Lucene search
K

22 matches found

EUVD
EUVD
added 2026/06/15 9:30 p.m.9 views

EUVD-2026-36941

Author Arbitrary File Download in Download Monitor = 5.1.9 versions...

4.4CVSS5.2AI score0.00337EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/03/14 3:24 a.m.38 views

CVE-2026-1948 NEX-Forms – Ultimate Forms Plugin for WordPress <= 9.1.9 - Missing Authorization to Authenticated (Subscriber+) License Deactivation via deactivate_license

The NEX-Forms – Ultimate Forms Plugin for WordPress plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the deactivatelicense function in all versions up to, and including, 9.1.9. This makes it possible for authenticated attackers, with...

4.3CVSS0.00212EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/03/05 12:0 a.m.12 views

PT-2026-23239

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in ThemeGoods Starto starto allows Reflected XSS.This issue affects Starto: from n/a through = 2.1.9...

5.9AI score0.00191EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/01/23 2:28 p.m.40 views

CVE-2026-24528 WordPress Nova Blocks plugin <= 2.1.9 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in pixelgrade Nova Blocks nova-blocks allows DOM-Based XSS.This issue affects Nova Blocks: from n/a through = 2.1.9...

6.5CVSS0.00156EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/01/23 12:0 a.m.7 views

WordPress plugin Nova Blocks has a cross-site scripting vulnerability

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...

6.5CVSS5.6AI score0.00156EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/10/14 12:0 a.m.4 views

EspoCRM 跨站请求伪造漏洞

EspoCRM is an open source web-based customer relationship management CRM system from EspoCRM Open Source. The system provides features such as sales automation, community and customer support. A cross-site request forgery vulnerability exists in EspoCRM versions prior to 9.1.9, which stems from...

5.4CVSS6.9AI score0.0013EPSS
Exploits1References2
CNNVD
CNNVD
added 2025/08/29 12:0 a.m.4 views

UAB Paytend App 安全漏洞

UAB Paytend App is a banking mobile application from UAB Paytend. A security vulnerability exists in UAB Paytend App version 2.1.9 and earlier, which stems from improper component export in the file AndroidManifest.xml and could lead to a local attack...

5.3CVSS5.2AI score0.00122EPSS
Exploits0References6
Fedora
Fedora
added 2025/06/11 2:46 a.m.9 views

[SECURITY] Fedora 42 Update: fcitx5-qt-5.1.9-7.fc42

Qt library and IM module for fcitx5...

8.4CVSS7.4AI score0.00309EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2025/05/22 7:15 a.m.7 views

CVE-2018-17423

An issue was discovered in e107 v2.1.9. There is a XSS attack on e107admin/comment.php...

4.8CVSS6AI score0.00739EPSS
Exploits1References1
OSV
OSV
added 2024/08/16 2:15 p.m.6 views

CVE-2024-42466

Improper Restriction of Excessive Authentication Attempts vulnerability in upKeeper Solutions product upKeeper Manager allows Authentication Abuse.This issue affects upKeeper Manager: through 5.1.9...

9.8CVSS5.8AI score0.00652EPSS
Exploits0References1
CNNVD
CNNVD
added 2024/08/16 12:0 a.m.4 views

upKeeper 安全漏洞

upKeeper is a cloud-based or local solution from upKeeper, Inc. A security vulnerability exists in upKeeper version 5.1.9 and earlier, which stems from the presence of an authorization bypass via user control key vulnerability that allows the use of REST trust in system resources to gain access t...

7.6CVSS6.6AI score0.00312EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2023/12/27 12:0 a.m.5 views

PT-2023-30655 · Unknown · Com.Yunyi.Smartcamera

Name of the Vulnerable Software and Affected Versions: com.yunyi.smartcamera application through 4.1.9 20231127 for Android Description: The issue allows a remote attacker to execute arbitrary JavaScript code via an implicit intent to the com.ants360.yicamera.activity.WebViewActivity component...

7.1CVSS7.2AI score0.00478EPSS
Exploits1References6
CNNVD
CNNVD
added 2023/10/25 12:0 a.m.5 views

zzzCMS Code Issues Vulnerabilities

ZZZCMS is a content management system CMS. A security vulnerability exists in zzzCMS version v.2.1.9, which originates from a vulnerability that allows remote attackers to execute arbitrary code via the downurl function in the zzzz.php file...

7.8CVSS7.8AI score0.00898EPSS
Exploits1References2
Positive Technologies
Positive Technologies
added 2023/02/13 12:0 a.m.2 views

PT-2023-34991 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v6.1.9 Description: The issue is related to a potential security vulnerability in the Linux Kernel. The actual impact and attack plausibility have not yet been proven. Recommendations: For Linux Kernel versions...

7.3AI score
Exploits0References1
OSV
OSV
added 2022/05/13 1:11 a.m.1 views

GHSA-66PQ-HQV5-228G Smack allows the bypass of TLS protections

Race condition in the XMPP library in Smack before 4.1.9, when the SecurityMode.required TLS setting has been set, allows man-in-the-middle attackers to bypass TLS protections and trigger use of cleartext for client authentication by stripping the "starttls" feature from a server response...

5.9CVSS6.7AI score0.01519EPSS
Exploits0References9
OSV
OSV
added 2022/01/12 6:15 p.m.7 views

CVE-2022-0015

A local privilege escalation PE vulnerability exists in the Palo Alto Networks Cortex XDR agent that enables an authenticated local user to execute programs with elevated privileges. This issue impacts: Cortex XDR agent 5.0 versions earlier than Cortex XDR agent 5.0.12; Cortex XDR agent 6.1...

7.8CVSS7.2AI score0.00229EPSS
Exploits0References1
CNNVD
CNNVD
added 2021/10/04 12:0 a.m.8 views

WordPress Media File Renamer - Auto & Manual Rename 插件跨站请求伪造漏洞

WordPress is the Wordpress Foundation's set of blogging platform developed using the PHP language . The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress Plugin is an open source application plugin for WordPress. A cross-site request forgery vulnerability...

5.4CVSS5AI score0.00423EPSS
Exploits1References2
OSV
OSV
added 2021/01/21 6:35 a.m.5 views

SUSE-SU-2021:0182-1 Security update for yast2-multipath

This update for yast2-multipath to version 3.1.9 fixes the following issues: Security issue fixed: - CVE-2018-17955: Use random file name instead of static names bsc1117592. Non-security issue fixed: - Removed calls to /sbin/insserv bsc1026027...

5.5CVSS5.6AI score0.00309EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2019/12/18 12:0 a.m.5 views

PT-2019-15975 · Tautulli · Tautulli

Name of the Vulnerable Software and Affected Versions: Tautulli version 2.1.9 Description: The issue allows an attacker to shut down a remote media server due to a CSRF vulnerability in the "/shutdown" API endpoint. Additionally, anonymous access can be achieved in applications lacking a user log...

6.5CVSS6.3AI score0.14706EPSS
Exploits9References6
OSV
OSV
added 2019/08/26 7:15 p.m.0 views

CVE-2019-7975

Adobe Photoshop CC versions 19.1.8 and earlier and 20.0.5 and earlier have a type confusion vulnerability. Successful exploitation could lead to arbitrary code execution...

9.8CVSS7.5AI score
Exploits0References1
Rows per page
Query Builder