Lucene search
+L

674 matches found

CNNVD
CNNVD
added 2026/04/08 12:0 a.m.10 views

WordPress plugin Strong Testimonials 跨站脚本漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. WordPres...

6.4CVSS5.8AI score0.00199EPSS
Exploits0References2
Packet Storm News
Packet Storm News
added 2026/04/08 12:0 a.m.6 views

OpenSSL Toolkit 3.0.20

OpenSSL is a robust, fully featured Open Source toolkit implementing the Secure Sockets Layer and Transport Layer Security protocols with full-strength cryptography world-wide. This is the 3.0 LTS release...

7.5CVSS5.9AI score0.01059EPSS
Exploits0
Packet Storm News
Packet Storm News
added 2026/04/08 12:0 a.m.6 views

OpenSSL Toolkit 3.6.2

OpenSSL is a robust, fully featured Open Source toolkit implementing the Secure Sockets Layer and Transport Layer Security protocols with full-strength cryptography world-wide. This is the 3.6 release...

7.5CVSS5.9AI score0.01059EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2026/03/31 12:0 a.m.6 views

Azure Linux 3.0 Security Update: CBL-Mariner Releases (CVE-2026-33413)

The version of CBL-Mariner Releases installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2026-33413 advisory. - etcd is a distributed key-value store for the data of a distributed system. Prior to versions...

8.8CVSS6AI score0.00249EPSS
Exploits0References1
Snyk
Snyk
added 2026/03/24 2:33 a.m.3 views

Improper Control of Dynamically-Managed Code Resources

Overview graphiti is an Easily build jsonapi.org-compatible APIs Affected versions of this package are vulnerable to Improper Control of Dynamically-Managed Code Resources via the Graphiti::Util::ValidationResponseallvalid? method recursively calls model.sendname. An attacker can execute arbitrar...

9.1CVSS6.2AI score0.00632EPSS
Exploits0References2
OSV
OSV
added 2026/03/23 11:52 p.m.4 views

CVE-2026-33286 Graphiti Affected by Arbitrary Method Execution via Unvalidated Relationship Names

Graphiti is a framework that sits on top of models and exposes them via a JSON:API-compliant interface. Versions prior to 1.10.2 have an arbitrary method execution vulnerability that affects Graphiti's JSONAPI write functionality. An attacker can craft a malicious JSONAPI payload with arbitrary...

9.1CVSS6.2AI score0.00632EPSS
Exploits0References5
HackRead
HackRead
added 2026/03/12 11:47 a.m.16 views

Maintaining Security and Protecting Smart Home Devices from Hackers

Learn how to protect smart home devices from hackers. Strong passwords, updates and secure networks help keep cameras, sensors and data safe...

5.8AI score
Exploits0
EUVD
EUVD
added 2026/03/10 5:27 p.m.5 views

EUVD-2026-10707

Coral Server is open collaboration infrastructure that enables communication, coordination, trust and payments for The Internet of Agents. Prior to 1.1.0, Coral Server did not enforce strong authentication between agents and the server within an active session. This could allow an attacker who...

7.6CVSS5.8AI score0.00381EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/03/10 12:0 a.m.8 views

PT-2026-24341

Name of the Vulnerable Software and Affected Versions Coral Server versions prior to 1.1.0 Description Coral Server is an open collaboration infrastructure designed for communication, coordination, trust, and payments within The Internet of Agents. Before version 1.1.0, the software permitted the...

9.1CVSS5.8AI score0.00319EPSS
Exploits0References6
Packet Storm News
Packet Storm News
added 2026/03/09 12:0 a.m.7 views

Lockbox -- a Zero Trust Architecture for Secure Processing of Sensitive Cloud Workloads

Enterprises increasingly rely on cloud-based applications to process highly sensitive data artifacts. Although cloud adoption improves agility and scalability, it also introduces new security challenges such as expanded attack surfaces, a wider radius of attack from credential compromise, and...

6AI score
Exploits0
RedhatCVE
RedhatCVE
added 2026/02/04 7:28 p.m.4 views

CVE-2026-24957

Missing Authorization vulnerability in WP Chill Strong Testimonials strong-testimonials allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Strong Testimonials: from n/a through = 3.2.20...

6.5CVSS5.3AI score0.00248EPSS
Exploits0References1
NVD
NVD
added 2026/02/03 3:16 p.m.15 views

CVE-2026-24957

Missing Authorization vulnerability in WP Chill Strong Testimonials strong-testimonials allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Strong Testimonials: from n/a through = 3.2.20...

6.5CVSS0.00248EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/02/03 2:8 p.m.3 views

CVE-2026-24957

Missing Authorization vulnerability in WP Chill Strong Testimonials strong-testimonials allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Strong Testimonials: from n/a through = 3.2.20...

5.3AI score0.00248EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/02/03 2:8 p.m.26 views

CVE-2026-24957 WordPress Strong Testimonials plugin <= 3.2.20 - Broken Access Control vulnerability

Missing Authorization vulnerability in WP Chill Strong Testimonials strong-testimonials allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Strong Testimonials: from n/a through = 3.2.20...

6.5CVSS0.00248EPSS
Exploits0References1
EUVD
EUVD
added 2026/02/03 2:8 p.m.6 views

EUVD-2026-5221

Missing Authorization vulnerability in WP Chill Strong Testimonials strong-testimonials allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Strong Testimonials: from n/a through = 3.2.20...

6.5CVSS5.3AI score0.00248EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/02/03 2:8 p.m.5 views

CVE-2026-24957 WordPress Strong Testimonials plugin <= 3.2.20 - Broken Access Control vulnerability

Missing Authorization vulnerability in WP Chill Strong Testimonials strong-testimonials allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Strong Testimonials: from n/a through = 3.2.20...

5.3AI score0.00248EPSS
Exploits0References1
CVE
CVE
added 2026/02/03 2:8 p.m.13 views

CVE-2026-24957

CVE-2026-24957 affects the WordPress plugin Strong Testimonials (WP Chill Strong Testimonials) up to version 3.2.20. The issue is a Missing Authorization / Broken Access Control vulnerability caused by incorrectly configured access control security levels, allowing unauthorized access to certain ...

6.5CVSS5.3AI score0.00248EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/02/03 12:0 a.m.9 views

WordPress plugin Strong Testimonials 安全漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...

6.5CVSS5.8AI score0.00248EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/01/22 2:57 p.m.30 views

CVE-2025-64097 NervesHub has Insufficient Token Entropy that Allows Authentication Bypass via Brute Force

NervesHub is a web service that allows users to manage over-the-air OTA firmware updates of devices in the field. A vulnerability present starting in version 1.0.0 and prior to version 2.3.0 allowed attackers to brute-force user API tokens due to the predictable format of previously issued tokens...

9.5CVSS0.00422EPSS
Exploits0References3
OSV
OSV
added 2026/01/22 2:57 p.m.8 views

CVE-2025-64097 NervesHub has Insufficient Token Entropy that Allows Authentication Bypass via Brute Force

NervesHub is a web service that allows users to manage over-the-air OTA firmware updates of devices in the field. A vulnerability present starting in version 1.0.0 and prior to version 2.3.0 allowed attackers to brute-force user API tokens due to the predictable format of previously issued tokens...

9.5CVSS5.7AI score0.00422EPSS
Exploits0References5
Rows per page
Query Builder