Lucene search
K

19 matches found

CVE
CVE
added 2026/06/26 2:52 p.m.16 views

CVE-2026-54847

The CVE-2026-54847 entry concerns the WordPress plugin “Stylish Cost Calculator” (versions

7.5CVSS5.8AI score0.00278EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/04/06 3:31 p.m.34 views

CVE-2026-34588 OpenEXR has a signed 32-bit Overflow in PIZ Decoder Leads to OOB Read/Write

OpenEXR provides the specification and reference implementation of the EXR file format, an image storage format for the motion picture industry. From 3.1.0 to before 3.2.7, 3.3.9, and 3.4.9, internalexrundopiz advances the working wavelet pointer with signed 32-bit arithmetic. Because nx, ny, and...

8.6CVSS0.00482EPSS
Exploits1References4
Vulnrichment
Vulnrichment
added 2026/03/05 5:54 a.m.6 views

CVE-2026-28104 WordPress Site Suggest plugin <= 1.3.9 - Broken Access Control vulnerability

Missing Authorization vulnerability in Aryan Shirani Bid Abadi Site Suggest site-suggest allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Site Suggest: from n/a through = 1.3.9...

5.9AI score0.00242EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2026/01/16 12:0 a.m.5 views

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-004297)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-004297 advisory. In the Linux kernel before 5.3.9, there are multiple out-of-bounds write bugs that can be caused by a malicious USB device in the Linux kernel HID drivers, aka...

6.8CVSS6.6AI score0.00504EPSS
Exploits0References10
Tenable Nessus
Tenable Nessus
added 2026/01/16 12:0 a.m.4 views

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-003671)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-003671 advisory. A memory leak in the sofdfsentrywrite function in sound/soc/sof/debug.c in the Linux kernel through 5.3.9 allows attackers to cause a denial of service memory...

7.8CVSS6.9AI score0.03307EPSS
Exploits0References7
Vulnrichment
Vulnrichment
added 2026/01/14 6:40 a.m.3 views

CVE-2025-15475 PayHere Payment Gateway Plugin for WooCommerce <= 2.3.9 - Missing Authorization to Unauthenticated Order Status Modification

The PayHere Payment Gateway Plugin for WooCommerce plugin for WordPress is vulnerable to unauthorized modification of data due to an improper validation logic in the checkpayhereresponse function in all versions up to, and including, 2.3.9. This makes it possible for unauthenticated attackers to...

5.3CVSS5.6AI score0.00225EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2026/01/03 10:4 p.m.6 views

CVE-2025-64119

A vulnerability in Nuvation Battery Management System allows Authentication Bypass.This issue affects Battery Management System: through 2.3.9...

9.3CVSS6.6AI score0.0036EPSS
Exploits0References1
EUVD
EUVD
added 2025/12/18 9:30 a.m.6 views

EUVD-2025-204069

Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in wpweb Follow My Blog Post follow-my-blog-post allows Retrieve Embedded Sensitive Data.This issue affects Follow My Blog Post: from n/a through = 2.3.9...

7.5CVSS6.4AI score0.00303EPSS
Exploits0References2
CVE
CVE
added 2025/12/18 7:22 a.m.18 views

CVE-2025-64258

CVE-2025-64258 concerns the WordPress plugin Follow My Blog Post (versions

7.5CVSS6.5AI score0.00303EPSS
Exploits0References1Affected Software1
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2025-30558

Malicious code in bioql PyPI...

6.5CVSS6.5AI score0.00196EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2025-30573

Malicious code in bioql PyPI...

8.8CVSS6.4AI score0.00159EPSS
Exploits0References2
CVE
CVE
added 2025/09/26 8:31 a.m.17 views

CVE-2025-60161

CVE-2025-60161: ZoloBlocks (ZoloBlocks plugin)

5.4CVSS5.9AI score0.00197EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/09/22 6:23 p.m.10 views

CVE-2025-58230 WordPress ZoloBlocks plugin <= 2.3.12 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in bdthemes ZoloBlocks zoloblocks allows DOM-Based XSS.This issue affects ZoloBlocks: from n/a through = 2.3.12...

6.5CVSS0.00196EPSS
Exploits0References1
OSV
OSV
added 2024/06/14 2:15 a.m.3 views

CVE-2023-51516

Missing Authorization vulnerability in Business Directory Team Business Directory Plugin.This issue affects Business Directory Plugin: from n/a through 6.3.9...

5.4CVSS5.8AI score0.00314EPSS
Exploits0References1
Patchstack
Patchstack
added 2024/04/22 12:59 p.m.4 views

WordPress BizPrint plugin <= 4.3.39 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Joshua Chan Patchstack Alliance in WordPress Plugin BizPrint versions = 4.3.39...

7.5CVSS7AI score0.00423EPSS
Exploits0Affected Software1
Positive Technologies
Positive Technologies
added 2022/12/13 12:0 a.m.6 views

PT-2022-6004 · Adobe · Campaign

Name of the Vulnerable Software and Affected Versions: Adobe Campaign versions 7.3.1 and earlier Adobe Campaign versions 8.3.9 and earlier Description: The issue is related to a Server-Side Request Forgery SSRF vulnerability that could lead to arbitrary file system read. A low-privilege...

6.8CVSS6.7AI score0.01364EPSS
Exploits0References5
CNNVD
CNNVD
added 2022/02/14 12:0 a.m.3 views

snipe-it 安全漏洞

Snipe-IT is an open source IT asset/license management system. security vulnerability exists in Packagist snipe/snipe-it versions prior to 5.3.9, which stems from improper privilege management. No details of the vulnerability are currently available...

6.5CVSS5.6AI score0.01033EPSS
Exploits1References3
CNVD
CNVD
added 2019/02/12 12:0 a.m.5 views

Cisco Meeting Server Denial of Service Vulnerability (CNVD-2019-16513)

Cisco Meeting Server formerly known as Acano Conferencing Server, CMS is the United States Cisco Cisco company's set of audio and video conferencing server software. A denial of service vulnerability exists in Session Initiation Protocol SIP call processing in Cisco Meeting Server CMS versions...

7.5CVSS6.8AI score0.0182EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2008/11/21 12:0 a.m.2 views

PT-2008-1076 · Apple +1 · Cups +1

Name of the Vulnerable Software and Affected Versions: CUPS versions 1.3.9 and earlier cups-devel version 1.2.4 cups-libs version 1.2.4 cups-lpd version 1.2.4 cups version 1.2.4 Description: The issue allows local users, and possibly remote attackers, to cause a denial of service by adding a larg...

10CVSS7.2AI score0.0921EPSS
Exploits1References38
Rows per page
Query Builder