Lucene search
K

115 matches found

CVE
CVE
added 2025/10/30 9:55 p.m.12 views

CVE-2011-10038

Nagios XI (

5.4CVSS5.8AI score0.0043EPSS
Exploits0References2Affected Software1
OSV
OSV
added 2025/10/25 6:15 a.m.3 views

CVE-2025-11564

The Tutor LMS – eLearning and online course solution plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check while verifying webhook signatures on the "verifyAndCreateOrderData" function in all versions up to, and including, 3.8.3. This makes it...

5.3CVSS5.8AI score0.00266EPSS
Exploits0References2
Cvelist
Cvelist
added 2025/10/25 5:31 a.m.13 views

CVE-2025-11564 Tutor LMS – eLearning and online course solution <= 3.8.3 - Missing Authorization to Unauthenticated Payment Status Update

The Tutor LMS – eLearning and online course solution plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check while verifying webhook signatures on the "verifyAndCreateOrderData" function in all versions up to, and including, 3.8.3. This makes it...

5.3CVSS0.00266EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/25 5:31 a.m.5 views

EUVD-2025-35913

The Tutor LMS – eLearning and online course solution plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check while verifying webhook signatures on the "verifyAndCreateOrderData" function in all versions up to, and including, 3.8.3. This makes it...

5.3CVSS5AI score0.00266EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/10 12:0 a.m.8 views

EUVD-2025-33722

Stored HTML injection in RISE Ultimate Project Manager & CRM allows authenticated users to inject arbitrary HTML into invoices and messages. Injected content renders in emails, PDFs, and messaging/chat modules sent to clients or team members, enabling phishing, credential theft, and business emai...

8.1CVSS6.7AI score0.01007EPSS
Exploits1References5
Cvelist
Cvelist
added 2025/10/10 12:0 a.m.12 views

CVE-2025-60378

Stored HTML injection in RISE Ultimate Project Manager & CRM allows authenticated users to inject arbitrary HTML into invoices and messages. Injected content renders in emails, PDFs, and messaging/chat modules sent to clients or team members, enabling phishing, credential theft, and business emai...

0.01007EPSS
Exploits1References1
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2015-9365

Malware in sbrugna...

6.1CVSS6.3AI score0.00923EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.23 views

EUVD-2025-27571

Malicious code in bioql PyPI...

7.1CVSS6.6AI score0.00319EPSS
Exploits0References5
EUVD
EUVD
added 2025/10/03 8:7 p.m.3 views

EUVD-2025-28650

Malicious code in bioql PyPI...

5.9CVSS6.5AI score0.0017EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2024-35435

Malicious code in bioql PyPI...

6.5CVSS6.4AI score0.00254EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2024-33337

Malicious code in bioql PyPI...

6.1CVSS8.6AI score0.0036EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/03 8:7 p.m.3 views

EUVD-2022-32050

Malicious code in bioql PyPI...

5.5CVSS5.7AI score0.0015EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.23 views

EUVD-2025-25248

Malicious code in bioql PyPI...

5.4CVSS4.8AI score0.00264EPSS
Exploits1References5
Malwarebytes
Malwarebytes
added 2025/10/02 8:50 a.m.6 views

Sendit tricked kids, harvested their data, and faked messages, FTC claims

The Federal Trade Commission FTC has sued Sendit’s parent company, saying it signed up children under 13, collected their personal data, and misled them with fake messages and recurring bills. The lawsuit, filed against the app's owner Iconic Hearts Holdings Inc and CEO Hunter Rice, alleges the...

6.4AI score
Exploits0
RedhatCVE
RedhatCVE
added 2025/09/12 4:32 p.m.12 views

CVE-2025-59045

Stalwart is a mail and collaboration server. Starting in version 0.12.0 and prior to version 0.13.3, a memory exhaustion vulnerability exists in Stalwart's CalDAV implementation that allows authenticated attackers to cause denial-of-service by triggering unbounded memory consumption through...

7.1CVSS6.6AI score0.00319EPSS
Exploits0References1
NVD
NVD
added 2025/09/10 4:15 p.m.42 views

CVE-2025-59045

Stalwart is a mail and collaboration server. Starting in version 0.12.0 and prior to version 0.13.3, a memory exhaustion vulnerability exists in Stalwart's CalDAV implementation that allows authenticated attackers to cause denial-of-service by triggering unbounded memory consumption through...

7.1CVSS0.00319EPSS
Exploits0References5
Vulnrichment
Vulnrichment
added 2025/09/10 4:9 p.m.5 views

CVE-2025-59045 Stalwart vulnerable to Memory Exhaustion via CalDAV Event Expansion

Stalwart is a mail and collaboration server. Starting in version 0.12.0 and prior to version 0.13.3, a memory exhaustion vulnerability exists in Stalwart's CalDAV implementation that allows authenticated attackers to cause denial-of-service by triggering unbounded memory consumption through...

7.1CVSS6.2AI score0.00319EPSS
Exploits0References5
CVE
CVE
added 2025/09/10 4:9 p.m.21 views

CVE-2025-59045

CVE-2025-59045 affects Stalwart mail/collaboration server in its CalDAV implementation. Vulnerable in versions 0.12.0 through 0.13.2 due to a memory exhaustion flaw in ArchivedCalendarEventData.expand when processing CalDAV REPORT requests with event expansion (e.g., expanded recurring events). A...

7.1CVSS6AI score0.00319EPSS
Exploits0References5
Cvelist
Cvelist
added 2025/09/10 4:9 p.m.43 views

CVE-2025-59045 Stalwart vulnerable to Memory Exhaustion via CalDAV Event Expansion

Stalwart is a mail and collaboration server. Starting in version 0.12.0 and prior to version 0.13.3, a memory exhaustion vulnerability exists in Stalwart's CalDAV implementation that allows authenticated attackers to cause denial-of-service by triggering unbounded memory consumption through...

7.1CVSS0.00319EPSS
Exploits0References5
OSV
OSV
added 2025/09/10 4:9 p.m.13 views

CVE-2025-59045 Stalwart vulnerable to Memory Exhaustion via CalDAV Event Expansion

Stalwart is a mail and collaboration server. Starting in version 0.12.0 and prior to version 0.13.3, a memory exhaustion vulnerability exists in Stalwart's CalDAV implementation that allows authenticated attackers to cause denial-of-service by triggering unbounded memory consumption through...

7.1CVSS6.6AI score0.00319EPSS
Exploits0References7
Rows per page
Query Builder