Lucene search
+L

224 matches found

CNNVD
CNNVD
added 2025/01/11 12:0 a.m.6 views

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from the net/smc module not properly checking the smcdv2extoffset field when receiving an offer message, which...

5.5CVSS6.5AI score0.00218EPSS
Exploits0References7
CNNVD
CNNVD
added 2025/01/11 12:0 a.m.7 views

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that stems from the net/smc module not properly checking the v2extoffset, eidcnt, and ismgidcnt fields when receiving an offer...

5.5CVSS6.6AI score0.00213EPSS
Exploits0References5
CNNVD
CNNVD
added 2025/01/11 12:0 a.m.7 views

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that stems from the net/smc module not properly checking the ipareaoffset and ipv6prefixescnt fields when receiving an offer...

5.5CVSS6.5AI score0.00214EPSS
Exploits0References8
The Hacker News
The Hacker News
added 2024/12/20 10:44 a.m.6 views

Lazarus Group Spotted Targeting Nuclear Engineers with CookiePlus Malware

The Lazarus Group, an infamous threat actor linked to the Democratic People's Republic of Korea DPRK, has been observed leveraging a "complex infection chain" targeting at least two employees belonging to an unnamed nuclear-related organization within the span of one month in January 2024. The...

7.2AI score
Exploits0
The Hacker News
The Hacker News
added 2024/12/10 2:13 p.m.13 views

Fake Recruiters Distribute Banking Trojan via Malicious Apps in Phishing Scam

Cybersecurity researchers have shed light on a sophisticated mobile phishing aka mishing campaign that's designed to distribute an updated version of the Antidot banking trojan. "The attackers presented themselves as recruiters, luring unsuspecting victims with job offers," Zimperium zLabs Vishnu...

7.6AI score
Exploits0
The Hacker News
The Hacker News
added 2024/04/25 4:47 p.m.72 views

North Korea's Lazarus Group Deploys New Kaolin RAT via Fake Job Lures

The North Korea-linked threat actor known as Lazarus Group employed its time-tested fabricated job lures to deliver a new remote access trojan called Kaolin RAT. The malware could, "aside from standard RAT functionality, change the last write timestamp of a selected file and load any received DLL...

9.8CVSS7.5AI score0.99979EPSS
Exploits30
NVD
NVD
added 2024/04/09 7:15 p.m.25 views

CVE-2024-1960

The ShopLentor – WooCommerce Builder for Elementor & Gutenberg +12 Modules – All in One Solution formerly WooLentor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Special Offer Day Widget Banner Link in all versions up to, and including, 2.8.1 due to insufficient input...

6.4CVSS5.7AI score0.00521EPSS
Exploits0References4
OSV
OSV
added 2024/04/09 7:15 p.m.2 views

CVE-2024-1960

The ShopLentor – WooCommerce Builder for Elementor & Gutenberg +12 Modules – All in One Solution formerly WooLentor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Special Offer Day Widget Banner Link in all versions up to, and including, 2.8.1 due to insufficient input...

5.4CVSS7.4AI score0.00521EPSS
Exploits0References4
Cvelist
Cvelist
added 2024/04/09 6:58 p.m.29 views

CVE-2024-1960 ShopLentor <= 2.8.1 - Authenticated(Contributor+) Stored Cross-Site Scripting via Banner Link

The ShopLentor – WooCommerce Builder for Elementor & Gutenberg +12 Modules – All in One Solution formerly WooLentor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Special Offer Day Widget Banner Link in all versions up to, and including, 2.8.1 due to insufficient input...

6.4CVSS5.8AI score0.00521EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2024/04/09 12:0 a.m.6 views

PT-2024-18454 · WordPress · The Shoplentor

Name of the Vulnerable Software and Affected Versions: The ShopLentor – WooCommerce Builder for Elementor & Gutenberg +12 Modules – All in One Solution plugin for WordPress versions up to, and including, 2.8.1 Description: The issue is related to Stored Cross-Site Scripting via the Special Offer...

6.4CVSS8.1AI score0.00521EPSS
Exploits0References7
CNNVD
CNNVD
added 2024/04/09 12:0 a.m.6 views

WordPress Plugin ShopLentor 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security...

6.4CVSS7.7AI score0.00521EPSS
Exploits0References5
Vulnrichment
Vulnrichment
added 2024/04/04 1:56 a.m.20 views

CVE-2024-2868 ShopLentor – WooCommerce Builder for Elementor & Gutenberg +12 Modules – All in One Solution (formerly WooLentor) <= 2.8.3 - Authenticated (Contributor+) Stored Cross-Site Scripting via WL Universal Product Layout

The ShopLentor – WooCommerce Builder for Elementor & Gutenberg +12 Modules – All in One Solution formerly WooLentor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the slitems parameter in the WL Special Day Offer Widget in all versions up to, and including, 2.8.3 due to...

6.4CVSS7.4AI score0.00451EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2024/04/04 12:0 a.m.7 views

PT-2024-22521 · WordPress · The Shoplentor

Name of the Vulnerable Software and Affected Versions: The ShopLentor – WooCommerce Builder for Elementor & Gutenberg +12 Modules – All in One Solution plugin for WordPress versions up to, and including, 2.8.3 Description: The issue is related to Stored Cross-Site Scripting via the slitems...

6.4CVSS8.2AI score0.00451EPSS
Exploits0References6
WPVulnDB
WPVulnDB
added 2024/03/18 12:0 a.m.15 views

ShopLentor < 2.8.2 - Contributor+ Stored Cross-Site Scripting via Banner Link

Description The ShopLentor – WooCommerce Builder for Elementor & Gutenberg is vulnerable to Stored Cross-Site Scripting via the Special Offer Day Widget Banner Link due to insufficient input sanitization and output escaping on user supplied attributes...

6.4CVSS5.9AI score0.00521EPSS
Exploits0References1Affected Software1
OSV
OSV
added 2024/03/08 2:15 a.m.3 views

CVE-2024-25849

In the module "Make an offer" makeanoffer = 1.7.1 from PrestaToolKit for PrestaShop, a guest can perform SQL injection via MakeOffers::checkUserExistingOffer and MakeOffers::addUserOffer...

9.8CVSS5.8AI score0.00636EPSS
Exploits0References2
Prion
Prion
added 2024/03/08 2:15 a.m.12 views

Sql injection

In the module "Make an offer" makeanoffer = 1.7.1 from PrestaToolKit for PrestaShop, a guest can perform SQL injection via MakeOffers::checkUserExistingOffer and MakeOffers::addUserOffer...

8.4AI score0.00636EPSS
Exploits0References2
CVE
CVE
added 2024/03/08 12:0 a.m.54 views

CVE-2024-25849

CVE-2024-25849 affects PrestaToolKit Make an offer module for PrestaShop (version ≤ 1.7.1). The vulnerability is a SQL injection in guest-accessible flows via MakeOffers::checkUserExistingOffer() and MakeOffers::addUserOffer(), leading to potential unauthorized data access or modification. Affect...

9.8CVSS7.9AI score0.00636EPSS
Exploits0References2Affected Software1
Vulnrichment
Vulnrichment
added 2024/03/08 12:0 a.m.8 views

CVE-2024-25849

In the module "Make an offer" makeanoffer = 1.7.1 from PrestaToolKit for PrestaShop, a guest can perform SQL injection via MakeOffers::checkUserExistingOffer and MakeOffers::addUserOffer...

8.1AI score0.00636EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2024/03/07 12:0 a.m.3 views

PT-2024-21161 · Prestatoolkit · Prestatoolkit Make An Offer Module

Name of the Vulnerable Software and Affected Versions: PrestaToolKit Make an offer module version 1.7.1 and earlier Description: A SQL injection issue exists in the Make an offer module, allowing a guest to perform SQL injection via the MakeOffers::checkUserExistingOffer and...

9.8CVSS8.3AI score0.00636EPSS
Exploits0References4
CNNVD
CNNVD
added 2024/02/29 12:0 a.m.5 views

iBarn Security Vulnerabilities

iBarn is an application by zhimengzhe personal developer. Provides file network backup, synchronization and sharing services. A security vulnerability exists in iBarn v1.5, which stems from a reflected cross-site scripting XSS vulnerability in the search parameter of the offer.php file...

5.4CVSS5.8AI score0.0046EPSS
Exploits0References3
Rows per page
Query Builder