CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Gitee•added 2025/08/03 4:11 a.m.•78 views

powertools

PowerTools Is Now Deprecated! PowerView and PowerUp have moved to the PowerSploit repository under ./Recon/ and ./Privesc/ respectively. PowerPick will move repository locations shortly back to its original home. PewPewPew is no longer supported. No pull requests will be accepted and no issues wi...

7.4AI score

Gitee•added 2025/07/27 4:55 a.m.•135 views

PowerTools

7.4AI score

RedhatCVE•added 2025/05/23 2:59 a.m.•3 views

CVE-2023-1472

The RapidLoad Power-Up for Autoptimize plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.7.1. This is due to missing or incorrect nonce validation on its AJAX actions. This makes it possible for unauthenticated attackers to invoke those functions...

6.3CVSS5.4AI score0.0007EPSS

RedhatCVE•added 2025/05/23 2:59 a.m.•3 views

CVE-2023-1335

The RapidLoad Power-Up for Autoptimize plugin for WordPress is vulnerable to unauthorized plugin settings update due to a missing capability check on the ucssconnect function in versions up to, and including, 1.7.1. This makes it possible for authenticated attackers with subscriber-level access t...

4.3CVSS5.2AI score0.00175EPSS

RedhatCVE•added 2025/05/23 2:58 a.m.•4 views

CVE-2023-1334

The RapidLoad Power-Up for Autoptimize plugin for WordPress is vulnerable to unauthorized cache modification due to a missing capability check on the queueposts function in versions up to, and including, 1.7.1. This makes it possible for authenticated attackers with subscriber-level access to...

4.3CVSS5.1AI score0.00175EPSS

RedhatCVE•added 2025/05/23 2:32 a.m.•3 views

CVE-2023-1338

The RapidLoad Power-Up for Autoptimize plugin for WordPress is vulnerable to unauthorized cache modification due to a missing capability check on the attachrule function in versions up to, and including, 1.7.1. This makes it possible for authenticated attackers with subscriber-level access to...

4.3CVSS5.1AI score0.00175EPSS

OSV•added 2025/02/26 7:1 a.m.•2 views

DEBIAN-CVE-2022-49454

In the Linux kernel, the following vulnerability has been resolved: PCI: mediatek: Fix refcount leak in mtkpciesubsyspowerup The offindcompatiblenode function returns a node pointer with refcount incremented, We should use ofnodeput on it when done Add the missing ofnodeput to release the refcoun...

5.5CVSS5.3AI score0.00133EPSS

Vulnrichment•added 2025/02/26 2:13 a.m.•1 views

CVE-2022-49454 PCI: mediatek: Fix refcount leak in mtk_pcie_subsys_powerup()

6AI score0.00133EPSS

Exploits0References4

Positive Technologies•added 2025/02/26 12:0 a.m.•3 views

PT-2025-8388 · Linux +1 · Linux Kernel +1

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: A refcount leak was found in the mtk pcie subsys powerup function. The of find compatible node function returns a node pointer with refcount incremented. To fix this issue, the missing...

5.5CVSS6.7AI score0.00133EPSS

Exploits0References13

Talos Blog•added 2024/09/05 4:26 p.m.•7 views

Watch our new documentary, "The Light We Keep: A Project PowerUp Story"

You may have already read about the incredible story of Project PowerUp - how we worked with a multi-company, multi-national team to find a way to keep the lights on in Ukraine in the face of electronic warfare. Today, we are releasing a short documentary on how this story came to be, while...

7.2AI score

Talos Blog•added 2023/12/11 10:48 a.m.•13 views

Video: Talos 2023 Year in Review highlights

In this video, experts from across Cisco Talos came together to discuss the 2023 Talos Year in Review. We chat about whats new, whats stayed the same, and how the geopolitical environment has affected the threat landscape. This video was recorded live on social media: Read the 2023 Cisco Talos Ye...

7.2AI score

ATTACKERKB•added 2023/03/17 3:15 p.m.•1 views

CVE-2023-1472

6.3CVSS7.1AI score0.0007EPSS

OSV•added 2023/03/10 8:15 p.m.•2 views

CVE-2023-1342

The RapidLoad Power-Up for Autoptimize plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.7.1. This is due to missing or incorrect nonce validation on the ucssconnect function. This makes it possible for unauthenticated attackers to connect the si...

4.3CVSS6.5AI score0.00065EPSS

Exploits0References2

ATTACKERKB•added 2023/03/10 8:15 p.m.•0 views

CVE-2023-1335

4.3CVSS6.6AI score0.00175EPSS

ATTACKERKB•added 2023/03/10 8:15 p.m.•0 views

CVE-2023-1343

The RapidLoad Power-Up for Autoptimize plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.7.1. This is due to missing or incorrect nonce validation on the attachrule function. This makes it possible for unauthenticated attackers to modify the...

4.3CVSS6.6AI score0.00065EPSS

ATTACKERKB•added 2023/03/10 8:15 p.m.•0 views

CVE-2023-1334

4.3CVSS6.6AI score0.00175EPSS

CNNVD•added 2023/03/10 12:0 a.m.•3 views

WordPress plugin RapidLoad Power-Up for Autoptimize 跨站请求伪造漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress plugin is an application plugin that supports personal blogs on PHP and MySQL servers. A cross-site request forgery vulnerability exists in the...

4.3CVSS6.2AI score0.00065EPSS