Lucene search
K

8338 matches found

vulnersOsv
vulnersOsv
added 2025/07/16 12:30 p.m.7 views

org.glassfish.main.admingui:console-cluster-plugin (>=3.1.2 <=7.0.25), org.glassfish.main.admingui:console-commandrecorder-plugin (>=7.0.16 <=7.0.25) +15 more potentially affected by CVE-2024-10031 via org.glassfish.main.admingui:console-common (>=3.1.2 <=7.0.25)

org.glassfish.main.admingui:console-common MAVEN version =3.1.2, =3.1.2, =7.0.16, =3.1.2, =3.1.2, =3.1.2, =3.1.2, =3.1.2, =4.0, =3.1.2, =4.0, =3.1.2, =4.0, =4.0, =6.2.5, =4.1, =7.0.25 and more Source cves: CVE-2024-10031 Source advisory: OSV:GHSA-HP97-5X6G-Q538...

5.8CVSS5.8AI score0.00161EPSS
Exploits0
Patchstack
Patchstack
added 2025/07/16 11:40 a.m.6 views

WordPress Webba Booking <= 5.1.20 - Broken Access Control Vulnerability

Broken Access Control Vulnerability discovered by Hiro Code016Hiro in WordPress Plugin Webba Booking versions = 5.1.20...

6.5CVSS6.7AI score0.00333EPSS
Exploits0Affected Software1
NVD
NVD
added 2025/07/16 11:15 a.m.7 views

CVE-2025-54039

Cross-Site Request Forgery CSRF vulnerability in Toast Plugins Animator scroll-triggered-animations allows Cross Site Request Forgery.This issue affects Animator: from n/a through = 3.0.16...

4.3CVSS0.00128EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/07/16 10:36 a.m.2 views

CVE-2025-54039 WordPress Animator plugin <= 3.0.16 - Cross Site Request Forgery (CSRF) Vulnerability

Cross-Site Request Forgery CSRF vulnerability in Toast Plugins Animator scroll-triggered-animations allows Cross Site Request Forgery.This issue affects Animator: from n/a through = 3.0.16...

4.3CVSS5.1AI score0.00128EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/07/16 12:0 a.m.4 views

PT-2025-29761 · WordPress · Toast Plugins Animator

Name of the Vulnerable Software and Affected Versions: Toast Plugins Animator versions n/a through 3.0.16 Description: A Cross-Site Request Forgery CSRF issue exists in Toast Plugins Animator. This allows attackers to perform actions on behalf of unsuspecting users. Recommendations: Update Toast...

4.3CVSS6.5AI score0.00128EPSS
Exploits0References3
OpenVAS
OpenVAS
added 2025/07/16 12:0 a.m.3 views

openSUSE Security Advisory (SUSE-SU-2025:02302-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

5.6CVSS6.4AI score0.00428EPSS
Exploits3References6
OpenVAS
OpenVAS
added 2025/07/16 12:0 a.m.4 views

SUSE: Security Advisory (SUSE-SU-2025:02302-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

5.6CVSS6.4AI score0.00428EPSS
Exploits3References6
Tenable Nessus
Tenable Nessus
added 2025/07/15 12:0 a.m.6 views

SUSE SLED15: gstreamer-plugins-base / gstreamer-plugins-base-32bit / etc (SUSE-SU-2025:02302-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2025:02302-1 advisory. - CVE-2025-47808: Fixed NULL-pointer dereference in TMPlayer subtitle parser bsc1244404. -...

5.6CVSS7.1AI score0.00428EPSS
Exploits3References10
Broadcom
Broadcom
added 2025/07/15 12:0 a.m.14 views

Improper Privilege Management vulnerability in Apache Kafka Client

Apache Kafka Clients are vulnerable to improper privilege management due to the use of ConfigProvider plugins that can read from disk or environment variables. This could allow an attacker to read arbitrary contents of the disk and environment variables, potentially escalating from REST API acces...

6.5CVSS6.9AI score0.01129EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2025/07/15 12:0 a.m.5 views

SUSE SLES12 Security Update : gstreamer-plugins-good (SUSE-SU-2025:02303-1)

The remote SUSE Linux SLES12 host has packages installed that are affected by a vulnerability as referenced in the SUSE- SU-2025:02303-1 advisory. - CVE-2025-47183: Fixed out-of-bounds read when parsing mvhd box bsc1244406. Tenable has extracted the preceding description block directly from the...

6.6CVSS5.5AI score0.00187EPSS
Exploits1References4
RedHat Linux
RedHat Linux
added 2025/07/14 7:46 p.m.3 views

Important: Red Hat Security Advisory: Red Hat Developer Hub 1.5.3 release.

Red Hat Developer Hub 1.5.3 has been released. Red Hat Developer Hub RHDH is Red Hat's enterprise-grade, self-managed, customizable developer portal based on Backstage.io. RHDH is supported on OpenShift and other major Kubernetes clusters AKS, EKS, GKE. The core features of RHDH include a single...

8.8CVSS6.6AI score0.01479EPSS
Exploits4References8
OSV
OSV
added 2025/07/14 10:51 a.m.2 views

SUSE-SU-2025:02304-1 Security update for gstreamer-plugins-base

This update for gstreamer-plugins-base fixes the following issues: - CVE-2025-47808: Fixed NULL-pointer dereference in TMPlayer subtitle parser bsc1244404. - CVE-2025-47807: Fixed NULL-pointer dereference in SubRip subtitle parser bsc1244403. - CVE-2025-47806: Fixed stack buffer overflow in SubRi...

5.6CVSS6AI score0.00428EPSS
Exploits3References7
SUSE Linux
SUSE Linux
added 2025/07/14 10:51 a.m.2 views

Security update for gstreamer-plugins-base

This update for gstreamer-plugins-base fixes the following issues: CVE-2025-47808: Fixed NULL-pointer dereference in TMPlayer subtitle parser bsc1244404. CVE-2025-47807: Fixed NULL-pointer dereference in SubRip subtitle parser bsc1244403. CVE-2025-47806: Fixed stack buffer overflow in SubRip...

5.5CVSS7.9AI score0.00428EPSS
Exploits3References12
SUSE Linux
SUSE Linux
added 2025/07/14 10:50 a.m.4 views

Security update for gstreamer-plugins-good

This update for gstreamer-plugins-good fixes the following issues: CVE-2025-47183: Fixed out-of-bounds read when parsing mvhd box bsc1244406. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you c...

6.6CVSS7.3AI score0.00187EPSS
Exploits1References4
OSV
OSV
added 2025/07/14 10:50 a.m.2 views

SUSE-SU-2025:02303-1 Security update for gstreamer-plugins-good

This update for gstreamer-plugins-good fixes the following issues: - CVE-2025-47183: Fixed out-of-bounds read when parsing mvhd box bsc1244406...

6.6CVSS7.1AI score0.00187EPSS
Exploits1References3
SUSE Linux
SUSE Linux
added 2025/07/14 10:50 a.m.2 views

Security update for gstreamer-plugins-base

This update for gstreamer-plugins-base fixes the following issues: CVE-2025-47808: Fixed NULL-pointer dereference in TMPlayer subtitle parser bsc1244404. CVE-2025-47807: Fixed NULL-pointer dereference in SubRip subtitle parser bsc1244403. CVE-2025-47806: Fixed stack buffer overflow in SubRip...

5.5CVSS7.2AI score0.00428EPSS
Exploits3References12
OSV
OSV
added 2025/07/14 10:50 a.m.5 views

SUSE-SU-2025:02302-1 Security update for gstreamer-plugins-base

This update for gstreamer-plugins-base fixes the following issues: - CVE-2025-47808: Fixed NULL-pointer dereference in TMPlayer subtitle parser bsc1244404. - CVE-2025-47807: Fixed NULL-pointer dereference in SubRip subtitle parser bsc1244403. - CVE-2025-47806: Fixed stack buffer overflow in SubRi...

5.6CVSS7.5AI score0.00428EPSS
Exploits3References7
Tenable Nessus
Tenable Nessus
added 2025/07/10 12:0 a.m.48 views

Jenkins plugins Multiple Vulnerabilities (2025-07-09)

According to their self-reported version numbers, the version of Jenkins plugins running on the remote web server are affected by multiple vulnerabilities: - Jenkins Applitools Eyes Plugin 1.16.5 and earlier stores Applitools API keys unencrypted in job config.xml files on the Jenkins controller,...

8.2CVSS6AI score0.00618EPSS
Exploits1References32
vulnersOsv
vulnersOsv
added 2025/07/09 6:30 p.m.7 views

au.com.versent.jenkins.plugins:ignore-committer-strategy (>=29.v7c3891a_434c3 <=57.v0756db_b_f6926), com.amazon.jenkins.fleet:ec2-fleet (>=1.0 <=4.2.1.515.v100267825939) +109 more potentially affected by CVE-2025-53650 via org.jenkins-ci.plugins:credentials-binding (>=1.10 <=687.v619cb_15e923f)

org.jenkins-ci.plugins:credentials-binding MAVEN version =1.10, =29.v7c3891a434c3, =1.0, =1.6, =1.4, =1.41.0, =377.vc87a13718939, =57.vde5161ec7aba, =0.17, =60.vce1b19770361, =1.0.43, =1.0.0, =1.27.25 and more Source cves: CVE-2025-53650 Source advisory: OSV:GHSA-9768-HPRV-CRJ5...

7.3CVSS5.4AI score0.00321EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2025/07/05 1:21 p.m.11 views

CVE-2025-2537

Multiple plugins for WordPress are vulnerable to Stored Cross-Site Scripting via the plugin's bundled ThickBox JavaScript library version 3.1 in various versions due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated...

6.4CVSS5.6AI score0.00225EPSS
Exploits0References1
Rows per page
Query Builder