Lucene search
K

276247 matches found

OSV
OSV
added 2026/02/03 12:16 a.m.3 views

DEBIAN-CVE-2025-61639

Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Wikimedia Foundation MediaWiki. This vulnerability is associated with program files includes/logging/ManualLogEntry.Php, includes/recentchanges/RecentChangeFactory.Php, includes/recentchanges/RecentChangeStore.Php. This...

4.8CVSS5.3AI score0.0022EPSS
Exploits0References1
OSV
OSV
added 2026/02/03 12:16 a.m.2 views

DEBIAN-CVE-2025-61635

Vulnerability in Wikimedia Foundation ConfirmEdit. This vulnerability is associated with program files includes/FancyCaptcha/ApiFancyCaptchaReload.Php. This issue affects ConfirmEdit:...

5.2AI score0.00356EPSS
Exploits0References1
OSV
OSV
added 2026/02/03 12:16 a.m.4 views

DEBIAN-CVE-2025-61638

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Wikimedia Foundation MediaWiki, Wikimedia Foundation Parsoid. This vulnerability is associated with program files includes/parser/Sanitizer.Php, src/Core/Sanitizer.Php. This issue affects...

4.8CVSS5.3AI score0.00233EPSS
Exploits0References1
OSV
OSV
added 2026/02/03 12:16 a.m.4 views

DEBIAN-CVE-2025-61636

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Wikimedia Foundation MediaWiki. This vulnerability is associated with program files includes/htmlform/fields/HTMLButtonField.Php. This issue affects MediaWiki: from before 1.39.14, 1.43.4,...

4.8CVSS5.3AI score0.00211EPSS
Exploits0References1
OSV
OSV
added 2026/02/03 12:16 a.m.2 views

DEBIAN-CVE-2025-61634

Vulnerability in Wikimedia Foundation MediaWiki. This vulnerability is associated with program files includes/Rest/Handler/PageHTMLHandler.Php. This issue affects MediaWiki: from before 1.39.14, 1.43.4, 1.44.1...

3.1CVSS5.2AI score0.00273EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/02/03 12:0 a.m.5 views

PT-2026-6003

Name of the Vulnerable Software and Affected Versions AKCE Software Technology R&D Industry and Trade Inc. SKSPro versions through 07012026 Description An issue exists in AKCE Software Technology R&D Industry and Trade Inc. SKSPro that allows for Reflected Cross-site Scripting XSS. This is due to...

7.6CVSS5.4AI score0.00258EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/02/03 12:0 a.m.7 views

Wikimedia MediaWiki 安全漏洞

Wikimedia MediaWiki is a web application developed by the Wikimedia Foundation for building Wiki websites. Versions of MediaWiki prior to 1.39.16, 1.43.6, 1.44.3, and 1.45.1 contained security vulnerabilities due to a flaw in the includes/Api/ApiQueryRevisionsBase.Php file...

6.5CVSS5.8AI score0.00211EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/02/03 12:0 a.m.3 views

PT-2026-5942

Name of the Vulnerable Software and Affected Versions Ankara Hosting Website Design Website Software version 03022026 Description The software contains a Reflected Cross-site Scripting XSS issue due to improper neutralization of input during web page generation. This allows an attacker to inject...

8.6CVSS5.4AI score0.00234EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2026/02/03 12:0 a.m.3 views

Linux Distros Unpatched Vulnerability : CVE-2025-36184

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - IBM Db2 for Linux, UNIX and Windows includes Db2 Connect Server 11.5.0 - 11.5.9 could allow an instance owner to execute malicious code that escalate their...

7.2CVSS6.7AI score0.00471EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/02/03 12:0 a.m.6 views

Linux Distros Unpatched Vulnerability : CVE-2025-36423

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - IBM Db2 for Linux, UNIX and Windows includes Db2 Connect Server 12.1.0 - 12.1.3 could allow a local user to cause a denial of service due to improper...

6.5CVSS5.8AI score0.00242EPSS
Exploits0References2
Spring Security Advisories
Spring Security Advisories
added 2026/02/03 12:0 a.m.5 views

This Week in Spring - February 3rd, 2026

Hi, Spring fans! This week I'm in northern Europe. I went on the Vaadin cruise from Finland to Sweden, gave a talk on a boat, then arrived in Stockholm in time for the amazing JFokus 2026 event where I had the privilege yesterday of doing a deep dive with my pal James Ward on Spring AI and agenti...

5.4AI score
Exploits0
CNNVD
CNNVD
added 2026/02/03 12:0 a.m.8 views

FUXA 安全漏洞

FUXA is a web-based process visualization software developed by frangoteam. Version 1.2.7 of FUXA contains a security vulnerability. This vulnerability stems from the project import function not properly cleaning or sandboxing the scripts provided by users. As a result, remote code execution may...

9.8CVSS6.4AI score0.00416EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2026/02/03 12:0 a.m.4 views

Linux Distros Unpatched Vulnerability : CVE-2025-36365

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - IBM Db2 for Linux, UNIX and Windows includes Db2 Connect Server 11.5.0 - 11.5.9 and 12.1.0 - 12.1.3 under specific configuration of cataloged remote storage...

7.5CVSS6.6AI score0.00261EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/02/03 12:0 a.m.10 views

LUNA software 跨站脚本漏洞

LUNA software is a digital audio workstation developed by the British company LUNA. Version 7.5.5.6 of LUNA software contains a cross-site scripting vulnerability. This vulnerability stems from the improper handling of user input in the Edit Batch Name function, which may lead to storage-based...

5.1CVSS5.6AI score0.00243EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/02/03 12:0 a.m.6 views

FUXA 安全漏洞

FUXA is a web-based process visualization software developed by frangoteam. Version 1.2.7 of FUXA contains a security vulnerability. This vulnerability stems from unsafe default configurations in the server/settings.default.js file, which disable authentication. As a result, unauthenticated remot...

9.3CVSS5.8AI score0.00463EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/02/03 12:0 a.m.4 views

PT-2026-5838

Name of the Vulnerable Software and Affected Versions School ERP Pro version 1.0 Description School ERP Pro version 1.0 has a flaw that allows attackers to read arbitrary files without needing to log in. This is possible by manipulating the document parameter within the 'download.php' file. By...

8.7CVSS5.6AI score0.02564EPSS
Exploits1References7
Positive Technologies
Positive Technologies
added 2026/02/03 12:0 a.m.5 views

PT-2026-6184

Name of the Vulnerable Software and Affected Versions Apache Syncope versions 3.0 through 3.0.15 Apache Syncope versions 4.0 through 4.0.3 Description An issue exists in Apache Syncope Console where an administrator with sufficient privileges to create or edit Keymaster parameters can construct...

4.9CVSS5.4AI score0.00827EPSS
Exploits0References15
Positive Technologies
Positive Technologies
added 2026/02/03 12:0 a.m.5 views

PT-2026-6002

Name of the Vulnerable Software and Affected Versions Seres Software syWEB versions through 03022026 Description The software contains a flaw due to improper neutralization of input during web page generation, leading to a Reflected Cross-Site Scripting XSS condition. The vendor was contacted...

7.6CVSS5.4AI score0.00175EPSS
Exploits0References4
CNNVD
CNNVD
added 2026/02/03 12:0 a.m.7 views

Ankara Host Website Software 跨站脚本漏洞

Ankara Host Website Software is a web design software developed by Ankara Host in Turkey. Versions of Ankara Host Website Software prior to 03022026 contained a cross-site scripting vulnerability. This vulnerability stemmed from improper input during web page generation, and could lead to...

8.6CVSS5.7AI score0.00234EPSS
Exploits0References1
CNVD
CNVD
added 2026/02/03 12:0 a.m.3 views

Information Leakage Vulnerability in E3 Omni-Channel Central Platform of Shanghai Esaote Software Co.

E3 Omni-Channel Middle is an omni-channel new retail solution product for medium and large enterprises. Ltd. E3 Omni-Channel Middleware suffers from an information leakage vulnerability that can be exploited by attackers to obtain sensitive information...

5.8AI score
Exploits0
Rows per page
Query Builder