Lucene search
K

35 matches found

MariaDBUnix
MariaDBUnix
added 2026/05/30 1:59 a.m.10 views

CVE-2026-48165

Disclaimer: This data contains information about vulnerable...

5.7AI score0.00967EPSS
Exploits0
MariaDBUnix
MariaDBUnix
added 2026/05/18 12:0 a.m.12 views

CVE-2026-44169

Disclaimer: This data contains information about vulnerable...

5.7AI score0.00161EPSS
Exploits0
MariaDBUnix
MariaDBUnix
added 2026/05/18 12:0 a.m.10 views

CVE-2026-44168

Disclaimer: This data contains information about vulnerable...

5.7AI score0.00567EPSS
Exploits0
CVE
CVE
added 2025/03/24 3:39 p.m.8924 views

CVE-2023-25610

Fortinet CVE-2023-25610 is a buffer underwrite in the FortiOS/FortiProxy administrative interface that allows remote, unauthenticated execution of code via crafted requests. Affected firmware ranges include FortiOS 7.2.0–7.2.3, 7.0.0–7.0.6, 6.4.0–6.4.11, 6.2.12 and below, FortiProxy 7.2.0–7.2.2, ...

9.8CVSS9.9AI score0.17797EPSS
Exploits1References1Affected Software1
CVE
CVE
added 2025/01/27 4:27 p.m.87 views

CVE-2024-27256

CVE-2024-27256 affects IBM MQ Container images: CD v3.0.0, v3.0.1, v3.1.0–3.1.3; LTS v2.0.0–2.0.22; and 2.4.0–2.4.8, 2.3.0–2.3.3, 2.2.0–2.2.2. Description: use of weaker than expected cryptographic algorithms could allow an attacker to decrypt highly sensitive information. Connected sources corro...

7.5CVSS6.6AI score0.00205EPSS
Exploits0References1Affected Software2
CVE
CVE
added 2024/12/09 11:30 a.m.69 views

CVE-2023-47869

The CVE-2023-47869 issue concerns the WordPress plugin wpForo Forum, affected up to version 2.2.5. Connected data indicates a Content Injection/Broken Access Control vulnerability arising from improper handling of script-related HTML in web pages, enabling code injection. Patchstack specifies tha...

5.4CVSS8.6AI score0.00296EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2024/12/09 11:30 a.m.57 views

CVE-2023-49755

CVE-2023-49755 affects WordPress plugin Elementor Timeline Widget (

5.4CVSS8.5AI score0.00457EPSS
Exploits0References1
CVE
CVE
added 2024/11/15 9:54 p.m.66 views

CVE-2017-13312

CVE-2017-13312 affects Android’s Media framework (MediaCas.java) where a parcel read/write mismatch in createFromParcel, due to improper input validation, can enable local elevation of privilege on Android 8.0 (Oreo). An app could start an activity with system privileges without extra execution p...

7.8CVSS6.9AI score0.00073EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2024/11/15 3:58 p.m.7955 views

CVE-2022-20652

Cisco Tetration contains a command-injection vulnerability in the web-based management interface and API subsystem. An authenticated remote attacker with administrator credentials can submit crafted HTTP messages to execute commands with root privileges due to insufficient input validation. Impac...

6.5CVSS6.7AI score0.01315EPSS
Exploits0References2
CVE
CVE
added 2024/07/03 12:0 a.m.301 views

CVE-2024-33870

CVE-2024-33870 affects Artifex Ghostscript up to version 10.03.1. The issue is a path traversal vulnerability in PostScript handling that can reach arbitrary files when the current directory is within permitted paths, e.g., transforming ../../foo to ./../../foo and gaining access if ./ is allowed...

6.3CVSS6.7AI score0.00515EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2024/05/17 8:36 a.m.108 views

CVE-2023-47683

The CVE-2023-47683 entry concerns the miniOrange WordPress Social Login and Register plugin (Discord, Google, Twitter, LinkedIn). The root cause is improper privilege management that allows authenticated users with Subscriber access to escalate to Administrator. Affected versions are up to 7.6.6;...

8CVSS6.8AI score0.00479EPSS
Exploits0References1
CVE
CVE
added 2024/04/15 5:0 a.m.55 views

CVE-2023-7201

CVE-2023-7201 affects the Everest Backup WordPress plugin (versions prior to 2.2.5). The flaw allows high-privilege users (e.g., admin) to upload arbitrary files due to improper validation, including in multisite setups. Red Hat and CVE sources corroborate the same description. Remediation: upgra...

6.5CVSS9.2AI score0.00649EPSS
Exploits2References1Affected Software1
CVE
CVE
added 2024/04/09 6:59 p.m.59 views

CVE-2024-2341

CVE-2024-2341 refers to the WordPress plugin Appointment Booking Calendar — Simply Schedule Appointments (plugin) with SQL Injection via the keys parameter in all versions up to 1.6.7.7, allowing authenticated subscribers to append queries and potentially exfiltrate data. Red Hat and NVD entries ...

8.8CVSS9.3AI score0.00598EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2024/02/23 7:19 p.m.18 views

CAN-2004-0110

CVE-2004-0110 relates to libxml and libxml2 buffer overflow bugs in URL parsing and DNS handling, allowing remote arbitrary code execution. Connected advisories (SUSE, Fedora, CentOS, RHEL) confirm exploitation via long URLs or DNS responses and describe patches to libxml/libxml2. Remediation is ...

7.5AI score0.24232EPSS
Exploits0
CVE
CVE
added 2024/02/23 6:53 p.m.24 views

CAN-2004-0802

Multiple connected entries reference CVE-2004-0802 in imlib2 (notably Debian DSA-552-1 and FreeBSD/OpenVAS entries). The Debian advisory lists CVSS base 5.1 (AV:N/AC:H/Au:N/C:P/I:P/A:P). Descriptions indicate that a missing update is the issue, but no concrete root-cause, vulnerable versions, or ...

7.5AI score0.0343EPSS
Exploits0
CVE
CVE
added 2024/02/23 6:53 p.m.14 views

CAN-2004-0837

MODE C The CVE CAN-2004-0837 (CVE-2004-0837) has concrete OpenVAS/related advisories tying it to MySQL in multiple decks. Affected entries/drivers include: SUSE/SLES9 (Security update for MySQL; CVSS 10.0; patches 120293-02, 120292-02), Gentoo GLSA 200410-22 (MySQL), Gentoo/OpenVAS entries refere...

7.5AI score0.04901EPSS
Exploits1
CVE
CVE
added 2024/02/23 6:20 p.m.12 views

CAN-2004-0888

CVE-2004-0888 concerns an integer overflow in the CUPS pdftops filter. The issue can allow remote code execution on 64-bit platforms when a crafted PDF is printed via the lp user. Several advisories (RHSA-2008-0206, CESA-2008:0206, MDKSA/MCU references) indicate that patches backported to Red Hat...

7.5AI score0.09334EPSS
Exploits0
CVE
CVE
added 2024/02/23 6:14 p.m.15 views

CAN-2004-1282

LinPopUp (Linpopup) is affected by CVE-2004-1282. The vulnerability resides in the buffer handling for the strexpand function in string.c of LinPopUp 1.2.0, which allows a remote attacker to execute arbitrary code by sending a crafted message during a Reply operation. Public advisories (Debian DS...

7.5AI score0.09107EPSS
Exploits1
CVE
CVE
added 2024/02/23 6:9 p.m.18 views

CAN-2005-0072

CVE-2005-0072 affects zhcon (zhcon before 0.2) where the program does not drop privileges before reading a user configuration file, allowing local users to read arbitrary files. The issue is fixed in Debian with DSA-655-1 (zhcon 0.2-4woody3) and arises from reading privileged files while running ...

7.5AI score0.00477EPSS
Exploits1
CVE
CVE
added 2024/02/23 6:4 p.m.13 views

CAN-2005-0158

CVE-2005-0158 applies to BidWatcher, a tool for bidding on eBay auctions. The vulnerability is a format-string flaw in netstuff.cpp that can be triggered by remote inputs via an eBay HTTP server (or a spoofed server/ MITM), potentially allowing denial of service and arbitrary code execution. Publ...

7.5AI score0.01907EPSS
Exploits0
Rows per page
Query Builder