Lucene search
K

181 matches found

RedhatCVE
RedhatCVE
added 2025/05/23 2:42 a.m.9 views

CVE-2023-5025

A vulnerability was found in KOHA up to 23.05.03. It has been declared as problematic. This vulnerability affects unknown code of the file /cgi-bin/koha/catalogue/search.pl of the component MARC. The manipulation leads to cross site scripting. The attack can be initiated remotely. The exploit has...

5.4CVSS6.4AI score0.00539EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/22 8:39 p.m.5 views

CVE-2021-26308

An issue was discovered in the marc crate before 2.0.0 for Rust. A user-provided Read implementation can gain access to the old contents of newly allocated memory, violating soundness...

7.5CVSS7.1AI score0.01498EPSS
Exploits1References1
Oracle linux
Oracle linux
added 2025/03/31 12:0 a.m.113 views

freetype security update

2.10.4-10 - Fix for CVE-2025-27363 out-of-bound write vulnerability - Patch initially by Marc Deslauriers of Canonical - https://www.openwall.com/lists/oss-security/2025/03/14/3 - Adjusted for EL9 by Jonathan Wright of AlmaLinux - and a member of the Meta security team - Resolves: RHEL-83105...

8.1CVSS7.5AI score0.26049EPSS
Exploits1
RedhatCVE
RedhatCVE
added 2025/02/26 3:30 p.m.17 views

CVE-2025-27340

Cross-Site Request Forgery CSRF vulnerability in Forge12 Interactive GmbH F12-Profiler f12-profiler allows Cross Site Request Forgery.This issue affects F12-Profiler: from n/a through = 1.3.9...

5.4CVSS7.2AI score0.0014EPSS
Exploits0References1
NVD
NVD
added 2025/02/24 3:15 p.m.4 views

CVE-2025-27340

Cross-Site Request Forgery CSRF vulnerability in Forge12 Interactive GmbH F12-Profiler f12-profiler allows Cross Site Request Forgery.This issue affects F12-Profiler: from n/a through = 1.3.9...

5.4CVSS0.0014EPSS
Exploits0References1
CVE
CVE
added 2025/02/24 2:49 p.m.62 views

CVE-2025-27340

CVE-2025-27340 describes a CSRF vulnerability in the WordPress plugin F12-Profiler (versions up to 1.3.9). The issue allows unauthorized cross-site requests due to CSRF weaknesses in the plugin. Public references in the connected docs consistently identify the affected software as the F12-Profile...

5.4CVSS7.2AI score0.0014EPSS
Exploits0References1
NVD
NVD
added 2024/11/19 5:15 p.m.9 views

CVE-2024-51652

Cross-Site Request Forgery CSRF vulnerability in marckocher Skip To skip-to allows Stored XSS.This issue affects Skip To: from n/a through = 2.0.0...

7.1CVSS0.00206EPSS
Exploits0References1
CVE
CVE
added 2024/11/19 4:32 p.m.49 views

CVE-2024-51652

CVE-2024-51652 : WordPress plugin Skip To is affected by a CSRF to Stored Cross-Site Scripting (XSS) vulnerability. The CVE description indicates a CSRF flaw that enables Stored XSS in Skip To versions n/a through 2.0.0. Connected sources substantiate the issue for the Skip To plugin and list the...

7.1CVSS5.9AI score0.00206EPSS
Exploits0References1
Patchstack
Patchstack
added 2024/10/14 12:0 a.m.34 views

WordPress Jetpack Plugin < 13.9.1 is vulnerable to Broken Access Control

Software Jetpack Type Plugin Vulnerable versions 13.9.1 Fixed in 13.9.1 OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2024-9926 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID 675e1d99d774 Credits Marc Montpas Required privilege...

4.3CVSS6.9AI score0.01148EPSS
Exploits3References3Affected Software1
Packet Storm
Packet Storm
added 2024/08/27 12:0 a.m.177 views

Marc@TMS CMS 1.0 SQL Injection

============================================================================================================================================= | Title : Marc@TMS cms v1.0 SQL injection Vulnerability | | Author : indoushka | | Tested on : windows 10 FrPro / browser : Mozilla firefox 128.0.3 64 bits...

7.4AI score
Exploits0
OSV
OSV
added 2024/06/25 12:39 p.m.4 views

MAL-2024-2199 Malicious code in down_load_ebook_mochilas_by_marc_torrent_barcelo_lyona_upa6q (npm)

--- -= Per source details. Do not edit below this line.=-...

7.1AI score
Exploits0
Openbugbounty
Openbugbounty
added 2024/04/26 10:49 p.m.8 views

marcenerwin.nl Improper Access Control vulnerability OBB-3922923

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

7AI score
Exploits0
CNNVD
CNNVD
added 2024/04/22 12:0 a.m.5 views

Koha 跨站脚本漏洞

Koha is a Koha organization's system for automated library management building. A cross-site scripting vulnerability exists in Koha 20180108 and earlier versions, which stems from a cross-site scripting XSS vulnerability in the file /cgi-bin/koha/opac-MARCdetail.pl...

4CVSS5.8AI score0.0046EPSS
Exploits0References4
Apple
Apple
added 2024/03/12 12:0 a.m.629 views

About the security content of GarageBand 10.4.11

About the security content of GarageBand 10.4.11 This document describes the security content of GarageBand 10.4.11. About Apple security updates For our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches or releases...

7.8CVSS7.8AI score0.00265EPSS
Exploits0References1Affected Software1
Openbugbounty
Openbugbounty
added 2024/02/25 11:2 a.m.7 views

marc-i.net Improper Access Control vulnerability OBB-3858664

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

7AI score
Exploits0
Openbugbounty
Openbugbounty
added 2023/12/28 10:17 p.m.5 views

marc-coester.eu Improper Access Control vulnerability OBB-3824881

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

7AI score
Exploits0
CNNVD
CNNVD
added 2023/12/21 12:0 a.m.4 views

Automad Code Injection Vulnerability

Automad is a flat file content management system and template engine by Marc Anton Dahmen, an individual developer. A code injection vulnerability exists in Automad 1.10.9 and earlier versions, which stems from a stored cross-site scripting XSS vulnerability in the parameter sitename of the file...

5.4CVSS6.2AI score0.0061EPSS
Exploits1References8
Patchstack
Patchstack
added 2023/12/18 12:0 a.m.10 views

WordPress WP Go Maps Plugin < 9.0.28 is vulnerable to Cross Site Scripting (XSS)

Software WP Go Maps Type Plugin Vulnerable versions 9.0.28 Fixed in 9.0.28 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-6627 Patch priority Medium CVSS severity Medium 7.1 Developer WP Go Maps PSID 5fe45794e92f Credits Marc Montpas Required...

6.1CVSS5.6AI score0.00619EPSS
Exploits2References4Affected Software1
Openbugbounty
Openbugbounty
added 2023/10/13 8:15 a.m.15 views

marc.baffl.co.uk Cross Site Scripting vulnerability OBB-3746308

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

6.1AI score
Exploits0
Patchstack
Patchstack
added 2023/10/13 12:0 a.m.6 views

WordPress is vulnerable to Sensitive Data Exposure

Software WordPress Type WordPress Core Vulnerable versions 6.3.2 Fixed in 6.3.2 OWASP Top 10 A3: Injection Classification Sensitive Data Exposure CVE N/A Patch priority Low CVSS severity Low 5.3 Developer Claim ownership PSID 33dadfeb4ac4 Credits Marc-Alexandre Montpas Automattic Required privile...

7.2AI score
Exploits0References2Affected Software1
Rows per page
Query Builder