:0 a.m.6 views

PT-2022-21789 · WordPress · Phlox

Name of the Vulnerable Software and Affected Versions: Shortcodes and extra features for Phlox theme WordPress plugin versions prior to 2.10.7 Description: The issue arises from the unserialize of the content of an imported file, which could lead to PHP object injection when a user imports a...

8.8CVSS8.7AI score0.00742EPSS
Exploits0References5
OSV
OSV
added 2022/10/31 4:15 p.m.4 views

CVE-2022-3357

The Smart Slider 3 WordPress plugin before 3.5.1.11 unserialises the content of an imported file, which could lead to PHP object injection issues when a user import intentionally or not a malicious file, and a suitable gadget chain is present on the site...

8.8CVSS5.8AI score0.01903EPSS
Exploits3References1
CNNVD
CNNVD
added 2022/08/31 12:0 a.m.5 views

GitLab 资源管理错误漏洞

GitLab is an open source, end-to-end software development platform from GitLab, Inc. with built-in version control, issue tracking, code review, CI/CD Continuous Integration and Continuous Delivery, and other features. A security vulnerability exists in GitLab EE/CE. An attacker exploited the...

6.5CVSS7AI score0.00996EPSS
Exploits0References5
Rows per page
Query Builder