Lucene search
+L

1824 matches found

Vulnrichment
Vulnrichment
added 2026/03/13 11:42 a.m.6 views

CVE-2026-32396 WordPress Team plugin <= 5.0.13 - Broken Access Control vulnerability

Missing Authorization vulnerability in RadiusTheme Team tlp-team allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Team: from n/a through = 5.0.13...

5.8AI score0.00199EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/03/13 12:0 a.m.7 views

PT-2026-25216

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in RadiusTheme Medilink-Core medilink-core allows PHP Local File Inclusion.This issue affects Medilink-Core: from n/a through 2.0.7...

5.8AI score0.00381EPSS
Exploits0References3
Fedora
Fedora
added 2026/03/06 1:28 a.m.12 views

[SECURITY] Fedora 42 Update: opensips-3.5.9-2.fc42

OpenSIPS or Open SIP Server is a very fast and flexible SIP RFC3261 proxy server. Written entirely in C, opensips can handle thousands calls per second even on low-budget hardware. A C Shell like scripting language provides full control over the server's behaviour. It's modular architecture allow...

8.3CVSS5.9AI score0.00318EPSS
Exploits0
NVD
NVD
added 2026/03/05 6:16 a.m.9 views

CVE-2026-27382

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in RadiusTheme Metro metro allows DOM-Based XSS.This issue affects Metro: from n/a through = 2.13...

7.1CVSS0.00191EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/03/05 5:53 a.m.3 views

CVE-2026-27383

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in RadiusTheme Metro metro allows PHP Local File Inclusion.This issue affects Metro: from n/a through = 2.13...

5.9AI score0.00512EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/03/05 5:53 a.m.4 views

CVE-2026-23546

Insertion of Sensitive Information Into Sent Data vulnerability in RadiusTheme Classified Listing classified-listing allows Retrieve Embedded Sensitive Data.This issue affects Classified Listing: from n/a through = 5.3.4...

5.9AI score0.00355EPSS
Exploits0References2
OSV
OSV
added 2026/02/28 12:44 p.m.10 views

OESA-2026-1439 wpa_supplicant security update

wpasupplicant is a WPA Supplicant for Linux, BSD, Mac OS X, and Windows with support for WPA and WPA2 IEEE 802.11i / RSN. It is suitable for both desktop/laptop computers and embedded systems. Supplicant is the IEEE 802.1X/WPA component that is used in the client stations. It implements key...

3.7CVSS5.9AI score0.00716EPSS
Exploits0References2
OSV
OSV
added 2026/02/28 12:44 p.m.10 views

OESA-2026-1438 wpa_supplicant security update

wpasupplicant is a WPA Supplicant for Linux, BSD, Mac OS X, and Windows with support for WPA and WPA2 IEEE 802.11i / RSN. It is suitable for both desktop/laptop computers and embedded systems. Supplicant is the IEEE 802.1X/WPA component that is used in the client stations. It implements key...

3.7CVSS5.9AI score0.00716EPSS
Exploits0References2
vulnersOsv
vulnersOsv
added 2026/01/26 9:30 p.m.7 views

ch.iterial.keycloak.plugins:keycloak-directus-plugin (>=0.1.0 <=0.7.0), com.charlyghislain.keycloak:keycloak-importexport (>=21.0.0 <=23.0.1) +155 more potentially affected by CVE-2026-1190 via org.keycloak:keycloak-services (>=1.0-alpha-1 <=26.5.2)

org.keycloak:keycloak-services MAVEN version =1.0-alpha-1, =0.1.0, =21.0.0, =1.4.10, =1.4.10, =1.4.10, =1.4.10, =1.4.10, =1.4.10, =1.4.10, =1.4.10, =1.4.10, =1.2.0, =1.3.0 and more Source cves: CVE-2026-1190 Source advisory: OSV:GHSA-63V5-26VQ-M4VMhttps://vulners.com/osv/OSV:GHSA-63V5-26VQ-M4...

3.1CVSS5.4AI score0.00369EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2026/01/22 12:0 a.m.5 views

Azure Linux 3.0 Security Update: ppp (CVE-2015-3310)

The version of ppp installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2015-3310 advisory. - Buffer overflow in the rcmksid function in plugins/radius/util.c in Paul's PPP Package ppp 2.4.6 and earlier, wh...

4.3CVSS5.7AI score0.05444EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/01/16 12:0 a.m.4 views

MiracleLinux 4 : freeradius-2.2.6-4.AXS4 (AXSA:2015-304:01)

The remote MiracleLinux 4 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2015-304:01 advisory. The FreeRADIUS Server Project is a high performance and highly configurable GPL'd free RADIUS server. The server is similar in some respects to Livingston's 2...

7.5CVSS8.5AI score0.03912EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2026/01/16 12:0 a.m.6 views

MiracleLinux 7 : krb5-1.13.2-10.el7 (AXSA:2015-622:02)

The remote MiracleLinux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2015-622:02 advisory. Kerberos V5 is a trusted-third-party network authentication system, which can improve your network's security by eliminating the insecure practice of...

5.8CVSS7.4AI score0.04587EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2026/01/14 12:0 a.m.6 views

MiracleLinux 3 : freeradius-1.1.3-1.5AXS3 (AXSA:2009-401:02)

The remote MiracleLinux 3 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2009-401:02 advisory. The FreeRADIUS Server Project is a high performance and highly configurable GPL'd free RADIUS server. The server is similar in some respects to Livingston's 2...

5CVSS5.5AI score0.11176EPSS
Exploits3References2
RedhatCVE
RedhatCVE
added 2026/01/13 10:53 p.m.6 views

CVE-2025-13854

The Curved Text plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'radius' parameter of the arctext shortcode in all versions up to, and including, 0.1 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with...

6.4CVSS5.1AI score0.00232EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2026/01/13 12:0 a.m.4 views

MiracleLinux 7 : krb5-1.15.1-55.0.2.el7.AXS7 (AXSA:2025-9717:01)

The remote MiracleLinux 7 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2025-9717:01 advisory. improve your network's security by eliminating the insecure practice of cleartext passwords. Security fixes: - CVE-2024-3596: implement support for...

9CVSS8AI score0.14859EPSS
Exploits2References2
NVD
NVD
added 2026/01/09 12:15 p.m.6 views

CVE-2025-13854

The Curved Text plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'radius' parameter of the arctext shortcode in all versions up to, and including, 0.1 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with...

6.4CVSS0.00232EPSS
Exploits0References3
CVE
CVE
added 2026/01/09 11:15 a.m.20 views

CVE-2025-13854

CVE-2025-13854 — The Curved Text WordPress plugin is vulnerable to a stored XSS via the radius parameter of the arctext shortcode in versions up to 0.1. The Wordfence note confirms the issue arises from insufficient input sanitization/output escaping, enabling authenticated attackers with Contrib...

6.4CVSS4.8AI score0.00232EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2026/01/09 10:57 a.m.6 views

CVE-2022-38767

An issue was discovered in Wind River VxWorks 6.9 and 7, that allows a specifically crafted packet sent by a Radius server, may cause Denial of Service during the IP Radius access procedure...

7.5CVSS7.5AI score0.01028EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/01/09 12:0 a.m.5 views

PT-2026-1718

Name of the Vulnerable Software and Affected Versions Curved Text versions prior to 0.1 Description The Curved Text plugin for WordPress is susceptible to Stored Cross-Site Scripting through the radius parameter of the arctext shortcode. Insufficient input sanitization and output escaping allow...

6.4CVSS5.3AI score0.00232EPSS
Exploits0References8
CNNVD
CNNVD
added 2026/01/09 12:0 a.m.5 views

WordPress plugin Curved Text 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. Cross-site scripting...

6.4CVSS5.8AI score0.00232EPSS
Exploits0References3
Rows per page
Query Builder