Lucene search
+L

207 matches found

Tenable Nessus
Tenable Nessus
added 2026/06/28 12:0 a.m.8 views

Linux Distros Unpatched Vulnerability : CVE-2026-40011

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An attacker sending a large number of crafted DNS queries might be able to trigger a dynamic block being inserted with a value causing invalid output to be...

3.7CVSS6.1AI score0.00158EPSS
Exploits0References3
NVD
NVD
added 2026/06/25 1:16 p.m.16 views

CVE-2026-40011

An attacker sending a large number of crafted DNS queries might be able to trigger a dynamic block being inserted with a value causing invalid output to be produced in the prometheus endpoint. The prometheus endpoint will then be rejected by the scraper until the dynamic block expires...

3.7CVSS0.00158EPSS
Exploits0References1
Debian CVE
Debian CVE
added 2026/06/25 12:22 p.m.8 views

CVE-2026-40011

An attacker sending a large number of crafted DNS queries might be able to trigger a dynamic block being inserted with a value causing invalid output to be produced in the prometheus endpoint. The prometheus endpoint will then be rejected by the scraper until the dynamic block expires...

3.7CVSS5.8AI score0.00158EPSS
Exploits0
EUVD
EUVD
added 2026/06/25 12:22 p.m.6 views

EUVD-2026-39346

An attacker sending a large number of crafted DNS queries might be able to trigger a dynamic block being inserted with a value causing invalid output to be produced in the prometheus endpoint. The prometheus endpoint will then be rejected by the scraper until the dynamic block expires...

3.7CVSS5.8AI score0.00158EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/25 12:22 p.m.34 views

CVE-2026-40011 Prometheus denial of service via crafted DNS queries

An attacker sending a large number of crafted DNS queries might be able to trigger a dynamic block being inserted with a value causing invalid output to be produced in the prometheus endpoint. The prometheus endpoint will then be rejected by the scraper until the dynamic block expires...

3.7CVSS0.00158EPSS
Exploits0References1
CVE
CVE
added 2026/06/25 12:22 p.m.30 views

CVE-2026-40011

CVE-2026-40011 describes a denial-of-service condition where sending a large number of crafted DNS queries can cause a dynamic block to be inserted with a value that yields invalid output on the Prometheus endpoint. The Prometheus data may then be rejected by the scraper until the dynamic block e...

3.7CVSS5.8AI score0.00158EPSS
Exploits0References1
OSV
OSV
added 2026/06/25 12:22 p.m.3 views

CVE-2026-40011 Prometheus denial of service via crafted DNS queries

An attacker sending a large number of crafted DNS queries might be able to trigger a dynamic block being inserted with a value causing invalid output to be produced in the prometheus endpoint. The prometheus endpoint will then be rejected by the scraper until the dynamic block expires...

3.7CVSS6AI score0.00158EPSS
Exploits0References5
AlpineLinux
AlpineLinux
added 2026/06/25 12:22 p.m.6 views

CVE-2026-40011

An attacker sending a large number of crafted DNS queries might be able to trigger a dynamic block being inserted with a value causing invalid output to be produced in the prometheus endpoint. The prometheus endpoint will then be rejected by the scraper until the dynamic block expires...

3.7CVSS5.8AI score0.00158EPSS
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/17 10:23 p.m.10 views

Malicious code in uol-simple-api-futebol (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 962c38ed6ec061ce6a530aeea5a960dfc2b75caec56f7a1bc648f6b6cb655271 The package's only documented function, getJogos default export, unconditionally invokes an internal helper named prepareCacheMatchs which POSTs the...

5.8AI score
Exploits0References5
EUVD
EUVD
added 2026/06/17 6:35 p.m.11 views

EUVD-2025-210228

Unauthenticated Arbitrary File Upload in WordPress & WooCommerce Scraper Plugin, Import Data from Any Site = 1.0.7 versions...

10CVSS5.2AI score0.00432EPSS
Exploits0References2
NVD
NVD
added 2026/06/17 1:19 p.m.11 views

CVE-2025-69131

Unauthenticated Arbitrary File Download in WordPress & WooCommerce Scraper Plugin, Import Data from Any Site = 1.0.7 versions...

7.5CVSS0.00467EPSS
Exploits0References1
NVD
NVD
added 2026/06/17 1:19 p.m.13 views

CVE-2025-69129

Unauthenticated Arbitrary File Upload in WordPress & WooCommerce Scraper Plugin, Import Data from Any Site = 1.0.7 versions...

10CVSS0.00432EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/17 9:50 a.m.43 views

CVE-2025-69129 WordPress WordPress & WooCommerce Scraper Plugin, Import Data from Any Site plugin <= 1.0.7 - Arbitrary File Upload vulnerability

Unauthenticated Arbitrary File Upload in WordPress & WooCommerce Scraper Plugin, Import Data from Any Site = 1.0.7 versions...

10CVSS0.00432EPSS
Exploits0References1
CVE
CVE
added 2026/06/17 9:50 a.m.21 views

CVE-2025-69129

CVE-2025-69129 concerns the WordPress WordPress & WooCommerce Scraper Plugin, Import Data from Any Site (versions

10CVSS5.2AI score0.00432EPSS
Exploits0References1
CVE
CVE
added 2026/06/16 8:57 p.m.14 views

CVE-2025-69131

Affected software: WordPress & WooCommerce Scraper Plugin, Import Data from Any Site (WordPress). Vulnerability: Unauthenticated Arbitrary File Download in versions

7.5CVSS5.2AI score0.00467EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/16 8:57 p.m.24 views

CVE-2025-69131 WordPress WordPress & WooCommerce Scraper Plugin, Import Data from Any Site plugin <= 1.0.7 - Arbitrary File Download vulnerability

Unauthenticated Arbitrary File Download in WordPress & WooCommerce Scraper Plugin, Import Data from Any Site = 1.0.7 versions...

7.5CVSS0.00467EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/06/16 12:0 a.m.30 views

PT-2026-50082

Unauthenticated Arbitrary File Download in WordPress & WooCommerce Scraper Plugin, Import Data from Any Site = 1.0.7 versions...

7.5CVSS5.2AI score0.00467EPSS
Exploits0References3
EUVD
EUVD
added 2026/06/15 9:30 p.m.11 views

EUVD-2026-36786

An authenticated Server-Side Request Forgery SSRF in the custom scraper subsystem component of Benjamin Jonard Koillection v1.8.0 allows attackers to scan internal resources via supplying a crafted URL...

5.2AI score0.00248EPSS
Exploits0References2
Snyk
Snyk
added 2026/06/15 8:19 p.m.4 views

Server-side Request Forgery (SSRF)

Overview Affected versions of this package are vulnerable to Server-side Request Forgery SSRF in the scraper process. An attacker can access internal network resources by supplying a crafted URL after authenticating. Remediation There is no fixed version for koillection/koillection. References -...

8.8CVSS5.8AI score0.00248EPSS
Exploits0References2
NVD
NVD
added 2026/06/15 8:16 p.m.10 views

CVE-2026-50888

An authenticated Server-Side Request Forgery SSRF in the custom scraper subsystem component of Benjamin Jonard Koillection v1.8.0 allows attackers to scan internal resources via supplying a crafted URL...

8.1CVSS0.00248EPSS
Exploits0References1
Rows per page
Query Builder