Lucene search
K

780 matches found

Vulnrichment
Vulnrichment
added 2025/06/30 10:37 a.m.9 views

CVE-2025-40710 Host Header Injection (HHI) in the Hotspot Shield VPN client

Host Header Injection HHI vulnerability in the Hotspot Shield VPN client, which can induce unexpected behaviour when accessing third-party web applications through the VPN tunnel. Although such applications do not present this vulnerability per se, the use of the tunnel, together with a forged Ho...

2.3CVSS7.3AI score0.00269EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/06/30 12:0 a.m.8 views

Intersections Hotspot Shield VPN 注入漏洞

Intersections Hotspot Shield VPN is a virtual private network VPN service product from Intersections, Inc. Intersections Hotspot Shield VPN suffers from an injection vulnerability that stems from an injection issue in the processing of the Host header, which could result in request redirection or...

2.3CVSS7.2AI score0.00269EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/06/30 12:0 a.m.6 views

PT-2025-27434 · Unknown · Hotspot Shield Vpn

Name of the Vulnerable Software and Affected Versions: Hotspot Shield VPN client affected versions not specified Description: The issue concerns a Host Header Injection HHI vulnerability, which can cause unexpected behavior when accessing third-party web applications through the VPN tunnel. This...

2.3CVSS7.1AI score0.00269EPSS
Exploits0References7
Cvelist
Cvelist
added 2025/06/13 1:47 a.m.11 views

CVE-2025-5926 Link Shield <= 0.5.4 - Cross-Site Request Forgery to Stored Cross-Site Scripting

The Link Shield plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 0.5.4. This is due to missing or incorrect nonce validation on the linkshieldmenuoptions function. This makes it possible for unauthenticated attackers to update settings and...

6.1CVSS0.00117EPSS
Exploits0References2
CVE
CVE
added 2025/06/13 1:47 a.m.45 views

CVE-2025-5926

The CVE-2025-5926 entry concerns the Link Shield WordPress plugin. Connected sources confirm a Cross-Site Request Forgery weakness due to missing nonce validation in link_shield_menu_options(), enabling unauthenticated requests to update settings and inject stored scripts. Affected versions are u...

6.1CVSS5.9AI score0.00117EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2025/06/13 1:47 a.m.2 views

CVE-2025-5926 Link Shield <= 0.5.4 - Cross-Site Request Forgery to Stored Cross-Site Scripting

The Link Shield plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 0.5.4. This is due to missing or incorrect nonce validation on the linkshieldmenuoptions function. This makes it possible for unauthenticated attackers to update settings and...

6.1CVSS6.7AI score0.00117EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2025/06/13 12:0 a.m.4 views

PT-2025-25376 · WordPress · Link Shield

Name of the Vulnerable Software and Affected Versions: The Link Shield plugin for WordPress versions up to, and including, 0.5.4 Description: The issue is related to Cross-Site Request Forgery due to missing or incorrect nonce validation on the link shield menu options function. This allows...

6.1CVSS6.3AI score0.00117EPSS
Exploits0References6
CNNVD
CNNVD
added 2025/06/13 12:0 a.m.3 views

WordPress plugin Link Shield 跨站请求伪造漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site request forger...

6.1CVSS6.4AI score0.00117EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2025/05/23 10:39 a.m.7 views

CVE-2024-7825

Access of Resource Using Incompatible Type 'Type Confusion' vulnerability in Webroot SecureAnywhere - Web Shield on Windows, ARM, 64 bit, 32 bit wrUrl.Dll modules allows Functionality Misuse.This issue affects SecureAnywhere - Web Shield: before 2.1.2.3...

9.8CVSS7AI score0.00362EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 10:39 a.m.12 views

CVE-2024-7826

Improper Check for Unusual or Exceptional Conditions vulnerability in Webroot SecureAnywhere - Web Shield on Windows, ARM, 64 bit, 32 bit wrURL.Dll modules allows Functionality Misuse.This issue affects SecureAnywhere - Web Shield: before 2.1.2.3...

9.8CVSS7AI score0.00362EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 4:22 a.m.7 views

CVE-2023-48708

CodeIgniter Shield is an authentication and authorization provider for CodeIgniter 4. In affected versions successful login attempts are recorded with the raw tokens stored in the log table. If a malicious person somehow views the data in the log table they can obtain a raw token which can then b...

6.5CVSS6.7AI score0.0063EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2025/05/23 3:32 a.m.6 views

CVE-2023-27580

CodeIgniter Shield provides authentication and authorization for the CodeIgniter 4 PHP framework. An improper implementation was found in the password storage process. All hashed passwords stored in Shield v1.0.0-beta.3 or earlier are easier to crack than expected due to the vulnerability...

7.5CVSS7AI score0.00517EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 9:16 p.m.8 views

CVE-2021-1069

NVIDIA SHIELD TV, all versions prior to 8.2.2, contains a vulnerability in the NVHost function, which may lead to abnormal reboot due to a null pointer reference, causing data loss...

6.1CVSS6.7AI score0.00325EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 8:32 p.m.8 views

CVE-2021-26276

scripts/cli.js in the GoDaddy node-config-shield aka Config Shield package before 0.2.2 for Node.js calls eval when processing a set command. NOTE: the vendor reportedly states that this is not a vulnerability. The set command was not intended for use with untrusted data...

5.3CVSS6.1AI score0.01207EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/22 8:30 p.m.6 views

CVE-2021-1068

NVIDIA SHIELD TV, all versions prior to 8.2.2, contains a vulnerability in the NVDEC component, in which an attacker can read from or write to a memory location that is outside the intended boundary of the buffer, which may lead to denial of service or escalation of privileges...

7.8CVSS7AI score0.00369EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 7:30 p.m.6 views

CVE-2021-27189

The CIRA Canadian Shield app before 4.0.13 for iOS lacks SSL Certificate Validation...

5.9CVSS6.6AI score0.00987EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/22 6:11 p.m.12 views

CVE-2021-1067

NVIDIA SHIELD TV, all versions prior to 8.2.2, contains a vulnerability in the implementation of the RPMB command status, in which an attacker can write to the Write Protect Configuration Block, which may lead to denial of service or escalation of privileges...

6.8CVSS7.2AI score0.00381EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 12:39 p.m.3 views

CVE-2010-5176

Race condition in Security Shield 2010 13.0.16.313 on Windows XP allows local users to bypass kernel-mode hook handlers, and execute dangerous code that would otherwise be blocked by a handler but not blocked by signature-based malware detection, via certain user-space memory changes during...

6.2CVSS7AI score0.00291EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 10:30 a.m.16 views

CVE-2019-5699

NVIDIA Shield TV Experience prior to v8.0.1, NVIDIA Tegra bootloader contains a vulnerability where the software performs an incorrect bounds check, which may lead to buffer overflow resulting in escalation of privileges and code execution. escalation of privileges, and information disclosure, co...

7.8CVSS8AI score0.00484EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 10:29 a.m.9 views

CVE-2019-5681

NVIDIA Shield TV Experience prior to v8.0, contains a vulnerability in the custom NVIDIA API used in the mount system service where user data could be overridden, which may lead to code execution, denial of service, or information disclosure...

7.8CVSS7AI score0.00457EPSS
Exploits0References1
Rows per page
Query Builder