Lucene search
K

3115 matches found

Nuclei
Nuclei
added yesterday27 views

Prime Mover < 1.9.3 - Sensitive Data Exposure

Prime Mover plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.9.2 via directory listing in the 'prime-mover-export-files/1/' folder. This makes it possible for unauthenticated attackers to extract sensitive data including site and...

7.5CVSS6.9AI score0.39867EPSS
Exploits1References3
Tenable Nessus
Tenable Nessus
added 2026/06/28 12:0 a.m.12 views

Linux Distros Unpatched Vulnerability : CVE-2026-52966

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: drm: Replace old pointer to new idr Commit 5e28b7b94408 introduced a logical error by failin...

5.9AI score0.00186EPSS
Exploits0References3
NVD
NVD
added 2026/06/24 5:17 p.m.5 views

CVE-2026-52966

In the Linux kernel, the following vulnerability has been resolved: drm: Replace old pointer to new idr Commit 5e28b7b94408 introduced a logical error by failing to replace the newly generated IDR pointer to old id's pointer at the correct location within the "change handle" logic; this resulted ...

0.00186EPSS
Exploits0References3
NVD
NVD
added 2026/06/23 6:18 p.m.9 views

CVE-2026-49440

Deno is a JavaScript, TypeScript, and WebAssembly runtime. Prior to 2.8.1, node:crypto.checkPrimecandidate, options, callback and crypto.checkPrimeSynccandidate, options ran no Miller-Rabin rounds at all when the caller left options.checks at its default of 0. In that mode, the only test applied ...

7.4CVSS0.00149EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/06/23 5:13 p.m.39 views

CVE-2026-49440 Deno: Miller-Rabin Primality Test Allows Zero Rounds

Deno is a JavaScript, TypeScript, and WebAssembly runtime. Prior to 2.8.1, node:crypto.checkPrimecandidate, options, callback and crypto.checkPrimeSynccandidate, options ran no Miller-Rabin rounds at all when the caller left options.checks at its default of 0. In that mode, the only test applied ...

7.4CVSS0.00149EPSS
Exploits0References2
CVE
CVE
added 2026/06/23 5:13 p.m.11 views

CVE-2026-49440

Summary: CVE-2026-49440 affects Deno’s crypto.primality tests when using default options (checks=0) for checkPrime/checkPrimeSync, causing some composites to be reported as prime due to zero Miller-Rabin rounds. This occurs in the node:crypto path and related op_node_check_prime implementations; ...

7.4CVSS5.8AI score0.00149EPSS
Exploits0References2Affected Software1
Nuclei
Nuclei
added 2026/06/16 7:13 a.m.117 views

Cisco Prime Infrastructure and Cisco Evolved Programmable Network Manager - Remote Code Execution

Cisco Prime Infrastructure PI and Cisco Evolved Programmable Network EPN Manager could allow an authenticated, remote attacker to execute code with root-level privileges on the underlying operating system. This vulnerability exist because the software improperly validates user-supplied input. An...

10CVSS8.5AI score0.98092EPSS
Exploits12References5
Positive Technologies
Positive Technologies
added 2026/06/16 12:0 a.m.15 views

PT-2026-50149

Name of the Vulnerable Software and Affected Versions Deno versions prior to 2.8.1 Description The node:crypto.checkPrime and crypto.checkPrimeSync functions failed to perform Miller-Rabin rounds when the options.checks variable was left at its default value of 0. In this state, the software only...

7.4CVSS5.8AI score0.00149EPSS
Exploits0References6
EUVD
EUVD
added 2026/06/15 8:18 p.m.8 views

EUVD-2026-36835

Unauthenticated PHP Object Injection in EventPrime = 4.3.2.1 versions...

8.1CVSS5.3AI score0.00317EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/10 8:59 a.m.17 views

CVE-2026-8677

The Prime Elementor Addons – Lightweight Elementor Widgets for Faster Pages plugin for WordPress is vulnerable to Stored Cross-Site Scripting via Widget HTML Tag Settings in all versions up to, and including, 1.3.3 due to insufficient input sanitization and output escaping. This makes it possible...

6.4CVSS5.6AI score0.00243EPSS
Exploits0References1
NVD
NVD
added 2026/06/09 9:16 a.m.16 views

CVE-2026-8677

The Prime Elementor Addons – Lightweight Elementor Widgets for Faster Pages plugin for WordPress is vulnerable to Stored Cross-Site Scripting via Widget HTML Tag Settings in all versions up to, and including, 1.3.3 due to insufficient input sanitization and output escaping. This makes it possible...

6.4CVSS0.00243EPSS
Exploits0References16
CVE
CVE
added 2026/06/09 8:29 a.m.33 views

CVE-2026-8677

CVE-2026-8677 affects the Prime Elementor Addons – Lightweight Elementor Widgets for Faster Pages plugin for WordPress. All versions up to 1.3.3 are susceptible to Stored Cross-Site Scripting via Widget HTML Tag Settings due to insufficient input sanitization and output escaping. Exploitation req...

6.4CVSS5.6AI score0.00243EPSS
Exploits0References16
EUVD
EUVD
added 2026/06/09 8:29 a.m.12 views

EUVD-2026-35378

The Prime Elementor Addons – Lightweight Elementor Widgets for Faster Pages plugin for WordPress is vulnerable to Stored Cross-Site Scripting via Widget HTML Tag Settings in all versions up to, and including, 1.3.3 due to insufficient input sanitization and output escaping. This makes it possible...

6.4CVSS5.7AI score0.00243EPSS
Exploits0References16
Cvelist
Cvelist
added 2026/06/09 8:29 a.m.40 views

CVE-2026-8677 Prime Elementor Addons <= 1.3.3 - Authenticated (Contributor+) Stored Cross-Site Scripting via Widget HTML Tag Settings

The Prime Elementor Addons – Lightweight Elementor Widgets for Faster Pages plugin for WordPress is vulnerable to Stored Cross-Site Scripting via Widget HTML Tag Settings in all versions up to, and including, 1.3.3 due to insufficient input sanitization and output escaping. This makes it possible...

6.4CVSS0.00243EPSS
Exploits0References16
Vulnrichment
Vulnrichment
added 2026/06/09 8:29 a.m.10 views

CVE-2026-8677 Prime Elementor Addons <= 1.3.3 - Authenticated (Contributor+) Stored Cross-Site Scripting via Widget HTML Tag Settings

The Prime Elementor Addons – Lightweight Elementor Widgets for Faster Pages plugin for WordPress is vulnerable to Stored Cross-Site Scripting via Widget HTML Tag Settings in all versions up to, and including, 1.3.3 due to insufficient input sanitization and output escaping. This makes it possible...

6.4CVSS5.7AI score0.00243EPSS
Exploits0References16
CNNVD
CNNVD
added 2026/06/09 12:0 a.m.21 views

WordPress plugin Prime Elementor Addons – Lightweight Elementor Widgets for Faster Pages 跨站脚本漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows users to create personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that extends the...

6.4CVSS5.4AI score0.00243EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/06/09 12:0 a.m.19 views

PT-2026-47725

Name of the Vulnerable Software and Affected Versions Prime Elementor Addons versions prior to 1.3.4 Description Insufficient input sanitization and output escaping in the Widget HTML Tag Settings allow authenticated attackers with contributor-level access or higher to perform Stored Cross-Site...

6.4CVSS5.7AI score0.00243EPSS
Exploits0References21
RedhatCVE
RedhatCVE
added 2026/06/05 7:49 p.m.11 views

CVE-2026-41144

F´ F Prime is a framework that enables development and deployment of spaceflight and other embedded software applications. Prior to version 4.2.0, the bounds check byteOffset + dataSize fileSize uses U32 addition that wraps around on overflow. An attacker-crafted DataPacket with...

9.8CVSS6.6AI score0.00428EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:29 p.m.10 views

CVE-2026-20189

A vulnerability in the log file download functionality of Cisco Prime Infrastructure could allow an authenticated, remote attacker to download arbitrary log files from the server. This vulnerability is due to insufficient authorization checks on the download service API. An attacker could exploit...

4.3CVSS5.7AI score0.00214EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:28 p.m.11 views

CVE-2026-4341

The Prime Slider – Addons for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'followustext' setting of the Mount widget in all versions up to, and including, 4.1.10. This is due to insufficient input sanitization and output escaping. Specifically, the...

6.4CVSS5.7AI score0.00362EPSS
Exploits0References1
Rows per page
Query Builder