Lucene search
K

163 matches found

CVE
CVE
added 2023/05/29 10:31 p.m.48 views

CVE-2014-125102

CVE-2014-125102 affects the Bestwebsoft Relevant Plugin for WordPress up to version 1.0.7, specifically the Thumbnail Handler component. The vulnerability allows information disclosure and can be exploited remotely. A fix is provided in version 1.0.8, with patch identifier 860d1891025548cf0f5f973...

7.5CVSS5.7AI score0.00616EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2023/05/29 10:31 p.m.23 views

CVE-2014-125102 Bestwebsoft Relevant Plugin Thumbnail information disclosure

A vulnerability classified as problematic was found in Bestwebsoft Relevant Plugin up to 1.0.7 on WordPress. Affected by this vulnerability is an unknown functionality of the component Thumbnail Handler. The manipulation leads to information disclosure. The attack can be launched remotely...

4.3CVSS7.4AI score0.00616EPSS
Exploits0References3
CNNVD
CNNVD
added 2023/05/29 12:0 a.m.4 views

WordPress Plugin Bestwebsoft Relevant 信息泄露漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. An information disclosure vulnerability...

7.5CVSS5.5AI score0.00616EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2023/05/29 12:0 a.m.5 views

PT-2023-10170 · Bestwebsoft · Bestwebsoft Relevant Plugin

Name of the Vulnerable Software and Affected Versions: Bestwebsoft Relevant Plugin versions up to 1.0.7 Description: A vulnerability was found in the Thumbnail Handler component of the Bestwebsoft Relevant Plugin, leading to information disclosure. The attack can be launched remotely...

7.5CVSS6.8AI score0.00616EPSS
Exploits0References7
Cvelist
Cvelist
added 2023/05/24 12:0 a.m.31 views

CVE-2023-33248

Amazon Alexa software version 8960323972 on Echo Dot 2nd generation and 3rd generation devices potentially allows attackers to deliver security-relevant commands via an audio signal between 16 and 22 kHz often outside the range of human adult hearing. Commands at these frequencies are essentially...

7.8AI score0.00668EPSS
Exploits1References6
Code423n4
Code423n4
added 2023/05/23 12:0 a.m.12 views

Upgraded Q -> 2 from #964 [1684819958119]

Judge has assessed an item in Issue 964 as 2 risk. The relevant finding follows: L1 --- The text was updated successfully, but these errors were encountered: All reactions...

7AI score
Exploits0
Code423n4
Code423n4
added 2023/05/20 12:0 a.m.12 views

Upgraded Q -> 2 from #597 [1684599598059]

Judge has assessed an item in Issue 597 as 2 risk. The relevant finding follows: L4 --- The text was updated successfully, but these errors were encountered: All reactions...

7AI score
Exploits0
NVD
NVD
added 2023/04/14 1:15 a.m.26 views

CVE-2023-29491

ncurses before 6.4 20230408, when used by a setuid application, allows local users to trigger security-relevant memory corruption via malformed data in a terminfo database file that is found in $HOME/.terminfo or reached via the TERMINFO or TERM environment variable...

7.8CVSS7.8AI score0.00923EPSS
Exploits1References12
OSV
OSV
added 2023/04/14 12:0 a.m.35 views

CVE-2023-29491

ncurses before 6.4 20230408, when used by a setuid application, allows local users to trigger security-relevant memory corruption via malformed data in a terminfo database file that is found in $HOME/.terminfo or reached via the TERMINFO or TERM environment variable...

7.8CVSS6.8AI score0.00923EPSS
Exploits1References14
Veracode
Veracode
added 2023/04/06 2:51 p.m.18 views

Authentication Bypass

farmhaystack is vulnerable to Authentication Bypass. The vulnerability exists in docker-compose.yml due to the use of hard-coded, security-relevant constants which allows an attacker to make changes in the annotation process...

9.8CVSS8.9AI score0.00843EPSS
Exploits1References4Affected Software1
Github Security Blog
Github Security Blog
added 2023/03/30 12:30 p.m.35 views

Use of hard-coded, security-relevant constants in deepset-ai/haystack

Use of Hard-coded, Security-relevant Constants in GitHub repository deepset-ai/haystack in version 1.15.0 and prior. A patch is available at commit 5fc84904f198de661d5b933fde756aa922bf09f1...

9.8CVSS9.1AI score0.00843EPSS
Exploits1References5Affected Software1
Prion
Prion
added 2023/03/30 10:15 a.m.19 views

Hardcoded credentials

Use of Hard-coded, Security-relevant Constants in GitHub repository deepset-ai/haystack prior to 0.1.30...

6.4CVSS9.6AI score0.00843EPSS
Exploits1References2Affected Software1
OSV
OSV
added 2023/03/30 12:0 a.m.35 views

CVE-2023-1712 Use of Hard-coded, Security-relevant Constants in deepset-ai/haystack

Use of Hard-coded, Security-relevant Constants in GitHub repository deepset-ai/haystack prior to 0.1.30...

9.1CVSS9.2AI score0.00843EPSS
Exploits1References4
Code423n4
Code423n4
added 2023/03/26 12:0 a.m.8 views

Upgraded Q -> 2 from #215 [1679863647530]

Judge has assessed an item in Issue 215 as 2 risk. The relevant finding follows: NC1 --- The text was updated successfully, but these errors were encountered: All reactions...

7AI score
Exploits0
Code423n4
Code423n4
added 2023/03/26 12:0 a.m.8 views

Upgraded Q -> 2 from #83 [1679850055838]

Judge has assessed an item in Issue 83 as 2 risk. The relevant finding follows: L-05 PauseModifier is not used in KangarooVault --- The text was updated successfully, but these errors were encountered: All reactions...

7AI score
Exploits0
Code423n4
Code423n4
added 2023/03/26 12:0 a.m.11 views

Upgraded Q -> 2 from #215 [1679863603573]

Judge has assessed an item in Issue 215 as 2 risk. The relevant finding follows: L1 + L2 --- The text was updated successfully, but these errors were encountered: All reactions...

7AI score
Exploits0
Rapid7 Blog
Rapid7 Blog
added 2023/01/31 5:5 p.m.16 views

Year in Review: Rapid7 Threat Intelligence

In an evolving threat landscape, non-stop alerts and more IOC feeds don’t guarantee better protection. Security teams are overwhelmed and struggle to identify relevant threat information. Thankfully, Threat Command delivers highly contextual alerts and integration across your environment to help...

0.2AI score
Exploits0
Code423n4
Code423n4
added 2023/01/14 12:0 a.m.8 views

Upgraded G -> 3 from #31 [1673740145531]

Judge has assessed an item in Issue 31 as 3 risk. The relevant finding follows: tetaegerageage --- The text was updated successfully, but these errors were encountered: All reactions...

7AI score
Exploits0
Code423n4
Code423n4
added 2022/12/20 12:0 a.m.13 views

Upgraded Q -> M from #22 [1671528533640]

Judge has assessed an item in Issue 22 as M risk. The relevant finding follows: NC-2 Return values of approve not checked --- The text was updated successfully, but these errors were encountered: All reactions...

6.9AI score
Exploits0
Code423n4
Code423n4
added 2022/12/07 12:0 a.m.7 views

Upgraded Q -> M from #508 [1670444214372]

Judge has assessed an item in Issue 508 as M risk. The relevant finding follows: 508 --- The text was updated successfully, but these errors were encountered: All reactions...

7AI score
Exploits0
Rows per page
Query Builder