Lucene search
K

53725 matches found

OSV
OSV
added 11 hours ago6 views

ROOT-OS-UBUNTU-2204-CVE-2025-38345 CVE-2025-38345 in rootio-linux - Patched by Root

Root has patched CVE-2025-38345 in the rootio-linux package for Root:Ubuntu:22.04. Multiple fixed versions available...

5.5CVSS7.2AI score0.00163EPSS
Exploits0
OSV
OSV
added 13 hours ago12 views

ROOT-OS-DEBIAN-13-CVE-2026-31516 CVE-2026-31516 in rootio-linux - Patched by Root

Root has patched CVE-2026-31516 in the rootio-linux package for Root:Debian:13. Multiple fixed versions available...

7CVSS5.2AI score0.00099EPSS
Exploits0
OSV
OSV
added 13 hours ago11 views

ROOT-OS-DEBIAN-11-CVE-2022-49167 CVE-2022-49167 in rootio-linux - Patched by Root

Root has patched CVE-2022-49167 in the rootio-linux package for Root:Debian:11. Multiple fixed versions available...

5.5CVSS5.4AI score0.00243EPSS
Exploits0
OSV
OSV
added 13 hours ago4 views

ROOT-OS-DEBIAN-11-CVE-2026-53108 CVE-2026-53108 in rootio-linux - Patched by Root

Root has patched CVE-2026-53108 in the rootio-linux package for Root:Debian:11. Multiple fixed versions available...

5.8AI score0.00151EPSS
Exploits0
OSV
OSV
added 13 hours ago8 views

ROOT-OS-DEBIAN-12-CVE-2026-23038 CVE-2026-23038 in rootio-linux - Patched by Root

Root has patched CVE-2026-23038 in the rootio-linux package for Root:Debian:12. Multiple fixed versions available...

5.5CVSS5.4AI score0.00222EPSS
Exploits0
OSV
OSV
added 13 hours ago3 views

ROOT-OS-DEBIAN-12-CVE-2026-52913 CVE-2026-52913 in rootio-linux - Patched by Root

Root has patched CVE-2026-52913 in the rootio-linux package for Root:Debian:12. Multiple fixed versions available...

5.5CVSS5.8AI score0.00122EPSS
Exploits0
Nuclei
Nuclei
added 15 hours ago70 views

eyoucms v.1.6.5 - Cross-Site Scripting

Cross Site Scripting XSS vulnerability in the func parameter in eyoucms v.1.6.5 allows a remote attacker to run arbitrary code via crafted URL. id: CVE-2024-22927 info: name: eyoucms v.1.6.5 - Cross-Site Scripting author: ritikchaddha severity: medium description: | Cross Site Scripting XSS...

6.1CVSS6.6AI score0.01028EPSS
Exploits1References2
Nuclei
Nuclei
added 15 hours ago25 views

Mage AI - Insecure Default Authentication Setup

A vulnerability was found in Mage AI 0.9.75. It has been classified as problematic. This affects an unknown part. The manipulation leads to insecure default initialization of resource. It is possible to initiate the attack remotely. The complexity of an attack is rather high. The exploitability i...

6.3CVSS5.3AI score0.01045EPSS
Exploits1References5
Nuclei
Nuclei
added 15 hours ago62 views

Relevanssi <= 4.24.4 (Free) - Unauthenticated SQL Injection

The Relevanssi – A Better Search plugin for WordPress is vulnerable to time-based SQL Injection via the cats and tags query parameters in all versions up to, and including, 4.24.4 Free and = 2.27.4 Premium due to insufficient escaping on the user supplied parameter and lack of sufficient...

7.5CVSS7AI score0.02626EPSS
Exploits2References5
Nuclei
Nuclei
added 15 hours ago92 views

Motors <= 5.6.67 - Unauthenticated Privilege Escalation via Password Update/Account Takeover

The Motors theme for WordPress is vulnerable to privilege escalation via account takeover in all versions up to, and including, 5.6.67. This is due to the theme not properly validating a user's identity prior to updating their password. This makes it possible for unauthenticated attackers to chan...

9.8CVSS7.2AI score0.18241EPSS
Exploits3References4
Nuclei
Nuclei
added yesterday1487 views

Roundcube Webmail - Remote Code Execution

Roundcube Webmail before 1.5.10 and 1.6.x before 1.6.11 allows remote code execution by authenticated users because the from parameter in a URL is not validated in program/actions/settings/upload.php, leading to PHP Object Deserialization. id: CVE-2025-49113 info: name: Roundcube Webmail - Remote...

9.9CVSS7.5AI score0.94741EPSS
Exploits29References8
Nuclei
Nuclei
added yesterday153 views

GiveWP - PHP Object Injection

The GiveWP – Donation Plugin and Fundraising Platform plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 3.14.1 via deserialization of untrusted input from the 'givetitle' parameter. id: CVE-2024-5932 info: name: GiveWP - PHP Object Injection author:...

10CVSS7.1AI score0.74283EPSS
Exploits11References7
Nuclei
Nuclei
added yesterday247 views

Wordpress Email Subscribers by Icegram Express - SQL Injection

The Email Subscribers by Icegram Express - Email Marketing, Newsletters, Automation for WordPress & WooCommerce plugin for WordPress is vulnerable to SQL Injection via the 'run' function of the 'IGESSubscribersQuery' class in all versions up to, and including, 5.7.14 due to insufficient escaping ...

9.8CVSS7.1AI score0.80596EPSS
Exploits4References2
Nuclei
Nuclei
added 3 days ago45 views

Apache Solr - Authentication Bypass

Solr instances using the PKIAuthenticationPlugin, which is enabled by default when Solr Authentication is used, are vulnerable to Authentication bypass.A fake ending at the end of any Solr API URL path, will allow requests to skip Authentication while maintaining the API contract with the origina...

9.8CVSS7.1AI score0.90709EPSS
Exploits1References3
Circl
Circl
added 4 days ago8 views

CVE-2026-55516

creationtimestamp| type| source ---|---|--- 2026-07-10 20:56:14+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mqczwdg25w26 2026-07-11 01:07:42+00:00| seen| https://bsky.app/profile/kriptabiz.bsky.social/post/3mqdhxyfvrz2y 2026-07-11 17:00:47+00:00| seen|...

7.7CVSS6.1AI score0.00218EPSS
Exploits0References4
Chainguard
Chainguard
added 4 days ago7 views

GHSA-V853-W46P-FV2H vulnerabilities

Vulnerabilities for packages: apache-tomee, geoserver...

6.1AI score
Exploits0
Positive Technologies
Positive Technologies
added 4 days ago12 views

PT-2026-57282

Name of the Vulnerable Software and Affected Versions Logto versions prior to 1.41.0 Description The Account Center step-up check accepts any active verification record belonging to the current user where isVerified is set to true. An attacker with an existing Account API bearer token can create...

8.1CVSS6.1AI score0.00259EPSS
Exploits0References8
Chainguard
Chainguard
added 5 days ago5 views

GHSA-G33C-4GX6-V8XR vulnerabilities

Vulnerabilities for packages: chromium...

5.9AI score
Exploits0
Chainguard
Chainguard
added 5 days ago4 views

CVE-2026-13846 vulnerabilities

Vulnerabilities for packages: chromium...

9.6CVSS5.9AI score0.00316EPSS
Exploits0
Chainguard
Chainguard
added 5 days ago5 views

CVE-2026-13803 vulnerabilities

Vulnerabilities for packages: chromium...

8.3CVSS5.9AI score0.00303EPSS
Exploits0
Rows per page
Query Builder