Lucene search
K

143 matches found

RedhatCVE
RedhatCVE
added 2025/05/22 7:53 a.m.10 views

CVE-2018-1999037

A data modification vulnerability exists in Jenkins Resource Disposer Plugin 0.11 and earlier in AsyncResourceDisposer.java that allows attackers to stop tracking a resource...

4.3CVSS6.6AI score0.00761EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/21 11:6 p.m.11 views

CVE-2008-7294

Google Chrome before 4.0.211.0 cannot properly restrict modifications to cookies established in HTTPS sessions, which allows man-in-the-middle attackers to overwrite or delete arbitrary cookies via a Set-Cookie header in an HTTP response, related to lack of the HTTP Strict Transport Security HSTS...

5.8CVSS6.5AI score0.01012EPSS
Exploits0References1
NVD
NVD
added 2025/04/30 7:15 p.m.11 views

CVE-2024-9876

: Modification of Assumed-Immutable Data MAID vulnerability in ABB ANC, ABB ANC-L, ABB ANC-mini.This issue affects ANC: through 1.1.4; ANC-L: through 1.1.4; ANC-mini: through 1.1.4...

8.5CVSS0.00227EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/04/10 9:47 a.m.11 views

CVE-2025-3437

The Motors – Car Dealership & Classified Listings Plugin plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on several functions in the ajaxactions.php file in all versions up to, and including, 1.4.66. This makes it possible for authenticate...

4.3CVSS6.8AI score0.00293EPSS
Exploits0References1
NVD
NVD
added 2025/04/08 4:15 p.m.14 views

CVE-2025-32018

Cursor is a code editor built for programming with AI. In versions 0.45.0 through 0.48.6, the Cursor app introduced a regression affecting the set of file paths the Cursor Agent is permitted to modify automatically. Under specific conditions, the agent could be prompted, either directly by the us...

8CVSS0.00377EPSS
Exploits0References1
NVD
NVD
added 2025/03/26 8:15 p.m.21 views

CVE-2025-26010

Telesquare TLR-2005KSH 1.1.4 allows unauthorized password modification when requesting the admin.cgi parameter with setUserNamePassword...

9.8CVSS0.00378EPSS
Exploits0References1
NVD
NVD
added 2025/03/07 7:15 a.m.11 views

CVE-2024-13655

The Flex Mag - Responsive WordPress News Theme theme for WordPress is vulnerable to unauthorized modification of data that can lead to a denial of service due to a missing capability check on the propanelofajaxcallback function in all versions up to, and including, 3.5.2. This makes it possible f...

8.1CVSS0.00312EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2025/02/14 4:34 a.m.8 views

CVE-2024-12164

The WPSyncSheets Lite For WPForms – WPForms Google Spreadsheet Addon plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the wpsslwpresetsettings function in all versions up to, and including, 1.6. This makes it possible for authenticated...

4.3CVSS9AI score0.00406EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/02/01 12:0 a.m.7 views

WordPress plugin AnimateGL Animations for WordPress 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

5.3CVSS8.6AI score0.00295EPSS
Exploits0References2
CNNVD
CNNVD
added 2025/01/21 12:0 a.m.6 views

Oracle JD Edwards Products 安全漏洞

Oracle JD Edwards Products is a fully integrated suite of Enterprise Resource Planning ERP applications from Oracle Corporation USA. The products provide application modules for financial management, project management, and asset lifecycle management. A security vulnerability exists in Oracle JD...

6.1CVSS8.5AI score0.00369EPSS
Exploits0References2
NVD
NVD
added 2025/01/17 9:15 a.m.32 views

CVE-2024-12370

The WP Hotel Booking plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check when adding rooms in all versions up to, and including, 2.1.5. This makes it possible for unauthenticated attackers to add rooms with custom prices...

5.3CVSS0.00306EPSS
Exploits0References2
NVD
NVD
added 2024/12/12 6:15 a.m.11 views

CVE-2024-12263

The Child Theme Creator by Orbisius plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the clouddelete and cloudupdate functions in all versions up to, and including, 1.5.5. This makes it possible for authenticated attackers, with...

4.3CVSS0.0034EPSS
Exploits0References2
CNNVD
CNNVD
added 2024/10/25 12:0 a.m.4 views

WordPress plugin WooCommerce UPS Shipping 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

4.3CVSS6.4AI score0.00386EPSS
Exploits0References3
CNNVD
CNNVD
added 2024/10/15 12:0 a.m.6 views

Oracle E-Business Suite 安全漏洞

Oracle E-Business Suite is a set of fully integrated global business management software from Oracle USA. The software provides customer relationship management, service management, financial management, and other functions. A security vulnerability exists in Oracle Product Hub versions 12.2.3...

8.1CVSS7.9AI score0.00422EPSS
Exploits0References2
Cvelist
Cvelist
added 2024/09/23 10:43 a.m.23 views

CVE-2024-46544 Apache Tomcat Connectors: mod_jk: local users can view and modify configuration

Incorrect Default Permissions vulnerability in Apache Tomcat Connectors allows local users to view and modify shared memory containing modjk configuration which may lead to information disclosure and/or denial of service. This issue affects Apache Tomcat Connectors: from 1.2.9-beta through 1.2.49...

0.00326EPSS
Exploits0References1
NVD
NVD
added 2024/09/05 11:15 a.m.39 views

CVE-2024-7605

The HelloAsso plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'haajax' function in all versions up to, and including, 1.1.10. This makes it possible for authenticated attackers, with Contributor-level access and above, to update...

4.3CVSS0.00427EPSS
Exploits0References3
NVD
NVD
added 2024/08/21 6:15 a.m.27 views

CVE-2024-7390

The WP Testimonial Widget plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the fnSaveTestimonailOrder function in all versions up to, and including, 3.1. This makes it possible for unauthenticated attackers to change the order of...

5.3CVSS0.00339EPSS
Exploits0References2
OSV
OSV
added 2024/07/02 8:15 a.m.4 views

CVE-2024-5545

The Motors – Car Dealer, Classifieds & Listing plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the stmeditdeleteusercar function in all versions up to, and including, 1.4.8. This makes it possible for unauthenticated attackers to...

5.3CVSS5.9AI score0.0033EPSS
Exploits0References2
CVE
CVE
added 2024/06/28 12:0 a.m.215 views

CVE-2024-37370

Summary: CVE-2024-37370 affects MIT Kerberos 5 (krb5) before 1.21.3. An attacker can modify the plaintext Extra Count field in a confidential GSS wrap token, causing the unwrapped token to appear truncated to the application. The issue is tied to krb5’s GSS token handling and can impact confident...

7.5CVSS6.8AI score0.00748EPSS
Exploits0References4Affected Software1
ATTACKERKB
ATTACKERKB
added 2024/06/07 3:15 a.m.1 views

CVE-2024-5607

The GDPR CCPA Compliance & Cookie Consent Banner plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on several functions named ajaxUpdateSettings in all versions up to, and including, 2.7.0. This makes it possible for authenticated attackers,...

5.4CVSS6AI score0.00276EPSS
Exploits0References3
Rows per page
Query Builder