Lucene search
K

72 matches found

RedhatCVE
RedhatCVE
added 2025/05/31 7:50 p.m.17 views

CVE-2025-48336

Deserialization of Untrusted Data vulnerability in ThimPress Course Builder course-builder allows Object Injection.This issue affects Course Builder: from n/a through 3.6.6...

9.8CVSS7.2AI score0.00397EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 10:2 p.m.6 views

CVE-2022-32283

Browse restriction bypass vulnerability in Cabinet of Cybozu Office 10.0.0 to 10.8.5 allows a remote authenticated attacker to obtain the data of Cabinet via unspecified vectors...

4.3CVSS6.5AI score0.00728EPSS
Exploits0References1
CVE
CVE
added 2025/04/04 12:59 p.m.39 views

CVE-2025-31421

CVE-2025-31421 : SrbTransLatin (Serbian Latinisation) plugin vulnerability permitting unauthenticated sensitive information exposure via an externally accessible file path; description indicates sensitive data retrieval. Connected data confirms this is an exposure issue for SrbTransLatin

5.8CVSS7.2AI score0.00295EPSS
Exploits0References1
NVD
NVD
added 2025/03/24 2:15 p.m.6 views

CVE-2025-30558

Cross-Site Request Forgery CSRF vulnerability in EnzoCostantini55 ANAC XML Render anac-xml-render allows Stored XSS.This issue affects ANAC XML Render: from n/a through = 1.5.7...

7.1CVSS0.00178EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/03/05 3:14 p.m.7 views

CVE-2025-25161

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in SocialEvolution WP Find Your Nearest wp-find-your-nearest allows Reflected XSS.This issue affects WP Find Your Nearest: from n/a through = 0.3.1...

7.1CVSS7.2AI score0.00363EPSS
Exploits0References1
OSV
OSV
added 2025/02/28 5:57 a.m.3 views

BELL-CVE-2024-57995

Bulletin has no description...

7.8CVSS7.2AI score0.0022EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/02/13 7:34 p.m.13 views

CVE-2023-37569

This vulnerability exists in ESDS Emagic Data Center Management Suit due to lack of input sanitization in its Ping component. A remote authenticated attacker could exploit this by injecting OS commands on the targeted system. Successful exploitation of this vulnerability could allow the attacker ...

8.8CVSS7.6AI score0.24029EPSS
Exploits4References4
RedhatCVE
RedhatCVE
added 2025/02/07 9:50 a.m.6 views

CVE-2025-24556

Insertion of Sensitive Information into Log File vulnerability in DualCube MooWoodle moowoodle allows Retrieve Embedded Sensitive Data.This issue affects MooWoodle: from n/a through = 3.2.4...

5.9AI score0.00517EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/02/06 2:33 a.m.10 views

CVE-2025-24734

Missing Authorization vulnerability in CodeSolz Better Find and Replace real-time-auto-find-and-replace allows Privilege Escalation.This issue affects Better Find and Replace: from n/a through = 1.6.7...

8.8CVSS7.4AI score0.00515EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/02/05 6:51 a.m.6 views

CVE-2024-50532

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Jerin K Alexander Events Manager Pro – extended events-manager-pro-extended allows Reflected XSS.This issue affects Events Manager Pro – extended: from n/a through = 0.1...

7.1CVSS5.9AI score0.00394EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/02/05 4:7 a.m.7 views

CVE-2024-54367

Deserialization of Untrusted Data vulnerability in Ultimate Member ForumWP forumwp allows Object Injection.This issue affects ForumWP: from n/a through = 2.1.0...

9.8CVSS7.2AI score0.00694EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/01/07 7:49 a.m.8 views

CVE-2024-11627

: Insufficient Session Expiration vulnerability in Progress Sitefinity allows : Session Fixation.This issue affects Sitefinity: from 4.0 through 14.4.8142, from 15.0.8200 through 15.0.8229, from 15.1.8300 through 15.1.8327, from 15.2.8400 through 15.2.8421...

6.8CVSS6.7AI score0.00318EPSS
Exploits0References2
NVD
NVD
added 2024/12/13 3:15 p.m.32 views

CVE-2023-40334

Missing Authorization vulnerability in RealMag777 HUSKY woocommerce-products-filter allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects HUSKY: from n/a through = 1.3.4.2...

8.8CVSS0.00477EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2024/11/03 12:0 a.m.4 views

PT-2024-18605 · Mms · Mms

Name of the Vulnerable Software and Affected Versions: mms affected versions not specified Description: The issue is related to a possible out of bounds write in mms due to an incorrect bounds check. This could lead to local escalation of privilege with System execution privileges needed. User...

6.7CVSS6.4AI score0.00079EPSS
Exploits0References7
Hewlett-Packard
Hewlett-Packard
added 2024/05/14 12:0 a.m.39 views

Intel Thunderbolt Driver May 2024 Security Update

Intel has informed HP of a potential security vulnerability in some Intel® Thunderbolt driver software, which might allow escalation of privilege. Intel is releasing software updates to mitigate this potential vulnerability. Intel has released updates to mitigate the potential vulnerability. HP h...

7CVSS7.4AI score0.0017EPSS
Exploits0Affected Software173
OSV
OSV
added 2024/03/22 1:15 p.m.9 views

CVE-2024-29944

An attacker was able to inject an event handler into a privileged object that would allow arbitrary JavaScript execution in the parent process. Note: This vulnerability affects Desktop Firefox only, it does not affect mobile versions of Firefox. This vulnerability affects Firefox 124.0.1 and...

8.4CVSS7.6AI score
Exploits0References5
OSV
OSV
added 2023/08/31 12:16 p.m.0 views

BELL-CVE-2019-15845 CVE-2019-15845 does not affect BellSoft software

Bulletin has no description...

6.5CVSS7.3AI score0.03317EPSS
Exploits0References1
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2023/05/15 12:0 a.m.45 views

JVN#41694426: Multiple vulnerabilities in Cybozu Garoon

Cybozu Garoon provided by Cybozu, Inc. contains multiple vulnerabilities listed below. CyVDB-3122 Denial-of-service DoS in Message CWE-400 - CVE-2023-26595 Version| Vector| Score ---|---|--- CVSS v3| CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:L| Base Score: 5.0 CVSS v2| AV:N/AC:L/Au:S/C:N/I:N/A:P...

6.5CVSS5.2AI score0.00534EPSS
Exploits0
Positive Technologies
Positive Technologies
added 2023/05/12 12:0 a.m.5 views

PT-2023-15846 · Undefined · Undefined

Name of the Vulnerable Software and Affected Versions: No information is available about the vulnerable software and its affected versions. Description: The provided information does not contain details about the issue. It appears to be a notification about a candidate number that is not in use...

6.2AI score
Exploits0References2
Positive Technologies
Positive Technologies
added 2023/05/02 12:0 a.m.6 views

PT-2023-23323 · Evasys · Evasys

Name of the Vulnerable Software and Affected Versions: evasys versions prior to 8.2 Build 2286 evasys versions 9.x prior to 9.0 Build 2401 Description: The issue concerns the lack of input validation for certain parameters in evasys, specifically nutzer titel, nutzer vn, nutzer nn, langID, and...

5.4CVSS5.2AI score0.00468EPSS
Exploits1References4
Rows per page
Query Builder