Lucene search
K

771 matches found

Vulnrichment
Vulnrichment
added 2025/10/01 7:44 a.m.1 views

CVE-2025-39905 net: phylink: add lock for serializing concurrent pl->phydev writes with resolver

In the Linux kernel, the following vulnerability has been resolved: net: phylink: add lock for serializing concurrent pl-phydev writes with resolver Currently phylinkresolve protects itself against concurrent phylinkbringupphy or phylinkdisconnectphy calls which modify pl-phydev by relying on...

6.1AI score0.00102EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2025/09/30 8:56 p.m.20 views

CVE-2025-34211

Vasion Print formerly PrinterLogic Virtual Appliance Host prior to version 22.0.1049 and Application prior to version 20.0.2786 VA and SaaS deployments contain a private SSL key and matching public certificate stored in cleartext. The key belongs to the hostname pl‑local.com and is used by the...

9.3CVSS6.5AI score0.00367EPSS
Exploits1References1
NVD
NVD
added 2025/09/29 9:15 p.m.8 views

CVE-2025-34211

Vasion Print formerly PrinterLogic Virtual Appliance Host prior to version 22.0.1049 and Application prior to version 20.0.2786 VA and SaaS deployments contain a private SSL key and matching public certificate stored in cleartext. The key belongs to the hostname pl‑local.com and is used by the...

9.3CVSS0.00367EPSS
Exploits1References4
OSV
OSV
added 2025/09/29 9:15 p.m.5 views

CVE-2025-34211

Vasion Print formerly PrinterLogic Virtual Appliance Host prior to version 22.0.1049 and Application prior to version 20.0.2786 VA and SaaS deployments contain a private SSL key and matching public certificate stored in cleartext. The key belongs to the hostname pl‑local.com and is used by the...

4.9CVSS5.7AI score0.00367EPSS
Exploits1References4
Vulnrichment
Vulnrichment
added 2025/09/29 8:36 p.m.7 views

CVE-2025-34211 Vasion Print (formerly PrinterLogic) Hardcoded SSL Certificate and Private Keys

Vasion Print formerly PrinterLogic Virtual Appliance Host prior to version 22.0.1049 and Application prior to version 20.0.2786 VA and SaaS deployments contain a private SSL key and matching public certificate stored in cleartext. The key belongs to the hostname pl‑local.com and is used by the...

9.3CVSS6.2AI score0.00367EPSS
Exploits1References4
ATTACKERKB
ATTACKERKB
added 2025/09/29 8:36 p.m.8 views

CVE-2025-34211

Vasion Print formerly PrinterLogic Virtual Appliance Host prior to version 22.0.1049 and Application prior to version 20.0.2786 VA and SaaS deployments contain a private SSL key and matching public certificate stored in cleartext. The key belongs to the hostname pl‑local.com and is used by the...

9.3CVSS5.8AI score0.00367EPSS
Exploits1References5
Cvelist
Cvelist
added 2025/09/29 8:36 p.m.13 views

CVE-2025-34211 Vasion Print (formerly PrinterLogic) Hardcoded SSL Certificate and Private Keys

Vasion Print formerly PrinterLogic Virtual Appliance Host prior to version 22.0.1049 and Application prior to version 20.0.2786 VA and SaaS deployments contain a private SSL key and matching public certificate stored in cleartext. The key belongs to the hostname pl‑local.com and is used by the...

9.3CVSS0.00367EPSS
Exploits1References4
Positive Technologies
Positive Technologies
added 2025/09/29 12:0 a.m.7 views

PT-2025-39880

Name of the Vulnerable Software and Affected Versions Vasion Print formerly PrinterLogic Virtual Appliance Host versions prior to 22.0.1049 Vasion Print formerly PrinterLogic Application versions prior to 20.0.2786 Description The Vasion Print Virtual Appliance Host and Application store a privat...

9.3CVSS6.4AI score0.00367EPSS
Exploits1References8
Redos
Redos
added 2025/08/27 12:0 a.m.4 views

ROS-20250827-02

A vulnerability in the command line utility for converting PDF documents QPDF is related to a heap buffer overflow in PlASCII85Decoder::write heap buffer overflow in PlASCII85Decoder::write. Exploitation of the vulnerability could allow an attacker to cause a denial of denial of service...

5.5CVSS7.7AI score0.01272EPSS
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/08/14 6:52 p.m.5 views

Malicious code in @zalastax/nolb-nodebb-pl (npm)

The package @zalastax/nolb-nodebb-pl was found to contain malicious code...

7AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/08/14 6:52 p.m.3 views

Malicious code in git-pl (npm)

The package git-pl was found to contain malicious code...

7AI score
Exploits0
OSV
OSV
added 2025/08/14 6:52 p.m.3 views

MAL-2025-13719 Malicious code in @zalastax/nolb-react-pl (npm)

The package @zalastax/nolb-react-pl was found to contain malicious code...

7.2AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/08/14 6:52 p.m.4 views

Malicious code in @zalastax/nolb-react-pl (npm)

The package @zalastax/nolb-react-pl was found to contain malicious code...

7AI score
Exploits0
OSV
OSV
added 2025/08/14 6:52 p.m.1 views

MAL-2025-21457 Malicious code in git-pl (npm)

The package git-pl was found to contain malicious code...

7.2AI score
Exploits0
RedhatCVE
RedhatCVE
added 2025/06/29 2:26 p.m.6 views

CVE-2025-53329

Cross-Site Request Forgery CSRF vulnerability in szajenw Społecznościowa 6 PL 2013 spolecznosciowa-6-pl-2013 allows Stored XSS.This issue affects Społecznościowa 6 PL 2013: from n/a through = 2.0.6...

7.1CVSS5.9AI score0.00144EPSS
Exploits0References1
NVD
NVD
added 2025/06/27 2:15 p.m.6 views

CVE-2025-53329

Cross-Site Request Forgery CSRF vulnerability in szajenw Społecznościowa 6 PL 2013 spolecznosciowa-6-pl-2013 allows Stored XSS.This issue affects Społecznościowa 6 PL 2013: from n/a through = 2.0.6...

7.1CVSS0.00144EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/06/27 1:21 p.m.14 views

CVE-2025-53329 WordPress Społecznościowa 6 PL 2013 plugin <= 2.0.6 - Cross Site Request Forgery (CSRF) Vulnerability

Cross-Site Request Forgery CSRF vulnerability in szajenw Społecznościowa 6 PL 2013 spolecznosciowa-6-pl-2013 allows Stored XSS.This issue affects Społecznościowa 6 PL 2013: from n/a through = 2.0.6...

7.1CVSS0.00144EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 5:53 a.m.4 views

CVE-2023-22071

Vulnerability in the PL/SQL component of Oracle Database Server. Supported versions that are affected are 19.3-19.20 and 21.3-21.11. Easily exploitable vulnerability allows high privileged attacker having Create Session, Execute on sys.utlhttp privilege with network access via Oracle Net to...

5.9CVSS5.4AI score0.00312EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 8:34 p.m.6 views

CVE-2021-38157

LeoStream Connection Broker 9.x before 9.0.34.3 allows Unauthenticated Reflected XSS via the /index.pl user parameter. NOTE: This vulnerability only affects products that are no longer supported by the maintainer...

6.1CVSS6.4AI score0.01119EPSS
Exploits1References1
OSV
OSV
added 2025/03/08 3:15 a.m.3 views

CVE-2025-1504

The Post Lockdown plugin for WordPress is vulnerable to Information Exposure in all versions up to, and including, 4.0.2 via the 'plautocomplete' AJAX action due to insufficient restrictions on which posts can be included. This makes it possible for authenticated attackers, with Subscriber-level...

6.5CVSS7.3AI score
Exploits0References2
Rows per page
Query Builder