Lucene search
+L

78 matches found

Cvelist
Cvelist
added 2025/09/12 9:2 p.m.39 views

CVE-2025-10327 MiczFlor RPi-Jukebox-RFID shuffle.php os command injection

A weakness has been identified in MiczFlor RPi-Jukebox-RFID up to 2.8.0. Affected by this vulnerability is an unknown functionality of the file /htdocs/api/playlist/shuffle.php. Executing manipulation of the argument playlist can lead to os command injection. The attack can be launched remotely...

6.5CVSS0.10158EPSS
Exploits3References4
CVE
CVE
added 2025/09/12 9:2 p.m.36 views

CVE-2025-10327

CVE-2025-10327 affects MiczFlor RPi-Jukebox-RFID up to version 2.8.0. The vulnerability is an OS command injection in the shuffle.php endpoint located at /htdocs/api/playlist/shuffle.php, triggered by manipulating the playlist argument. It is exploitable remotely and public proofs of concept exis...

9.8CVSS6.4AI score0.10158EPSS
Exploits3References5Affected Software1
Tenable Nessus
Tenable Nessus
added 2025/08/20 12:0 a.m.5 views

Linux Distros Unpatched Vulnerability : CVE-2023-34453

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - snappy-java is a fast compressor/decompressor for Java. Due to unchecked multiplications, an integer overflow may occur in versions prior to 1.1.10.1, causing a...

7.5CVSS6.7AI score0.01707EPSS
Exploits1References2
Packet Storm News
Packet Storm News
added 2025/06/01 12:0 a.m.5 views

IDCloak: a Practical Secure Multi-Party Dataset Join Framework for Vertical Privacy-Preserving Machine Learning

Vertical privacy-preserving machine learning vPPML enables multiple parties to train models on their vertically distributed datasets while keeping datasets private. In vPPML, it is critical to perform the secure dataset join, which aligns features corresponding to intersection IDs across datasets...

7AI score
Exploits0
RedhatCVE
RedhatCVE
added 2025/05/23 9:7 a.m.4 views

CVE-2024-56375

An integer underflow was discovered in Fort 1.6.3 and 1.6.4 before 1.6.5. A malicious RPKI repository that descends from a trusted Trust Anchor can serve via rsync or RRDP a Manifest RPKI object containing an empty fileList. Fort dereferences and, shortly afterwards, writes to this array during a...

7.5CVSS6.9AI score0.0045EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 3:13 a.m.3 views

CVE-2023-25674

TensorFlow is an open source machine learning platform. Versions prior to 2.12.0 and 2.11.1 have a null pointer error in RandomShuffle with XLA enabled. A fix is included in TensorFlow 2.12.0 and 2.11.1...

7.5CVSS6.8AI score0.00391EPSS
Exploits0References1
Packet Storm News
Packet Storm News
added 2025/05/06 12:0 a.m.4 views

Differential Privacy for Network Assortativity

The analysis of network assortativity is of great importance for understanding the structural characteristics of and dynamics upon networks. Often, network assortativity is quantified using the assortativity coefficient that is defined based on the Pearson correlation coefficient between vertex...

6.8AI score
Exploits0
RedhatCVE
RedhatCVE
added 2025/04/25 10:58 p.m.16 views

CVE-2025-39591

Missing Authorization vulnerability in WP Shuffle WP Subscription Forms wp-subscription-forms allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Subscription Forms: from n/a through = 1.2.3...

5.4CVSS7.2AI score0.00345EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/04/25 3:56 p.m.13 views

CVE-2025-39592

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in WP Shuffle Subscribe to Unlock Lite subscribe-to-unlock-lite allows PHP Local File Inclusion.This issue affects Subscribe to Unlock Lite: from n/a through = 1.3.0...

7.5CVSS7.2AI score0.00778EPSS
Exploits0References1
NVD
NVD
added 2025/04/16 1:15 p.m.24 views

CVE-2025-39591

Missing Authorization vulnerability in WP Shuffle WP Subscription Forms wp-subscription-forms allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Subscription Forms: from n/a through = 1.2.3...

5.4CVSS0.00345EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/04/03 9:53 a.m.6 views

CVE-2025-30782

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in WP Shuffle Subscribe to Download Lite subscribe-to-download-lite allows PHP Local File Inclusion.This issue affects Subscribe to Download Lite: from n/a through = 1.2.9...

7.5CVSS7.2AI score0.00768EPSS
Exploits0References1
NVD
NVD
added 2025/04/01 6:15 a.m.15 views

CVE-2025-30782

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in WP Shuffle Subscribe to Download Lite subscribe-to-download-lite allows PHP Local File Inclusion.This issue affects Subscribe to Download Lite: from n/a through = 1.2.9...

7.5CVSS0.00768EPSS
Exploits0References1
CVE
CVE
added 2025/04/01 5:31 a.m.55 views

CVE-2025-30782

CVE-2025-30782 corresponds to a WordPress vulnerability in the Subscribe to Download Lite plugin (

7.5CVSS7.2AI score0.00768EPSS
Exploits0References1
CNVD
CNVD
added 2025/03/31 12:0 a.m.7 views

WordPress Shuffle plugin SQL injection vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress plugin is an application plugin. WordPress Shuffle plugin suffers from a SQL injection vulnerability that stems from a lack of validation of externally entered SQL statements. An attacker can exploit this...

8.5CVSS7.2AI score0.00508EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/03/29 11:45 a.m.11 views

CVE-2025-30784

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in WP Shuffle WP Subscription Forms wp-subscription-forms allows SQL Injection.This issue affects WP Subscription Forms: from n/a through = 1.2.3...

8.5CVSS7.3AI score0.00423EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/03/29 11:34 a.m.5 views

CVE-2025-30785

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in WP Shuffle Subscribe to Download Lite subscribe-to-download-lite allows PHP Local File Inclusion.This issue affects Subscribe to Download Lite: from n/a through = 1.2.9...

7.5CVSS7.2AI score0.00942EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/03/28 5:47 p.m.7 views

CVE-2025-28873

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Scott Taylor Shuffle shuffle allows Blind SQL Injection.This issue affects Shuffle: from n/a through = 0.5...

8.5CVSS7.3AI score0.00508EPSS
Exploits0References1
NVD
NVD
added 2025/03/27 11:15 a.m.7 views

CVE-2025-30784

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in WP Shuffle WP Subscription Forms wp-subscription-forms allows SQL Injection.This issue affects WP Subscription Forms: from n/a through = 1.2.3...

8.5CVSS0.00423EPSS
Exploits0References1
NVD
NVD
added 2025/03/27 11:15 a.m.5 views

CVE-2025-30785

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in WP Shuffle Subscribe to Download Lite subscribe-to-download-lite allows PHP Local File Inclusion.This issue affects Subscribe to Download Lite: from n/a through = 1.2.9...

7.5CVSS0.00942EPSS
Exploits0References1
CVE
CVE
added 2025/03/27 10:54 a.m.42 views

CVE-2025-30785

CVE-2025-30785 corresponds to a local file inclusion in the WordPress plugin Subscribe to Download Lite. The weakness arises from improper control of filename in an include/require statement (PHP). The vulnerable condition is authenticated access (Contributor+) and is tied to the Subscribe to Dow...

7.5CVSS7.2AI score0.00942EPSS
Exploits0References1
Rows per page
Query Builder