Lucene search
K

47 matches found

NVD
NVD
added 2026/05/18 8:16 p.m.11 views

CVE-2025-65954

SimpleSAMLphp-casserver is a CAS 1.0 and 2.0 compliant CAS server in the form of a SimpleSAMLphp module. In versions below 6.3.1 and 7.0.0, the logout endpoint accepts a url query parameter to redirect to. casserver treats that url as trusted, and either depending on configuration redirects the...

6.1CVSS0.00269EPSS
Exploits1References3
Cvelist
Cvelist
added 2026/05/18 7:57 p.m.32 views

CVE-2025-65954 SimpleSAMLphp-casserver has an Open Redirect vulnerability via logout

SimpleSAMLphp-casserver is a CAS 1.0 and 2.0 compliant CAS server in the form of a SimpleSAMLphp module. In versions below 6.3.1 and 7.0.0, the logout endpoint accepts a url query parameter to redirect to. casserver treats that url as trusted, and either depending on configuration redirects the...

4.7CVSS0.00269EPSS
Exploits1References3
EUVD
EUVD
added 2026/05/18 7:57 p.m.10 views

EUVD-2025-209889

SimpleSAMLphp-casserver is a CAS 1.0 and 2.0 compliant CAS server in the form of a SimpleSAMLphp module. In versions below 6.3.1 and 7.0.0, the logout endpoint accepts a url query parameter to redirect to. casserver treats that url as trusted, and either depending on configuration redirects the...

4.7CVSS5.8AI score0.00269EPSS
Exploits1References3
Tenable Nessus
Tenable Nessus
added 2026/04/22 12:0 a.m.9 views

Linux Distros Unpatched Vulnerability : CVE-2026-31485

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - spi: spi-fsl-lpspi: fix teardown order issue UAF There is a teardown order issue in the driver. The SPI controller is registered using devmspiregistercontroller...

7.8CVSS5.8AI score0.00126EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/03/03 12:0 a.m.6 views

Dell Optimizer 后置链接漏洞

Dell Optimizer is an intelligent optimization software developed by the American company Dell. Versions of Dell Optimizer prior to 6.3.1 had a post-linkage vulnerability, which stemmed from improper link resolution before file access. This vulnerability could allow local, low-privilege attackers ...

7.8CVSS5.8AI score0.00165EPSS
Exploits0References1
NVD
NVD
added 2026/01/16 1:16 p.m.8 views

CVE-2025-14510

Incorrect Implementation of Authentication Algorithm vulnerability in ABB ABB Ability OPTIMAX.This issue affects ABB Ability OPTIMAX: 6.1, 6.2, from 6.3.0 before 6.3.1-251120, from 6.4.0 before 6.4.1-251120...

9.2CVSS0.0039EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/01/16 1:2 p.m.28 views

CVE-2025-14510 ABB Ability OPTIMAX Authentication Bypass in Single-Sign On

Incorrect Implementation of Authentication Algorithm vulnerability in ABB ABB Ability OPTIMAX.This issue affects ABB Ability OPTIMAX: 6.1, 6.2, from 6.3.0 before 6.3.1-251120, from 6.4.0 before 6.4.1-251120...

9.2CVSS0.0039EPSS
Exploits0References1
CVE
CVE
added 2026/01/16 1:2 p.m.14 views

CVE-2025-14510

CVE-2025-14510 affects ABB Ability OPTIMAX: 6.1, 6.2, and 6.3.0 before 6.3.1-251120, 6.4.0 before 6.4.1-251120. Root cause: incorrect implementation of the authentication algorithm, described as an authentication bypass in single sign-on. Administrative/impact details are not expanded beyond the ...

9.2CVSS6.6AI score0.0039EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/01/16 12:0 a.m.7 views

ABB Ability OPTIMAX security vulnerabilities

ABB Ability OPTIMAX is a digital energy management optimization system developed by the Swiss company ABB. There were security vulnerabilities in versions 6.1, 6.2, 6.3.0 through 6.3.1-251120, and from version 6.4.0 through 6.4.1-251120. These vulnerabilities stemmed from incorrect implementation...

9.2CVSS5.8AI score0.0039EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2025/12/19 7:32 a.m.3 views

CVE-2025-60082

Deserialization of Untrusted Data vulnerability in add-ons.org PDF for WPForms pdf-for-wpforms allows Object Injection.This issue affects PDF for WPForms: from n/a through = 6.5.0...

8.8CVSS5.2AI score0.00355EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/12/19 7:32 a.m.5 views

CVE-2025-60084

Deserialization of Untrusted Data vulnerability in add-ons.org PDF for Elementor Forms + Drag And Drop Template Builder pdf-for-elementor-forms allows Object Injection.This issue affects PDF for Elementor Forms + Drag And Drop Template Builder: from n/a through = 6.5.0...

8.8CVSS5.9AI score0.00362EPSS
Exploits0References1
EUVD
EUVD
added 2025/12/18 9:30 a.m.4 views

EUVD-2025-204106

Deserialization of Untrusted Data vulnerability in add-ons.org PDF for WPForms pdf-for-wpforms allows Object Injection.This issue affects PDF for WPForms: from n/a through = 6.3.1...

8.8CVSS6.5AI score0.00355EPSS
Exploits0References2
NVD
NVD
added 2025/12/18 8:16 a.m.4 views

CVE-2025-60084

Deserialization of Untrusted Data vulnerability in add-ons.org PDF for Elementor Forms + Drag And Drop Template Builder pdf-for-elementor-forms allows Object Injection.This issue affects PDF for Elementor Forms + Drag And Drop Template Builder: from n/a through = 6.5.0...

8.8CVSS0.00362EPSS
Exploits0References1
NVD
NVD
added 2025/12/18 8:16 a.m.4 views

CVE-2025-60082

Deserialization of Untrusted Data vulnerability in add-ons.org PDF for WPForms pdf-for-wpforms allows Object Injection.This issue affects PDF for WPForms: from n/a through = 6.5.0...

8.8CVSS0.00355EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/12/18 7:22 a.m.31 views

CVE-2025-60084 WordPress PDF for Elementor Forms + Drag And Drop Template Builder plugin <= 6.5.0 - PHP Object Injection vulnerability

Deserialization of Untrusted Data vulnerability in add-ons.org PDF for Elementor Forms + Drag And Drop Template Builder pdf-for-elementor-forms allows Object Injection.This issue affects PDF for Elementor Forms + Drag And Drop Template Builder: from n/a through = 6.5.0...

8.8CVSS0.00362EPSS
Exploits0References1
NVD
NVD
added 2025/10/03 7:15 p.m.13 views

CVE-2025-47213

A NULL pointer dereference vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains an administrator account, they can then exploit the vulnerability to launch a denial-of-service DoS attack. We have already fixed the vulnerability in the...

5.1CVSS0.00439EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 6:11 p.m.4 views

EUVD-2025-32331

A NULL pointer dereference vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains an administrator account, they can then exploit the vulnerability to launch a denial-of-service DoS attack. We have already fixed the vulnerability in the...

5.1CVSS6.4AI score0.00356EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/03 6:10 p.m.4 views

EUVD-2025-32370

A NULL pointer dereference vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains an administrator account, they can then exploit the vulnerability to launch a denial-of-service DoS attack. We have already fixed the vulnerability in the...

5.1CVSS6.4AI score0.00439EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/09/10 12:0 a.m.4 views

Linux Distros Unpatched Vulnerability : CVE-2024-28853

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Ampache is a web based audio/video streaming application and file manager. Stored Cross Site Scripting XSS vulnerability in ampache before v6.3.1 allows a remot...

5.9CVSS5.9AI score0.00551EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2025/05/23 5:20 a.m.6 views

CVE-2023-21925

Vulnerability in the Oracle Health Sciences InForm product of Oracle Health Sciences Applications component: Core. Supported versions that are affected are Prior to 6.3.1.3 and Prior to 7.0.0.1. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to...

5.3CVSS5.6AI score0.00633EPSS
Exploits0References1
Rows per page
Query Builder