Lucene search
K

126 matches found

CVE
CVE
added 6 days ago13 views

CVE-2026-8800

CVE-2026-8800 concerns an Incorrect Authorization vulnerability in Progress MOVEit Transfer (Audit User module). Affected software is MOVEit Transfer; impact involves unauthorized access across confidentiality, integrity, and availability (CVSS v3.1 base score 8.8, HIGH). Affected versions are MO...

8.8CVSS5.9AI score0.00196EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 6 days ago4 views

WordPress picu plugin <= 3.5.1 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by xwii in WordPress Plugin picu versions = 3.5.1...

7.1CVSS6.1AI score0.00251EPSS
Exploits0Affected Software1
CNNVD
CNNVD
added 2026/05/12 12:0 a.m.15 views

PhpSpreadsheet 安全漏洞

PhpSpreadsheet is a PHP library developed by PHPOffice, designed for reading and writing spreadsheet files. Vulnerabilities exist in versions prior to 1.30.4, 2.1.16, 2.4.5, 3.10.5, and 5.7.0 of PhpSpreadsheet. These vulnerabilities stem from the SpreadsheetML XML reader not verifying whether the...

7.5CVSS5.8AI score0.00395EPSS
Exploits1References1
Cvelist
Cvelist
added 2026/05/06 9:53 p.m.33 views

CVE-2026-3291 Samsung Print Service Plugin – Potential Information Disclosure

Samsung Print Service Plugin for Android is potentially vulnerable to information disclosure when using an outdated version of the application via mobile devices. HP is releasing updates to mitigate these potential vulnerabilities...

6.9CVSS0.00096EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/06 12:0 a.m.14 views

HP Samsung Print Service Plugin 安全漏洞

The HP Samsung Print Service Plugin is a mobile device printing service plugin developed by Hewlett-Packard HP in the United States. The HP Samsung Print Service Plugin has a security vulnerability, which stems from the use of outdated versions of the application and may lead to information leaks...

6.9CVSS5.8AI score0.00096EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/04/15 12:0 a.m.10 views

fastify/reply-from和fastify/http-proxy 安全漏洞

fastify/reply-from and fastify/http-proxy are both products from the Fastify open-source project. fastify/reply-from is a plugin designed to forward incoming HTTP requests to another server. fastify/http-proxy is a full-featured HTTP proxy plugin that supports proxying WebSocket connections and...

9CVSS5.8AI score0.00441EPSS
Exploits1References1
EUVD
EUVD
added 2026/04/08 6:14 p.m.4 views

EUVD-2026-20563

Zammad is a web based open source helpdesk/customer support system. Prior to 7.0.1 and 6.5.4, unauthenticated remote attackers were able to access the getting started endpoint to get access to sensitive internal entity data, even after the system setup was completed. This vulnerability is fixed i...

8.7CVSS5.9AI score0.00443EPSS
Exploits0References1
NVD
NVD
added 2026/03/26 1:16 p.m.4 views

CVE-2025-55277

HCL Aftermarket DPC is affected by Use of Vulnerable/Outdated Versions vulnerability using which an attacker may make use of the exploits available across the internet and craft attacks against the application...

6.5CVSS0.00175EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/03/26 12:45 p.m.2 views

CVE-2025-55277 HCL Aftermarket DPC is affected by Use of Vulnerable/Outdated Versions vulnerability

HCL Aftermarket DPC is affected by Use of Vulnerable/Outdated Versions vulnerability using which an attacker may make use of the exploits available across the internet and craft attacks against the application...

2.6CVSS5.8AI score0.00175EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/03/26 12:45 p.m.24 views

CVE-2025-55277 HCL Aftermarket DPC is affected by Use of Vulnerable/Outdated Versions vulnerability

HCL Aftermarket DPC is affected by Use of Vulnerable/Outdated Versions vulnerability using which an attacker may make use of the exploits available across the internet and craft attacks against the application...

2.6CVSS0.00175EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/03/05 12:0 a.m.7 views

WordPress plugin Fiorello 安全漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. WordPres...

8.1CVSS5.8AI score0.00504EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/02/20 12:0 a.m.6 views

WordPress plugin YayCurrency 安全漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...

7.5CVSS5.8AI score0.00323EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/02/14 7:22 p.m.10 views

CVE-2026-1578

HP App for Android is potentially vulnerable to cross-site scripting XSS when using an outdated version of the application via mobile devices. HP is releasing updates to mitigate these potential vulnerabilities...

5.1CVSS5AI score0.00126EPSS
Exploits0References1
NVD
NVD
added 2026/02/13 3:15 p.m.17 views

CVE-2026-1578

HP App for Android is potentially vulnerable to cross-site scripting XSS when using an outdated version of the application via mobile devices. HP is releasing updates to mitigate these potential vulnerabilities...

5.1CVSS0.00126EPSS
Exploits0References1
CVE
CVE
added 2026/02/13 2:56 p.m.21 views

CVE-2026-1578

HP App for Android is potentially vulnerable to cross-site scripting (XSS) when using an outdated version on mobile devices. The issue is being addressed with updates from HP. According to the provided CVE entry, the vulnerability is associated with an initial update path and a MEDIUM severity (C...

5.1CVSS5AI score0.00126EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/02/13 2:56 p.m.8 views

CVE-2026-1578

HP App for Android is potentially vulnerable to cross-site scripting XSS when using an outdated version of the application via mobile devices. HP is releasing updates to mitigate these potential vulnerabilities...

5.1CVSS5AI score0.00126EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/02/13 12:0 a.m.15 views

HP App 安全漏洞

HP App is an integrated management tool developed by the American company Hewlett-Packard HP. There is a security vulnerability in HP App, which stems from the use of outdated versions. This vulnerability may lead to cross-site scripting attacks...

5.1CVSS5.6AI score0.00126EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/01/11 1:5 p.m.6 views

CVE-2025-68493 Apache Struts, Apache Struts: XXE vulnerability in outdated XWork component

Missing XML Validation vulnerability in Apache Struts, Apache Struts. This issue affects Apache Struts: from 2.0.0 before 2.2.1; Apache Struts: from 2.2.1 through 6.1.0. Users are recommended to upgrade to version 6.1.1, which fixes the issue...

6.6AI score0.23054EPSS
Exploits1References1
Cvelist
Cvelist
added 2026/01/11 1:5 p.m.22 views

CVE-2025-68493 Apache Struts, Apache Struts: XXE vulnerability in outdated XWork component

Missing XML Validation vulnerability in Apache Struts, Apache Struts. This issue affects Apache Struts: from 2.0.0 before 2.2.1; Apache Struts: from 2.2.1 through 6.1.0. Users are recommended to upgrade to version 6.1.1, which fixes the issue...

0.23054EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2026/01/09 9:59 a.m.10 views

CVE-2020-7213

Parallels 13 uses cleartext HTTP as part of the update process, allowing man-in-the-middle attacks. Users of out-of-date versions are presented with a pop-up window for a parallelsupdates.xml file on the http://update.parallels.com web site...

7.6CVSS7AI score0.01091EPSS
Exploits1References1
Rows per page
Query Builder