Lucene search
+L

417 matches found

CVE
CVE
added 2025/09/22 6:22 p.m.15 views

CVE-2025-58686

CVE-2025-58686 : An authenticated SQL Injection in Perfect Brands for WooCommerce (WordPress plugin) allows exploitation via improper neutralization of SQL elements in the plugin’s queries. Affected: Perfect Brands for WooCommerce up to 3.6.x (reported as 3.6.0 in the initial doc, with later conn...

8.5CVSS5.9AI score0.00243EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/09/22 6:22 p.m.12 views

CVE-2025-58686 WordPress Perfect Brands for WooCommerce plugin <= 3.6.2 - SQL Injection vulnerability

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in quadlayers Perfect Brands for WooCommerce perfect-woocommerce-brands allows SQL Injection.This issue affects Perfect Brands for WooCommerce: from n/a through = 3.6.2...

8.5CVSS0.00243EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/09/22 6:22 p.m.4 views

CVE-2025-58686 WordPress Perfect Brands for WooCommerce plugin <= 3.6.2 - SQL Injection vulnerability

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in quadlayers Perfect Brands for WooCommerce perfect-woocommerce-brands allows SQL Injection.This issue affects Perfect Brands for WooCommerce: from n/a through = 3.6.2...

8.5CVSS5.9AI score0.00243EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/09/22 12:0 a.m.4 views

WordPress plugin Perfect Brands for WooCommerce SQL注入漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to set up personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A SQL injection...

8.5CVSS7.5AI score0.00243EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/09/22 12:0 a.m.5 views

PT-2025-38974

Name of the Vulnerable Software and Affected Versions Perfect Brands for WooCommerce versions through 3.6.0 Description A flaw exists in Perfect Brands for WooCommerce that allows for SQL Injection. This occurs due to improper neutralization of special elements within SQL commands. The issue...

8.5CVSS7.2AI score0.00243EPSS
Exploits0References4
Snyk
Snyk
added 2025/09/15 7:39 a.m.2 views

Embedded Malicious Code

Overview Affected versions of this package are vulnerable to Embedded Malicious Code. Compromised versions of this package contain a file called bundle.js that exfiltrates secrets from the user's accounts, including credentials and API tokens. It also downloads malicious files and repackages them...

9.8CVSS7AI score
Exploits0References2
Gitee
Gitee
added 2025/09/07 1:22 a.m.122 views

sslscan

This is a tool for scanning SSL/TLS protocols and ciphers on a target server. The tool is called sslscan and is written in C. It is designed to be a command-line interface for scanning SSL/TLS protocols and ciphers on a target server. The tool can be built on various platforms, including Linux an...

7AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/09/05 5:10 p.m.3 views

Malicious code in perfect-before-found (npm)

The package perfect-before-found was found to contain malicious code...

7AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/09/05 5:10 p.m.2 views

Malicious code in pencil-perfect-baseball (npm)

The package pencil-perfect-baseball was found to contain malicious code...

7AI score
Exploits0
OSV
OSV
added 2025/09/05 5:10 p.m.1 views

MAL-2025-45539 Malicious code in perfect-before-found (npm)

The package perfect-before-found was found to contain malicious code...

7AI score
Exploits0
OSV
OSV
added 2025/09/05 5:10 p.m.3 views

MAL-2025-45535 Malicious code in pencil-perfect-baseball (npm)

The package pencil-perfect-baseball was found to contain malicious code...

7AI score
Exploits0
Packet Storm News
Packet Storm News
added 2025/08/13 12:0 a.m.2 views

Perfect Message Authentication Codes Are Robust to Small Deviations from Uniform Key Distributions

We investigate the impact of possible deviations of the probability distribution of key values from a uniform distribution for the information-theoretic strong, or perfect, message authentication code. We found a simple expression for the decrease in security as a function of the statistical...

7.3AI score
Exploits0
Packet Storm News
Packet Storm News
added 2025/07/28 12:0 a.m.5 views

Active Attack Resilience in 5G: a New Take on Authentication and Key Agreement

As 5G networks expand into critical infrastructure, secure and efficient user authentication is more important than ever. The 5G-AKA protocol, standardized by 3GPP in TS 33.501, is central to authentication in current 5G deployments. It provides mutual authentication, user privacy, and key secrec...

7.1AI score
Exploits0
RedhatCVE
RedhatCVE
added 2025/06/13 7:21 a.m.8 views

CVE-2024-35295

A vulnerability has been identified in Perfect Harmony GH180 All versions = V8.0 V8.3.3 with NXGPro+ controller manufactured between April 2020 to April 2025. The maintenance connection of affected devices fails to protect access to the device's control unit configuration. This could allow an...

6.1CVSS6.1AI score0.00185EPSS
Exploits0References1
NVD
NVD
added 2025/06/11 7:15 a.m.8 views

CVE-2024-35295

A vulnerability has been identified in Perfect Harmony GH180 All versions = V8.0 V8.3.3 with NXGPro+ controller manufactured between April 2020 to April 2025. The maintenance connection of affected devices fails to protect access to the device's control unit configuration. This could allow an...

6.1CVSS0.00185EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2025/06/11 6:55 a.m.5 views

CVE-2024-35295

A vulnerability has been identified in Perfect Harmony GH180 All versions = V8.0 V8.3.3 with NXGPro+ controller manufactured between April 2020 to April 2025. The maintenance connection of affected devices fails to protect access to the device's control unit configuration. This could allow an...

6.1CVSS6.9AI score0.00185EPSS
Exploits0References2
Cvelist
Cvelist
added 2025/06/11 6:55 a.m.23 views

CVE-2024-35295

A vulnerability has been identified in Perfect Harmony GH180 All versions = V8.0 V8.3.3 with NXGPro+ controller manufactured between April 2020 to April 2025. The maintenance connection of affected devices fails to protect access to the device's control unit configuration. This could allow an...

6.1CVSS0.00185EPSS
Exploits0References2
CVE
CVE
added 2025/06/11 6:55 a.m.50 views

CVE-2024-35295

CVE-2024-35295 affects Perfect Harmony GH180 versions V8.0–V8.3.3 with the NXGPro+ controller (manufactured 2020–2025). The maintenance connection fails to protect access to the device configuration, enabling a physically proximate attacker with access to the maintenance port to perform arbitrary...

6.1CVSS6.1AI score0.00185EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2025/06/11 12:0 a.m.7 views

PT-2025-25183 · Unknown · Perfect Harmony Gh180

Name of the Vulnerable Software and Affected Versions: Perfect Harmony GH180 versions V8.0 through V8.3.3 Description: A security issue has been identified where the maintenance connection of affected devices does not protect access to the device's control unit configuration. This could allow an...

6.1CVSS6.5AI score0.00185EPSS
Exploits0References5
Packet Storm News
Packet Storm News
added 2025/06/11 12:0 a.m.6 views

On the Impossibility of a Perfect Hypervisor

We establish a fundamental impossibility result for a perfect hypervisor', one that 1 preserves every observable behavior of any program exactly as on bare metal and 2 adds zero timing or resource overhead. Within this model we prove two theorems. 1 Indetectability Theorem. If such a hypervisor...

6.8AI score
Exploits0
Rows per page
Query Builder