Lucene search
K

572 matches found

CNNVD
CNNVD
added 2025/04/25 12:0 a.m.5 views

WordPress plugin Prevent Direct Access 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

5.4CVSS6.2AI score0.00246EPSS
Exploits0References5
CNNVD
CNNVD
added 2025/04/25 12:0 a.m.4 views

WordPress plugin Prevent Direct Access 信息泄露漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. An information disclosure...

5.3CVSS5.9AI score0.00333EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2025/04/25 12:0 a.m.8 views

PT-2025-17883 · WordPress · Prevent Direct Access – Protect Wordpress Files

Name of the Vulnerable Software and Affected Versions: Prevent Direct Access – Protect WordPress Files plugin versions up to, and including, 2.8.8 Description: The issue allows unauthenticated attackers to extract sensitive data, including files protected by the plugin, due to insufficient...

5.3CVSS6AI score0.00333EPSS
Exploits0References9
CVE
CVE
added 2025/04/16 2:12 p.m.133 views

CVE-2025-22062

CVE-2025-22062 affects the Linux kernel SCTP component. The issue arises from missing mutual exclusion in proc_sctp_do_udp_port, risking a crash if calls to sctp_udp_sock_stop() and sctp_udp_sock_start() are serialized improperly. The vulnerability is tied to the SCTP protocol, with proof of impa...

5.5CVSS6.4AI score0.0023EPSS
Exploits0References8Affected Software1
Microsoft CVE
Microsoft CVE
added 2025/04/09 7:0 a.m.2 views

io_uring: prevent opcode speculation

...

7.8CVSS7.4AI score0.00218EPSS
Exploits0
Positive Technologies
Positive Technologies
added 2025/04/08 12:0 a.m.4 views

PT-2025-20394 · Totolink · Totolink Nr1800X

Name of the Vulnerable Software and Affected Versions: TOTOLINK NR1800X version 9.1.0u.6681 B20230703 Description: The issue is an authenticated stack overflow that occurs via the ssid5g parameter in the setWiFiEasyGuestCfg function. This allows for potential exploitation. Recommendations: For...

9CVSS6.6AI score0.00582EPSS
Exploits1References9
NVD
NVD
added 2025/03/20 6:15 p.m.22 views

CVE-2025-29923

go-redis is the official Redis client library for the Go programming language. Prior to 9.5.5, 9.6.3, and 9.7.3, go-redis potentially responds out of order when CLIENT SETINFO times out during connection establishment. This can happen when the client is configured to transmit its identity, there...

3.7CVSS0.00694EPSS
Exploits0References3
OSV
OSV
added 2025/03/17 8:15 p.m.4 views

CVE-2024-54559

The issue was addressed with improved checks. This issue is fixed in macOS Sequoia 15.2. An app may be able to access sensitive user data...

5.5CVSS5.8AI score0.00165EPSS
Exploits0References1
HackRead
HackRead
added 2025/03/15 3:4 p.m.16 views

Cybersecurity in Crypto: Best Practices to Prevent Theft and Fraud

Cybersecurity tips to protect your cryptocurrency from hackers, scams, and fraud. Learn best practices for securing digital assets…...

7.3AI score
Exploits0
CVE
CVE
added 2025/03/12 9:42 a.m.105 views

CVE-2025-21850

Public details about CVE-2025-21850 are limited in the provided documents. No explicit affected product versions, exploitation, or fixes are disclosed here; monitor for updates.

5.5CVSS6.3AI score0.00169EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2025/03/12 9:42 a.m.151 views

CVE-2025-21844

CVE-2025-21844 affects the Linux kernel SMB client path. The vulnerability could allow a NULL pointer dereference in the receive_encrypted_standard() path due to missing checks, which could crash the kernel. The fix adds checks for the next_buffer in receive_encrypted_standard() and validates the...

5.5CVSS6.6AI score0.0021EPSS
Exploits0References10Affected Software1
OSV
OSV
added 2025/03/06 5:15 p.m.8 views

AZL-59423 CVE-2024-58083 affecting package kernel for versions less than 5.15.180.1-1

In the Linux kernel, the following vulnerability has been resolved: KVM: Explicitly verify target vCPU is online in kvmgetvcpu Explicitly verify the target vCPU is fully online prior to clamping the index in kvmgetvcpu. If the index is "bad", the nospec clamping will generate '0', i.e. KVM will...

7.8CVSS6.7AI score0.00211EPSS
Exploits0References1
SUSE CVE
SUSE CVE
added 2025/03/01 2:54 a.m.3 views

SUSE CVE-2025-0914

An improper access control issue in the VQL shell feature in Velociraptor Versions 0.73.4 allowed authenticated users to execute the execve plugin in deployments where this was explicitly forbidden by configuring the preventexecve flag in the configuration file. This setting is not usually...

3.8CVSS7AI score0.00215EPSS
Exploits0References3
Cvelist
Cvelist
added 2025/02/27 8:1 p.m.19 views

CVE-2025-21812 ax25: rcu protect dev->ax25_ptr

In the Linux kernel, the following vulnerability has been resolved: ax25: rcu protect dev-ax25ptr syzbot found a lockdep issue 1. We should remove ax25 RTNL dependency in ax25setsockopt This should also fix a variety of possible UAF in ax25. 1 WARNING: possible circular locking dependency detecte...

0.00211EPSS
Exploits0References5
NVD
NVD
added 2025/02/27 2:15 a.m.11 views

CVE-2025-21725

In the Linux kernel, the following vulnerability has been resolved: smb: client: fix oops due to unset link speed It isn't guaranteed that NETWORKINTERFACEINFO::LinkSpeed will always be set by the server, so the client must handle any values and then prevent oopses like below from happening: Oops...

5.5CVSS0.00171EPSS
Exploits0References6
CVE
CVE
added 2025/02/27 2:7 a.m.46 views

CVE-2024-58000

CVE-2024-58000 affects the Linux kernel Io_uring reg-wait path. The root cause is speculative execution on a kernel array indexed by user input when using ENTER_EXT_ARG_REG, which could interpret an offset into a pre-mapped memory region as an argument. The documented fix is to prevent speculativ...

5.5CVSS6.4AI score0.00177EPSS
Exploits0References2Affected Software1
Positive Technologies
Positive Technologies
added 2025/02/27 12:0 a.m.8 views

PT-2025-8961 · Unknown · Velociraptor

Name of the Vulnerable Software and Affected Versions: Velociraptor versions prior to 0.73.4 Description: The issue is related to improper access control in the VQL shell feature, allowing authenticated users to execute the execve plugin even when it is explicitly forbidden by the prevent execve...

3.8CVSS7.2AI score0.00215EPSS
Exploits0References6
OSV
OSV
added 2025/02/26 7:1 a.m.13 views

UBUNTU-CVE-2022-49539

In the Linux kernel, the following vulnerability has been resolved: rtw89: ser: fix CAM leaks occurring in L2 reset The CAM, meaning address CAM and bssid CAM here, will get leaks during SER system error recover L2 reset process and ieee80211restarthw which is called by L2 reset process eventuall...

5.5CVSS6AI score0.00209EPSS
Exploits0References5
Debian CVE
Debian CVE
added 2025/02/26 2:13 a.m.7 views

CVE-2022-49496

In the Linux kernel, the following vulnerability has been resolved: media: mediatek: vcodec: prevent kernel crash when rmmod mtk-vcodec-dec.ko If the driver support subdev mode, the parameter "dev-pm.dev" will be NULL in mtkvcodecdecremove. Kernel will crash when try to rmmod mtk-vcodec-dec.ko...

5.5CVSS5.4AI score0.0016EPSS
Exploits0
OSV
OSV
added 2025/02/26 1:56 a.m.10 views

CVE-2022-49280 NFSD: prevent underflow in nfssvc_decode_writeargs()

In the Linux kernel, the following vulnerability has been resolved: NFSD: prevent underflow in nfssvcdecodewriteargs Smatch complains: fs/nfsd/nfsxdr.c:341 nfssvcdecodewriteargs warn: no lower bound on 'args-len' Change the type to unsigned to prevent this issue...

5.5CVSS5.3AI score0.00252EPSS
Exploits0References7
Rows per page
Query Builder