Lucene search
K

486 matches found

ICS
ICS
added 2026/01/28 12:0 a.m.9 views

Siemens SINEC OS

SUMMARY SINEC OS before V3.3 contains third-party components with multiple vulnerabilities. Siemens has released new versions for the affected products and recommends to update to the latest versions. 2. GENERAL RECOMMENDATIONS As a general security measure, Siemens strongly recommends to...

9.8CVSS8.2AI score0.01522EPSS
Exploits0References10
EUVD
EUVD
added 2026/01/24 7:26 a.m.7 views

EUVD-2026-4556

The Set Bulk Post Categories plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.1. This is due to missing nonce validation on the bulk category update functionality. This makes it possible for unauthenticated attackers to modify post categorie...

4.3CVSS5.4AI score0.00155EPSS
Exploits0References4
EUVD
EUVD
added 2026/01/23 3:27 a.m.8 views

EUVD-2026-4468

MCP Manager for Claude Desktop execute-command Command Injection Sandbox Escape Vulnerability. This vulnerability allows remote attackers to bypass the sandbox on affected installations of MCP Manager for Claude Desktop. User interaction is required to exploit this vulnerability in that the targe...

8.8CVSS6AI score0.01253EPSS
Exploits0References3
EUVD
EUVD
added 2026/01/22 4:52 p.m.5 views

EUVD-2026-3811

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in QantumThemes Kentha Elementor Widgets kentha-elementor allows PHP Local File Inclusion.This issue affects Kentha Elementor Widgets: from n/a through 3.1...

5.5AI score0.00306EPSS
Exploits0References2
EUVD
EUVD
added 2026/01/22 4:52 p.m.6 views

EUVD-2026-3829

Missing Authorization vulnerability in Brecht WP Recipe Maker wp-recipe-maker allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Recipe Maker: from n/a through = 10.2.4...

5.4AI score0.00162EPSS
Exploits0References2
EUVD
EUVD
added 2026/01/22 4:52 p.m.5 views

EUVD-2026-3959

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in goalthemes Lindo lindo allows PHP Local File Inclusion.This issue affects Lindo: from n/a through = 1.2.5...

5.5AI score0.00403EPSS
Exploits0References2
EUVD
EUVD
added 2026/01/22 4:52 p.m.4 views

EUVD-2026-3970

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in extremeidea bidorbuy Store Integrator bidorbuystoreintegrator allows Reflected XSS.This issue affects bidorbuy Store Integrator: from n/a through = 2.12.0...

5.4AI score0.00175EPSS
Exploits0References2
EUVD
EUVD
added 2026/01/22 4:52 p.m.7 views

EUVD-2026-4004

Missing Authorization vulnerability in cleverplugins SEO Booster seo-booster allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects SEO Booster: from n/a through = 6.1.8...

5.4AI score0.00354EPSS
Exploits0References2
EUVD
EUVD
added 2026/01/22 2:2 p.m.5 views

EUVD-2026-4146

A security vulnerability has been detected in Totolink NR1800X 9.1.0u.6279B20210910. This issue affects the function setTracerouteCfg of the file /cgi-bin/cstecgi.cgi of the component POST Request Handler. Such manipulation of the argument command leads to command injection. The attack can be...

6.5CVSS5.4AI score0.02646EPSS
Exploits1References7
EUVD
EUVD
added 2026/01/20 11:53 a.m.5 views

EUVD-2026-3457

HTML Injection vulnerability in Isshue by Bdtask, consisting os an HTML injection due to a lack os proper validation of user input by sending a POST request to '/categoryproductsearch', affecting the 'productname' parameter...

5.1CVSS5.5AI score0.00262EPSS
Exploits0References2
EUVD
EUVD
added 2026/01/18 2:2 p.m.6 views

EUVD-2026-3176

A vulnerability was determined in Yonyou KSOA 9.0. This impacts an unknown function of the file /worksheet/workinfo.jsp of the component HTTP GET Parameter Handler. This manipulation of the argument ID causes sql injection. The attack may be initiated remotely. The exploit has been publicly...

7.5CVSS6.3AI score0.00414EPSS
Exploits0References5
EUVD
EUVD
added 2026/01/16 6:30 a.m.2 views

EUVD-2026-2967

Not used...

6.4AI score
Exploits0References1
EUVD
EUVD
added 2026/01/16 12:30 a.m.5 views

EUVD-2026-3031

EUVD-2026-3031...

9.8CVSS6.4AI score0.00391EPSS
Exploits0References4
EUVD
EUVD
added 2026/01/14 3:7 p.m.4 views

EUVD-2026-2465

In the Linux kernel, the following vulnerability has been resolved: wifi: mac80211: Discard Beacon frames to non-broadcast address Beacon frames are required to be sent to the broadcast address, see IEEE Std 802.11-2020, 11.1.3.1 "The Address 1 field of the Beacon .. frame shall be set to the...

6AI score0.0013EPSS
Exploits0References6
EUVD
EUVD
added 2026/01/14 1:28 p.m.5 views

EUVD-2026-2510

In Crazy Bubble Tea mobile application authenticated attacker can obtain personal information about other users by enumerating a loyaltyGuestId parameter. Server does not verify the permissions required to obtain the data. This issue was fixed in version 915 Android and 7.4.1 iOS...

7.1CVSS5.9AI score0.00249EPSS
Exploits0References4
EUVD
EUVD
added 2026/01/14 10:9 a.m.6 views

EUVD-2026-2519

Improper Validation of Array Index CWE-129 in Packetbeat’s MongoDB protocol parser can allow an attacker to cause Overflow Buffers CAPEC-100 through specially crafted network traffic. This requires an attacker to send a malformed payload to a monitored network interface where MongoDB protocol...

6.5CVSS6.4AI score0.00197EPSS
Exploits0References2
EUVD
EUVD
added 2026/01/14 12:31 a.m.4 views

EUVD-2026-2624

EUVD-2026-2624...

8.5CVSS6.4AI score0.00172EPSS
Exploits1References4
EUVD
EUVD
added 2026/01/14 12:31 a.m.4 views

EUVD-2026-2611

EUVD-2026-2611...

6.4CVSS6.4AI score0.00353EPSS
Exploits1References5
EUVD
EUVD
added 2026/01/14 12:31 a.m.4 views

EUVD-2026-2644

EUVD-2026-2644...

8.8CVSS6.4AI score0.00554EPSS
Exploits1References5
EUVD
EUVD
added 2026/01/14 12:31 a.m.6 views

EUVD-2026-2655

EUVD-2026-2655...

6.1CVSS6.4AI score0.00307EPSS
Exploits1References4
Rows per page
Query Builder