Lucene search
K

148 matches found

CVE
CVE
added 2026/06/17 11:53 a.m.37 views

CVE-2024-32729

CVE-2024-32729 concerns WordPress ChatBot Conversational Forms (QuantumCloud Conversational Forms for ChatBot)

7.5CVSS5.2AI score0.0043EPSS
Exploits0References1
CVE
CVE
added 2025/06/26 8:59 p.m.42 views

CVE-2014-6274

git-annex vulnerability CVE-2014-6274: when using S3/Glacier remotes with embedcreds=yes and encryption=pubkey or encryption=hybrid, AWS credentials were stored in the repository in plaintext rather than encrypted. Affected range: 3.20121126 through 5.20140919. Impact: anyone with a copy of the r...

7.5CVSS6.4AI score0.00153EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2025/05/15 8:9 p.m.53 views

CVE-2024-2643

CVE-2024-2643 affects the WordPress plugin My Sticky Bar prior to version 2.6.8. The issue is a failure to sanitize/escape certain settings, enabling stored cross-site scripting (Stored XSS) by high-privilege users (e.g., admins) even when unfiltered_html is disallowed, such as in multisite setup...

4.8CVSS5.4AI score0.00315EPSS
Exploits2References1Affected Software1
CVE
CVE
added 2025/03/24 3:37 p.m.77 views

CVE-2021-26091

CVE-2021-26091 concerns FortiMail Identity Based Encryption (IBE) authentication. The connected documents confirm a cryptographically weak PRNG used in the FortiMail authenticator, affecting FortiMail versions 6.4.0–6.4.4 and 6.2.0–6.2.7. The weakness may allow an unauthenticated attacker to infe...

7.5CVSS7.2AI score0.00294EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2025/03/21 4:2 p.m.93 views

CVE-2019-16151

Fortinet FortiOS 6.4.1 and below and FortiOS 6.2.9 and below are affected by an improper neutralization of input during web page generation (CWE-79). A remote unauthenticated attacker can exploit a crafted Host header to redirect users to malicious sites or to execute JavaScript in the victim’s b...

6.1CVSS5.1AI score0.00356EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2025/01/30 11:45 p.m.149 views

CVE-2024-1211

CVE-2024-1211 is a CSRF vulnerability in GitLab CE/EE that affects all versions from 10.6 up to 16.9.7, from 16.10 up to 16.10.5, and from 16.11 up to 16.11.2, occurring when GitLab is configured to use JWT as an OmniAuth provider. The connected sources consistently describe a cross-site request ...

8.8CVSS6.3AI score0.00255EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2025/01/28 4:51 p.m.58 views

CVE-2017-13318

CVE-2017-13318 affects HeifDataSource::readAt in HeifDecoderImpl.cpp, where an integer overflow can cause an out-of-bounds read leading to information disclosure. Exploitation requires user interaction and the attacker must be able to trigger the affected code path (AV: Adjacent, UI: Required). R...

5.7CVSS6.3AI score0.00131EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2025/01/28 4:50 p.m.58 views

CVE-2017-13317

CVE-2017-13317 involves a possible out-of-bounds read in HeifDecoderImpl::getScanline (HeifDecoderImpl.cpp) due to improper input validation. The issue could lead to remote information disclosure with no additional execution privileges required; exploitation requires user interaction. Connected s...

5.7CVSS6.3AI score0.00131EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2025/01/17 11:13 p.m.663 views

CVE-2018-9461

The CVE-2018-9461 entry describes a race-condition vulnerability in the ShareIntentActivity.java on Android, enabling an app to read files in the Messages app and leading to local privilege escalation without extra execution privileges or user interaction. Several sources (NVD, Red Hat, CVE lists...

7CVSS8.1AI score0.00076EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2025/01/02 12:0 p.m.81 views

CVE-2023-46608

CVE-2023-46608 affects the DoLogin Security WordPress plugin ( 3.7.1 (fixed in 3.8). The available connected sources corroborate the nature (Missing Authorization) and the affected versions, and indicate patch availability in 3.8. No exploitation details are provided in the supplied documents bey...

5.3CVSS7.3AI score0.00378EPSS
Exploits0References1
CVE
CVE
added 2025/01/02 11:59 a.m.72 views

CVE-2023-45760

CVE-2023-45760: wpDiscuz

8.8CVSS7.3AI score0.004EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2024/12/28 7:16 a.m.94 views

CVE-2023-52718

CVE-2023-52718 refers to a connection hijacking vulnerability affecting some Huawei home routers (e.g., WS8700 and other models). The issue is linked to insufficient input validation in Huawei’s firmware, enabling an attacker with adjacent access to cause Denial of Service or information leakage....

8.1CVSS6.7AI score0.0015EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2024/12/28 7:0 a.m.106 views

CVE-2023-7266

Huawei CVE-2023-7266 concerns a connection hijacking vulnerability affecting some Huawei home routers. Connected docs identify affected products as Huawei TC7001-10, WS7200-10, and WS7206-10 (and related models in Huawei materials). The root cause is described as a session handling flaw that enab...

8.1CVSS6.7AI score0.00269EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2024/12/28 6:21 a.m.67 views

CVE-2020-1822

CVE-2020-1822 corresponds to Huawei COPS protocol implementations with multiple OOB read vulnerabilities in the decoding function when processing incoming data packets. The issue can disrupt service on affected devices. The connected Red Hat CVE records confirm the same family (CVE-2020-1818…1824...

5.3CVSS4.5AI score0.00249EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2024/12/27 10:5 a.m.64 views

CVE-2020-1819

Huawei devices implementing the Common Open Policy Service (COPS) protocol are affected by multiple OOB read vulnerabilities in the COPS decoding function. The issue can lead to service disruption when processing certain data packets. The CVE family includes CVE-2020-1818 through CVE-2020-1824, i...

5.3CVSS4.6AI score0.00249EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2024/12/27 10:2 a.m.92 views

CVE-2020-1818

The connected Red Hat/Huawei entries describe CVE-2020-1818 (and related CVEs 2020-1819 to 1824) as multiple out-of-bounds read vulnerabilities in Huawei devices' Common Open Policy Service (COPS) protocol implementation. The root cause is an out-of-bounds read in the decoding function when proce...

5.3CVSS4.6AI score0.00249EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2024/12/27 9:50 a.m.62 views

CVE-2020-9222

CVE-2020-9222 affects Huawei FusionCompute. The vulnerability is a privilege-escalation issue caused by insufficient verification of specific files during deserialization, enabling local attackers to elevate permissions. Affected product/component: Huawei FusionCompute; root cause: improper deser...

7.8CVSS7AI score0.00111EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2024/12/27 9:46 a.m.71 views

CVE-2020-9210

CVE-2020-9210 affects Huawei Myna devices with an insufficient integrity check in a module, enabling attackers to install malware via a physical scenario and potentially disrupt normal service. The root cause is a lack of adequate integrity verification in a specific workflow (HWPSIRT-2020-00145)...

6.8CVSS6.6AI score0.00146EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2024/12/19 1:56 p.m.86 views

CVE-2021-26102

CVE-2021-26102 describes a relative path traversal (CWE-23) in FortiWAN. FortiWAN versions 4.5.7 and earlier (including all 4.4.x) may allow a remote, unauthenticated attacker to delete files on the system by sending a crafted POST request. In particular, deletion of specific configuration files ...

9.8CVSS9.4AI score0.16364EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2024/12/18 11:39 p.m.70 views

CVE-2021-20553

CVE-2021-20553 affects IBM Sterling B2B Integrator Standard Edition (versions 5.2.0.0 through 6.1.1.0). The issue is a cross-site scripting vulnerability in the Web UI that lets an attacker embed arbitrary JavaScript, potentially altering functionality and disclosing credentials within a trusted ...

5.4CVSS5.2AI score0.00257EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder