Lucene search
K

684 matches found

EUVD
EUVD
added 2025/12/31 9:37 p.m.11 views

EUVD-2023-1817

PocketMine-MP versions prior to 4.18.1 contain an improper input validation vulnerability in inventory transaction handling. A remote attacker with a valid player session can request that the server drop more items than are available in the player's hotbar, triggering a server crash and resulting...

7.1CVSS6.3AI score0.0036EPSS
Exploits0References6
CNNVD
CNNVD
added 2025/12/31 12:0 a.m.49 views

PocketMine-MP 安全漏洞

PocketMine-MP is a game server software from PMMP Open Source. A security vulnerability exists in PocketMine-MP versions prior to 4.18.1, which stems from improper input validation in inventory transaction processing, and could lead to a remote attacker triggering a server crash and resulting in ...

7.1CVSS5.8AI score0.0036EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2025/12/31 12:0 a.m.17 views

PT-2025-54457

Name of the Vulnerable Software and Affected Versions PocketMine-MP versions prior to 4.18.1 Description PocketMine-MP versions prior to 4.18.1 have an issue with how input is checked when handling inventory transactions. A remote attacker who has a valid player session can ask the server to drop...

7.1CVSS6.7AI score0.0036EPSS
Exploits0References9
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2025/12/24 2:10 a.m.5 views

Media Player MP-01 vulnerable to Missing Authentication for Critical Function

Overview NEC branded Media Player MP-01 manufactured by Sharp Display Solutions, Ltd. contains the following vulnerability. Missing Authentication for Critical Function CWE-306 - CVE-2025-12049 Souvik Kandar of MicroSec microsec.io discovered and reported the vulnerability to the developer and...

9.8CVSS6.7AI score0.00286EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2025/12/23 6:29 a.m.6 views

CVE-2025-12049

Missing Authentication for Critical Function vulnerability in Sharp Display Solutions Media Player MP-01 All Verisons allows a attacker may access to the web interface of the affected product without authentication and change settings or perform other operations, and deliver content from the...

9.2CVSS7AI score0.00286EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/12/22 5:5 a.m.25 views

CVE-2025-12049

Missing Authentication for Critical Function vulnerability in Sharp Display Solutions Media Player MP-01 All Verisons allows a attacker may access to the web interface of the affected product without authentication and change settings or perform other operations, and deliver content from the...

9.2CVSS0.00286EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/12/22 12:0 a.m.7 views

PT-2025-52632

Name of the Vulnerable Software and Affected Versions Sharp Display Solutions Media Player MP-01 affected versions not specified Description A critical issue exists in Sharp Display Solutions Media Player MP-01 where a missing authentication check for a critical function allows unauthorized acces...

9.2CVSS6.5AI score0.00286EPSS
Exploits0References6
EUVD
EUVD
added 2025/11/14 9:30 p.m.4 views

EUVD-2025-197656

A weakness has been identified in rachelos WeRSS we-mp-rss up to 1.4.7. Affected by this vulnerability is the function dojob of the file /rachelos/we-mp-rss/blob/main/jobs/mps.py of the component Webhook Module. Executing manipulation of the argument webhookurl can lead to server-side request...

6.5CVSS6.3AI score0.00233EPSS
Exploits0References5
NVD
NVD
added 2025/11/14 7:15 p.m.22 views

CVE-2025-13174

A weakness has been identified in rachelos WeRSS we-mp-rss up to 1.4.7. Affected by this vulnerability is the function dojob of the file /rachelos/we-mp-rss/blob/main/jobs/mps.py of the component Webhook Module. Executing manipulation of the argument webhookurl can lead to server-side request...

6.5CVSS0.00233EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2025/11/14 6:32 p.m.8 views

CVE-2025-13174 rachelos WeRSS we-mp-rss Webhook mps.py do_job server-side request forgery

A weakness has been identified in rachelos WeRSS we-mp-rss up to 1.4.7. Affected by this vulnerability is the function dojob of the file /rachelos/we-mp-rss/blob/main/jobs/mps.py of the component Webhook Module. Executing manipulation of the argument webhookurl can lead to server-side request...

6.5CVSS6.5AI score0.00233EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2025/11/14 12:0 a.m.7 views

PT-2025-46996

Name of the Vulnerable Software and Affected Versions rachelos WeRSS we-mp-rss versions up to 1.4.7 Description A flaw exists in the Webhook Module of rachelos WeRSS we-mp-rss. The do job function within the /rachelos/we-mp-rss/blob/main/jobs/mps.py file is susceptible to server-side request...

6.5CVSS6.3AI score0.00233EPSS
Exploits0References8
NVD
NVD
added 2025/11/08 4:15 a.m.3 views

CVE-2025-12193

The Mang Board WP plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'mp' parameter in all versions up to, and including, 2.3.1 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web script...

6.1CVSS0.00201EPSS
Exploits0References2
Cvelist
Cvelist
added 2025/11/08 3:27 a.m.3 views

CVE-2025-12193 Mang Board WP <= 2.3.1 - Reflected Cross-Site Scripting

The Mang Board WP plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'mp' parameter in all versions up to, and including, 2.3.1 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web script...

6.1CVSS0.00201EPSS
Exploits0References2
CVE
CVE
added 2025/11/08 3:27 a.m.16 views

CVE-2025-12193

Vulnerability: Reflected Cross-Site Scripting in the Mang Board WP plugin for WordPress via the 'mp' parameter in versions

6.1CVSS5.3AI score0.00201EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2025/11/08 12:0 a.m.4 views

PT-2025-45552

Name of the Vulnerable Software and Affected Versions Mang Board WP plugin for WordPress versions prior to 2.3.2 Description The Mang Board WP plugin for WordPress is susceptible to Reflected Cross-Site Scripting. This is due to inadequate input sanitization and output escaping of the mp paramete...

6.1CVSS6.6AI score0.00201EPSS
Exploits0References5
OSV
OSV
added 2025/10/21 5:50 p.m.4 views

JLSEC-2025-181 Uncontrolled search path element in the Intel(R) oneAPI Toolkit OpenMP before version 2022.1 may all...

Uncontrolled search path element in the IntelR oneAPI Toolkit OpenMP before version 2022.1 may allow an authenticated user to potentially enable escalation of privilege via local access...

7.3CVSS7.1AI score0.00179EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/10/21 12:0 a.m.2 views

Unity Linux 20.1070e Security Update: kernel (UTSA-2025-987556)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-987556 advisory. In the Linux kernel, the following vulnerability has been resolved: scsi: bnx2fc: Make bnx2fcrecvframe mp safe Running tests with a debug kernel shows that...

5.5CVSS6.1AI score0.0021EPSS
Exploits0References4
VulnCheck KEV
VulnCheck KEV
added 2025/10/09 12:0 a.m.248 views

VulnCheck KEV: CVE-2025-22905

RE11S v1.11 was discovered to contain a command injection vulnerability via the command parameter at /goform/mp...

9.8CVSS5.8AI score0.04456EPSS
In wildExploits1References3
EUVD
EUVD
added 2025/10/07 12:30 a.m.13 views

EUVD-2019-0848

Malware in sbrugna...

8.6CVSS7AI score0.00871EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2019-19319

Malware in sbrugna...

7.8CVSS7.7AI score0.01303EPSS
Exploits0References2
Rows per page
Query Builder