Lucene search
K

293 matches found

CNNVD
CNNVD
added 2025/01/27 12:0 a.m.3 views

WordPress plugin Altra Side Menu 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

6.5CVSS8.3AI score0.00218EPSS
Exploits1References1
CVE
CVE
added 2025/01/24 12:0 a.m.63 views

CVE-2024-50695

CVE-2024-50695 affects SunGrow WiNet-SV200.001.00.P027 and earlier versions. The issue is a stack-based buffer overflow that occurs when parsing MQTT messages due to missing MQTT topic bounds checks. Public sources describe the vulnerability as potentially enabling arbitrary code execution remote...

9.8CVSS7.6AI score0.00552EPSS
Exploits0References1Affected Software1
CNNVD
CNNVD
added 2025/01/21 12:0 a.m.5 views

WordPress plugin Atarim 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security...

7.5CVSS8.1AI score0.0034EPSS
Exploits0References3
CNNVD
CNNVD
added 2025/01/15 12:0 a.m.3 views

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from not checking buffer lengths before accessing them...

5.5CVSS6.7AI score0.00222EPSS
Exploits0References10
CNNVD
CNNVD
added 2025/01/07 12:0 a.m.3 views

WordPress plugin Export Import Menus 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed in the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A security vulnerability exists in WordPress...

5.3CVSS8AI score0.00343EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2025/01/01 12:0 a.m.5 views

PT-2026-4368

Name of the Vulnerable Software and Affected Versions Linux Kernel affected versions not specified Description A flaw exists in the Linux kernel’s KVM component related to the gmap helper zap one page function. Missing checks within this function could lead to memory corruption in guest virtual...

9.8CVSS5.4AI score0.96267EPSS
Exploits265References131
CVE
CVE
added 2024/12/09 8:50 a.m.60 views

CVE-2024-12307

CVE-2024-12307 affects Unifiedtransform (2.0 and earlier). Root cause: function-level access control missing in the student editing workflow, enabling teachers to modify student personal data without proper authorization. Initial publication notes no patch was available. Connected sources also re...

4.3CVSS4.6AI score0.00237EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2024/12/06 12:0 a.m.4 views

PT-2024-17445 · WordPress · Gold Addons For Elementor

Name of the Vulnerable Software and Affected Versions: Gold Addons for Elementor plugin for WordPress versions up to, and including, 1.3.2 Description: The issue allows unauthorized modification of data due to a missing capability check on the activate and deactivate functions. This makes it...

4.3CVSS6.9AI score0.00267EPSS
Exploits0References7
RedHat Linux
RedHat Linux
added 2024/11/12 9:11 a.m.5 views

kernel: net: missing check virtio

In the Linux kernel, the following vulnerability has been resolved: net: missing check virtio Two missing check in virtionethdrtoskb allowed syzbot to crash kernels again 1. After the skbsegment function the buffer may become non-linear nrfrags != 0, but since the SKBTXSHAREDFRAG flag is not set...

5.5CVSS6.5AI score0.00239EPSS
Exploits0References5
OSV
OSV
added 2024/11/04 2:15 a.m.2 views

CVE-2024-20112

In isp, there is a possible out of bounds read due to a missing bounds check. This could lead to local denial of service with System execution privileges needed. User interaction is needed for exploitation. Patch ID: ALPS09071481; Issue ID: MSV-1730...

4.4CVSS5.9AI score0.00076EPSS
Exploits0References1
BDU FSTEC
BDU FSTEC
added 2024/10/29 12:0 a.m.5 views

The vulnerability of the writeback component in the Linux operating system’s kernel allows a hacker to trigger a service failure.

The vulnerability of the writeback component in the Linux operating system’s kernel is related to the lack of checks for division by zero. Exploiting this vulnerability can allow an attacker to cause a service failure...

5.5CVSS6.7AI score
Exploits0References51Affected Software8
Vulnrichment
Vulnrichment
added 2024/10/21 8:5 p.m.14 views

CVE-2022-48967 NFC: nci: Bounds check struct nfc_target arrays

In the Linux kernel, the following vulnerability has been resolved: NFC: nci: Bounds check struct nfctarget arrays While running under CONFIGFORTIFYSOURCE=y, syzkaller reported: memcpy: detected field-spanning write size 129 of single field "target-sensfres" at net/nfc/nci/ntf.c:260 size 18 This...

7AI score0.00236EPSS
Exploits0References8
Patchstack
Patchstack
added 2024/10/15 1:2 p.m.4 views

WordPress UltimateAI plugin <= 2.8.3 - Limited User Password Change due to Improper Empty and Missing Default Value Check vulnerability

Limited User Password Change due to Improper Empty and Missing Default Value Check vulnerability discovered by István Márton in WordPress Plugin UltimateAI versions = 2.8.3...

5.6CVSS7AI score0.00322EPSS
Exploits0References1Affected Software1
RedHat Linux
RedHat Linux
added 2024/10/14 6:22 p.m.17 views

uplot: Prototype Pollution in uplot

A flaw was found in uPlot. This vulnerability allows prototype pollution via the uplot.assign function due to missing checks for attributes that resolve to the object prototype...

8.2CVSS5.7AI score0.0063EPSS
Exploits0References7
CNNVD
CNNVD
added 2024/10/12 12:0 a.m.5 views

WordPress plugin ImagePress 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

4.3CVSS6.4AI score0.00322EPSS
Exploits0References5
Vulnrichment
Vulnrichment
added 2024/09/18 6:32 a.m.18 views

CVE-2024-46715 driver: iio: add missing checks on iio_info's callback access

In the Linux kernel, the following vulnerability has been resolved: driver: iio: add missing checks on iioinfo's callback access Some callbacks from iioinfo structure are accessed without any check, so if a driver doesn't implement them trying to access the corresponding sysfs entries produce a...

6.7AI score0.00221EPSS
Exploits0References5
Veracode
Veracode
added 2024/09/16 9:58 a.m.9 views

Heap-based Buffer Overflow

libzephyr.so is vulnerable to Heap-based Buffer Overflow. The vulnerability is caused due to missing checks for the remaining size of a buffer in the bthcileadvextreport function in bluetooth/host/scan.c before passing it on to the cont routine. This may lead to unexpected behavior or system...

7.6CVSS7AI score0.00608EPSS
Exploits1References2Affected Software1
CNNVD
CNNVD
added 2024/09/13 12:0 a.m.5 views

Lunary 安全漏洞

Lunary is an open source production toolkit for LLM from Lunary. A security vulnerability exists in Lunary version 1.4.10, which stems from an interface that does not validate the necessary permissions for user access, resulting in an unauthorized user being able to obtain non-public information...

6.5CVSS4.5AI score0.00425EPSS
Exploits1References3
Microsoft CVE
Microsoft CVE
added 2024/09/11 7:0 a.m.3 views

In the Elliptic package 6.5.6 for Node.js ECDSA signature malleability occurs because there is a missing check for whether the leading bit of r and s is zero.

...

5.3CVSS9.3AI score0.00459EPSS
Exploits1
Positive Technologies
Positive Technologies
added 2024/09/11 12:0 a.m.7 views

PT-2024-38777 · WordPress · Mm-Breaking News

Name of the Vulnerable Software and Affected Versions: MM-Breaking News WordPress plugin versions 0.7.9 and earlier Description: The issue is related to the lack of CSRF checks in some places, as well as missing sanitization and escaping, which could allow attackers to make logged-in admins add...

6.1CVSS5.6AI score0.002EPSS
Exploits1References7
Rows per page
Query Builder