Lucene search
K

8338 matches found

Ubuntu
Ubuntu
added 2025/08/26 1:11 p.m.3 views

USN-7716-1: GStreamer Base Plugins vulnerabilities

Shaun Mirani discovered that GStreamer Base Plugins incorrectly handled certain malformed media files. An attacker could use these issues to cause GStreamer Base Plugins to crash, resulting in a denial of service, or possibly execute arbitrary code...

5.6CVSS8.2AI score0.00428EPSS
Exploits3
OSV
OSV
added 2025/08/26 1:11 p.m.3 views

USN-7716-1 gst-plugins-base1.0 vulnerabilities

Shaun Mirani discovered that GStreamer Base Plugins incorrectly handled certain malformed media files. An attacker could use these issues to cause GStreamer Base Plugins to crash, resulting in a denial of service, or possibly execute arbitrary code...

5.6CVSS7.1AI score0.00428EPSS
Exploits3References4
Packet Storm News
Packet Storm News
added 2025/08/25 12:0 a.m.5 views

WhatWeb Scanner 0.6.2

WhatWeb is a next-generation web scanner. WhatWeb recognizes web technologies including content management systems CMS, blogging platforms, statistic/analytics packages, JavaScript libraries, web servers, and embedded devices. WhatWeb has over 1800 plugins, each to recognize something different...

7.6AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2025/08/25 12:0 a.m.3 views

Linux Distros Unpatched Vulnerability : CVE-2017-5846

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The gstasfdemuxprocessextstreamprops function in gst/asfdemux/gstasfdemux.c in gst-plugins-ugly in GStreamer before 1.10.3 allows remote attackers to cause a...

5.5CVSS6.1AI score0.02031EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/08/24 12:0 a.m.5 views

Linux Distros Unpatched Vulnerability : CVE-2019-11065

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Gradle versions from 1.4 to 5.3.1 use an insecure HTTP URL to download dependencies when the built-in JavaScript or CoffeeScript Gradle plugins are used...

5.9CVSS6.7AI score0.01366EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/08/24 12:0 a.m.3 views

Linux Distros Unpatched Vulnerability : CVE-2017-5847

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The gstasfdemuxprocessextcontentdesc function in gst/asfdemux/gstasfdemux.c in gst-plugins-ugly in GStreamer allows remote attackers to cause a denial of servic...

7.5CVSS6.1AI score0.03734EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/08/24 12:0 a.m.6 views

Linux Distros Unpatched Vulnerability : CVE-2016-10026

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ikiwiki 3.20161219 does not properly check if a revision changes the access permissions for a page on sites with the git and recentchanges plugins and the CGI...

7.5CVSS6.9AI score0.02129EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2025/08/23 7:28 a.m.4 views

CVE-2025-36530

Mattermost versions 10.9.x = 10.9.1, 10.8.x = 10.8.3, 10.5.x = 10.5.8, 9.11.x = 9.11.17 fail to properly validate file paths during plugin import operations which allows restricted admin users to install unauthorized custom plugins via path traversal in the import functionality, bypassing plugin...

6.8CVSS7.1AI score0.00461EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/08/22 8:31 a.m.3 views

CVE-2025-54007

Deserialization of Untrusted Data vulnerability in PickPlugins Post Grid and Gutenberg Blocks post-grid allows Object Injection.This issue affects Post Grid and Gutenberg Blocks: from n/a through = 2.3.11...

8.8CVSS5.9AI score0.00392EPSS
Exploits0References1
vulnersOsv
vulnersOsv
added 2025/08/21 2:53 p.m.5 views

@hpcc-js/esbuild-plugins (>=1.4.2 <=1.4.9), @yangzw/bruce-app (>=1.3.7 <=1.3.8) +1 more potentially affected by CVE-2025-57753 via vite-plugin-static-copy (>=3.0.0 <=3.1.1)

vite-plugin-static-copy NPM version =3.0.0, =1.4.2, =1.3.7, =1.3.8 - auto-reveal =0.7.0 Source cves: CVE-2025-57753 Source advisory: SNYK:JS-VITEPLUGINSTATICCOPY-12179280...

6CVSS5.8AI score0.00394EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2025/08/21 2:53 p.m.5 views

@hpcc-js/esbuild-plugins (>=1.4.2 <=1.4.9), @yangzw/bruce-app (>=1.3.7 <=1.3.8) +1 more potentially affected by CVE-2025-57753 via vite-plugin-static-copy (>=3.0.0 <=3.1.1)

vite-plugin-static-copy NPM version =3.0.0, =1.4.2, =1.3.7, =1.3.8 - auto-reveal =0.7.0 Source cves: CVE-2025-57753 Source advisory: OSV:GHSA-PP7P-Q8FX-2968...

6CVSS5.8AI score0.00394EPSS
Exploits0
Wordfence Blog
Wordfence Blog
added 2025/08/21 2:13 p.m.19 views

Wordfence Intelligence Weekly WordPress Vulnerability Report (August 11, 2025 to August 17, 2025)

Calling all Vulnerability Researchers and Bug Bounty Hunters! Spring into Summer with Wordfence! Now through September 4, 2025, earn 2X bounty rewards forall in-scope submissions from our 'High Threat' list in software with fewer than 5 million active installs. Bounties up to $31,200 per...

9.9CVSS8.8AI score0.37349EPSS
Exploits12
OSV
OSV
added 2025/08/21 9:30 a.m.5 views

GHSA-GQ3R-5833-5532 Mattermost Fails to Validate File Paths

Mattermost versions 10.9.x = 10.9.1, 10.8.x = 10.8.3, 10.5.x = 10.5.8, 9.11.x = 9.11.17 fail to properly validate file paths during plugin import operations which allows restricted admin users to install unauthorized custom plugins via path traversal in the import functionality, bypassing plugin...

6.8CVSS7AI score0.00461EPSS
Exploits0References4
Github Security Blog
Github Security Blog
added 2025/08/21 9:30 a.m.9 views

Mattermost Fails to Validate File Paths

Mattermost versions 10.9.x = 10.9.1, 10.8.x = 10.8.3, 10.5.x = 10.5.8, 9.11.x = 9.11.17 fail to properly validate file paths during plugin import operations which allows restricted admin users to install unauthorized custom plugins via path traversal in the import functionality, bypassing plugin...

6.8CVSS7AI score0.00461EPSS
Exploits0References4Affected Software4
NVD
NVD
added 2025/08/21 7:15 a.m.7 views

CVE-2025-36530

Mattermost versions 10.9.x = 10.9.1, 10.8.x = 10.8.3, 10.5.x = 10.5.8, 9.11.x = 9.11.17 fail to properly validate file paths during plugin import operations which allows restricted admin users to install unauthorized custom plugins via path traversal in the import functionality, bypassing plugin...

6.8CVSS0.00461EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/08/21 7:11 a.m.7 views

CVE-2025-36530 Import Path Traversal Enables Unauthorized Unsigned Plugin Installation

Mattermost versions 10.9.x = 10.9.1, 10.8.x = 10.8.3, 10.5.x = 10.5.8, 9.11.x = 9.11.17 fail to properly validate file paths during plugin import operations which allows restricted admin users to install unauthorized custom plugins via path traversal in the import functionality, bypassing plugin...

6.8CVSS0.00461EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/08/21 7:11 a.m.4 views

CVE-2025-36530 Import Path Traversal Enables Unauthorized Unsigned Plugin Installation

Mattermost versions 10.9.x = 10.9.1, 10.8.x = 10.8.3, 10.5.x = 10.5.8, 9.11.x = 9.11.17 fail to properly validate file paths during plugin import operations which allows restricted admin users to install unauthorized custom plugins via path traversal in the import functionality, bypassing plugin...

6.8CVSS7AI score0.00461EPSS
Exploits0References1
CVE
CVE
added 2025/08/21 7:11 a.m.31 views

CVE-2025-36530

Mattermost contains a path traversal vulnerability in the plugin import flow (affecting 9.11.x up to 9.11.17, 10.5.x up to 10.5.8, 10.8.x up to 10.8.3, 10.9.x up to 10.9.1). The root cause is improper validation of file paths during plugin import, which allows restricted admin users to install un...

6.8CVSS7AI score0.00461EPSS
Exploits0References1Affected Software1
Positive Technologies
Positive Technologies
added 2025/08/21 12:0 a.m.4 views

PT-2025-34194 · Mattermost · Mattermost

Name of the Vulnerable Software and Affected Versions: Mattermost versions 10.5.x through 10.5.8 Mattermost versions 10.8.x through 10.8.3 Mattermost versions 10.9.x through 10.9.1 Mattermost versions 9.11.x through 9.11.17 Description: The Mattermost application does not properly validate file...

6.8CVSS7.1AI score0.00461EPSS
Exploits0References10
CNVD
CNVD
added 2025/08/20 12:0 a.m.1 views

Intel Device Plugins for Kubernetes Improper Access Control Vulnerability

Intel Device Plugins for Kubernetes is a set of frameworks and implementations developed by Intel for exposing hardware resources such as GPUs, FPGAs, etc. to container applications in a Kubernetes cluster. An improper access control vulnerability exists in Intel Device Plugins for Kubernetes,...

6.7CVSS6.8AI score0.00133EPSS
Exploits0References1
Rows per page
Query Builder