Lucene search
K

7660 matches found

OSSF Malicious Packages
OSSF Malicious Packages
added 2022/07/06 6:43 p.m.3 views

Malicious code in icon-package (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 9d88cf998d4140ce1ace5f472b26111b02c4363162678fe2e97c4e4e88008244 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

6.9AI score
Exploits0References2
Fedora
Fedora
added 2022/07/04 1:35 a.m.19 views

[SECURITY] Fedora 36 Update: golang-github-cpu-goacmedns-0.1.1-5.fc36

A Go library to handle acme-dns client communication and persistent account storage...

9.3CVSS8.2AI score0.05994EPSS
Exploits4
Huntr
Huntr
added 2022/07/03 10:30 a.m.6 views

Multiple Stored XSS

✍️ Description The persistent or stored XSS vulnerability is a more devastating variant of a cross-site scripting flaw, it occurs when the data provided by the attacker is saved by the server, and then permanently displayed on "normal" pages returned to other users in the course of regular...

3.8AI score
Exploits0
RedHat Linux
RedHat Linux
added 2022/07/01 9:52 a.m.67 views

Moderate: Red Hat Security Advisory: Migration Toolkit for Containers (MTC) 1.7.2 security and bug fix update

The Migration Toolkit for Containers MTC 1.7.2 is now available. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE...

8.8CVSS6.7AI score0.03304EPSS
Exploits2References30
OSSF Malicious Packages
OSSF Malicious Packages
added 2022/06/30 9:31 a.m.5 views

Malicious code in personal-colors-kash (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 314d8e8e81281e1eb99614b0ba515986bf54f7afaccd18e2dcb8f641ae43b232 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

6.9AI score
Exploits0References1
CNVD
CNVD
added 2022/06/30 12:0 a.m.18 views

WordPress Plugin NewStatPress Cross-Site Scripting Vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation. WordPress is a set of blogging platforms developed using the PHP language. WordPress plugin is an application plugin. WordPress Plugin NewStatPress version 1.2.4 contains a cross-site scripting vulnerability that can be...

5.4CVSS2AI score0.00551EPSS
Exploits1References1
Tenable Nessus
Tenable Nessus
added 2022/06/28 12:0 a.m.10 views

Stored Cross-Site Scripting (XSS)

Client-side scripts are used extensively by modern web applications. They perform from simple functions such as the formatting of text up to full manipulation of client-side data and Operating System interaction. Cross Site Scripting XSS allows clients to inject scripts into a request and have th...

5.5AI score
Exploits0References2
OSV
OSV
added 2022/06/27 7:15 p.m.1 views

CVE-2017-20098

A vulnerability was found in Admin Custom Login Plugin 2.4.5.2. It has been classified as problematic. Affected is an unknown function. The manipulation leads to basic cross site scripting Persistent. It is possible to launch the attack remotely...

4.8CVSS4.5AI score0.00493EPSS
Exploits1References2
Cvelist
Cvelist
added 2022/06/27 6:11 p.m.16 views

CVE-2017-20098 Admin Custom Login Plugin Persistent cross site scripting

A vulnerability was found in Admin Custom Login Plugin 2.4.5.2. It has been classified as problematic. Affected is an unknown function. The manipulation leads to basic cross site scripting Persistent. It is possible to launch the attack remotely...

3.5CVSS5AI score0.00493EPSS
Exploits1References2
Vulnrichment
Vulnrichment
added 2022/06/27 6:11 p.m.6 views

CVE-2017-20098 Admin Custom Login Plugin Persistent cross site scripting

A vulnerability was found in Admin Custom Login Plugin 2.4.5.2. It has been classified as problematic. Affected is an unknown function. The manipulation leads to basic cross site scripting Persistent. It is possible to launch the attack remotely...

3.5CVSS6.4AI score0.00493EPSS
Exploits1References2
Prion
Prion
added 2022/06/26 1:15 p.m.19 views

Cross site scripting

Persistent XSS in Galaxkey Secure Mail Client in Galaxkey up to 5.6.11.5 allows an attacker to perform an account takeover by intercepting the HTTP Post request when sending an email and injecting a specially crafted XSS payload in the 'subject' field. The payload executes when the recipient logs...

3.5CVSS5.2AI score0.00533EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2022/06/24 6:45 a.m.15 views

CVE-2017-20094 NewStatPress Plugin Persistent cross site scriting

A vulnerability, which was classified as problematic, has been found in NewStatPress Plugin 1.2.4. This issue affects some unknown processing. The manipulation leads to basic cross site scripting Persistent. The attack may be initiated remotely. Upgrading to version 1.2.5 is able to address this...

3.5CVSS5.3AI score0.00551EPSS
Exploits1References2
Vulnrichment
Vulnrichment
added 2022/06/24 6:45 a.m.5 views

CVE-2017-20094 NewStatPress Plugin Persistent cross site scriting

A vulnerability, which was classified as problematic, has been found in NewStatPress Plugin 1.2.4. This issue affects some unknown processing. The manipulation leads to basic cross site scripting Persistent. The attack may be initiated remotely. Upgrading to version 1.2.5 is able to address this...

3.5CVSS6.3AI score0.00551EPSS
Exploits1References2
OSV
OSV
added 2022/06/21 12:0 a.m.15 views

GHSA-7F7G-8Q3X-JPX9 Cross site scripting in Elefant CMS

A vulnerability, which was classified as problematic, has been found in Elefant CMS 1.3.12-RC. Affected by this issue is some unknown functionality of the component Title Handler. The manipulation with the input leads to basic cross site scripting Persistent. The attack may be launched remotely...

5.4CVSS4.4AI score0.00474EPSS
Exploits0References4
Github Security Blog
Github Security Blog
added 2022/06/21 12:0 a.m.26 views

Cross site scripting in Elefant CMS

A vulnerability, which was classified as problematic, has been found in Elefant CMS 1.3.12-RC. Affected by this issue is some unknown functionality of the component Title Handler. The manipulation with the input leads to basic cross site scripting Persistent. The attack may be launched remotely...

5.4CVSS5.4AI score0.00474EPSS
Exploits0References4Affected Software1
Github Security Blog
Github Security Blog
added 2022/06/21 12:0 a.m.22 views

Cross site scripting in Elefant CMS

A vulnerability classified as problematic was found in Elefant CMS 1.3.12-RC. Affected by this vulnerability is an unknown functionality of the component Version Comparison. The manipulation leads to basic cross site scripting Persistent. The attack can be launched remotely. Upgrading to version...

6.1CVSS6AI score0.00709EPSS
Exploits1References4Affected Software1
Github Security Blog
Github Security Blog
added 2022/06/21 12:0 a.m.15 views

Cross site scripting in Elefant CMS

A vulnerability, which was classified as problematic, was found in Elefant CMS 1.3.12-RC. This affects an unknown part of the component Blog Post Handler. The manipulation leads to basic cross site scripting Persistent. It is possible to initiate the attack remotely. Upgrading to version 1.3.13 i...

5.4CVSS5.4AI score0.00474EPSS
Exploits0References4Affected Software1
OSV
OSV
added 2022/06/21 12:0 a.m.12 views

GHSA-4453-G295-24MH Cross site scripting in Elefant CMS

A vulnerability, which was classified as problematic, was found in Elefant CMS 1.3.12-RC. This affects an unknown part of the component Blog Post Handler. The manipulation leads to basic cross site scripting Persistent. It is possible to initiate the attack remotely. Upgrading to version 1.3.13 i...

5.4CVSS4.4AI score0.00474EPSS
Exploits0References4
OSSF Malicious Packages
OSSF Malicious Packages
added 2022/06/20 9:10 p.m.4 views

Malicious code in k-paste (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 2a6b12ef2387a7c507563af7c5478f0d551db852a6ecca091066addfac40414d Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

6.9AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2022/06/20 9:9 p.m.3 views

Malicious code in dinesh-dev-nagajikkktest11223qa (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 264ebd2de392e7bd4b34274a1240574d0e278d607f37c1b9a0d1bc6baf9456df Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

6.9AI score
Exploits0References1
Rows per page
Query Builder