Lucene search
K

34 matches found

Patchstack
Patchstack
added 2025/04/09 2:20 p.m.5 views

WordPress Database Toolset Plugin <= 1.8.4 - Arbitrary File Deletion vulnerability

Arbitrary File Deletion vulnerability discovered by LVT-tholv2k in WordPress Plugin Database Toolset versions = 1.8.4...

8.6CVSS8.4AI score0.00696EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2025/04/08 2:1 a.m.10 views

WordPress WP User Profiles plugin <= 2.6.2 - Privilege Escalation vulnerability

Privilege Escalation vulnerability discovered by astra.r3verii Patchstack Alliance in WordPress Plugin WP User Profiles versions = 2.6.2...

8.8CVSS8.3AI score0.00343EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2025/04/07 2:10 p.m.6 views

WordPress Hive Support plugin <= 1.2.5 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by stealthcopter in WordPress Plugin Hive Support versions = 1.2.5...

6.5CVSS8.3AI score0.00282EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2025/04/04 8:38 p.m.6 views

WordPress Drag and Drop Multiple File Upload for WooCommerce plugin <= 1.1.4 - Unauthenticated Arbitrary File Move vulnerability

Unauthenticated Arbitrary File Move vulnerability discovered by Phat RiO - BlueRock in WordPress Plugin Drag and Drop Multiple File Upload for WooCommerce versions = 1.1.4...

9.8CVSS9AI score0.01591EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2025/04/03 12:0 a.m.17 views

WordPress Woffice Theme <= 5.4.21 is vulnerable to Privilege Escalation

Software Woffice Type Theme Vulnerable versions = 5.4.21 Fixed in 5.4.22 OWASP Top 10 A7: Identification and Authentication Failures Classification Privilege Escalation CVE CVE-2025-2798 Patch priority High CVSS severity High 9.8 Developer EPC PSID bdeb5594d059 Credits Foxyyy Required privilege...

9.8CVSS6.6AI score0.00623EPSS
Exploits0References2Affected Software1
Patchstack
Patchstack
added 2025/04/01 10:37 a.m.3 views

WordPress Secure Copy Content Protection and Content Locking plugin <= 4.4.3 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by astra.r3verii in WordPress Plugin Secure Copy Content Protection and Content Locking versions = 4.4.3...

7.1CVSS7AI score0.00366EPSS
Exploits0Affected Software1
CVE
CVE
added 2025/01/21 8:52 p.m.105 views

CVE-2025-21497

The CVE-2025-21497 affects Oracle MySQL Server (InnoDB). Affected: 8.0.40 and prior, 8.4.3 and prior, 9.1.0 and prior. An attacker with network access and high privileges can cause a hang or crash (DoS) and may perform unauthorized updates/inserts/deletes on MySQL data. CVSS v3.1 base score 5.5 (...

5.5CVSS5AI score0.00449EPSS
Exploits0References2Affected Software1
Positive Technologies
Positive Technologies
added 2025/01/15 12:0 a.m.7 views

PT-2025-34632

Name of the Vulnerable Software and Affected Versions: PhpOffice/PhpSpreadsheet versions prior to 1.30.0 PhpOffice/PhpSpreadsheet versions prior to 2.1.12 PhpOffice/PhpSpreadsheet versions prior to 2.4.0 PhpOffice/PhpSpreadsheet versions prior to 3.10.0 PhpOffice/PhpSpreadsheet versions prior to...

8.7CVSS6.9AI score0.00741EPSS
Exploits0References19
Patchstack
Patchstack
added 2024/03/29 12:0 a.m.9 views

WordPress Kanban Boards for WordPress Plugin <= 2.5.21 is vulnerable to Cross Site Scripting (XSS)

Software Kanban Boards for WordPress Type Plugin Vulnerable versions = 2.5.21 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-31103 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID d58cc62b701e Credits Yudistira Arya Requir...

7.1CVSS6.6AI score0.00354EPSS
Exploits0References1Affected Software1
Positive Technologies
Positive Technologies
added 2023/11/02 12:0 a.m.4 views

PT-2023-29516 · Unknown · Online Food Ordering System

Name of the Vulnerable Software and Affected Versions: Online Food Ordering System version 1.0 Description: The Online Food Ordering System is affected by multiple Unauthenticated SQL Injection vulnerabilities. The issue arises from the phone parameter of the "routers/details-router.php" resource...

9.8CVSS9.8AI score0.007EPSS
Exploits1References6
Code423n4
Code423n4
added 2022/02/09 12:0 a.m.12 views

Shelter funds can be stolen

Lines of code Vulnerability details Impact Shelter has a function withdraw that lets whitelisted users withdraw a specified amount of some token. The function does not check if the user has already withdrew the tokens. Since, a user can withdraw allowed amount any number of times, stealing all th...

6.8AI score
Exploits0
IBM Security Bulletins
IBM Security Bulletins
added 2018/06/16 9:45 p.m.57 views

Security Bulletin: GNU C library (glibc) vulnerabilities affect IBM Security Network Active Bypass (CVE-2014-9761, CVE-2015-8778, CVE-2015-8779)

Summary GNU C library glibc vulnerabilities were found that affect IBM Security Network Active Bypass. Vulnerability Details CVEID: CVE-2014-9761 DESCRIPTION: GNU C Library glibc is vulnerable to a stack-based buffer overflow, caused by improper bounds checking by the nan function. By sending an...

9.8CVSS1.5AI score0.05966EPSS
Exploits2Affected Software1
CVE
CVE
added 1976/01/01 12:0 a.m.41 views

CVE-2025-32938

CVE-2025-32938 entry is rejected/not used and does not represent an active vulnerability entry.

7AI score
Exploits0
Cvelist
Cvelist
added 1976/01/01 12:0 a.m.13 views

CVE-2023-36119

...

Exploits0
Rows per page
Query Builder