Lucene search
K

22 matches found

NVD
NVD
added 2026/04/16 7:16 a.m.5 views

CVE-2026-3861

LINE client for iOS versions prior to 26.3.0 contains a vulnerability in the in-app browser where opening a crafted web page can repeatedly trigger OS-level dialogs due to insufficient safeguards when handling arbitrary URL schemes, potentially causing the iOS device to become temporarily...

7.1CVSS0.00305EPSS
Exploits0References1
CVE
CVE
added 2026/04/16 5:54 a.m.14 views

CVE-2026-3861

Affected software: LINE client for iOS (versions prior to 26.3.0). Vulnerability details: In the in-app browser, opening a crafted web page can repeatedly trigger OS-level dialogs due to insufficient safeguards when handling arbitrary URL schemes, potentially making the iOS device temporarily ino...

7.1CVSS5.3AI score0.00305EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/02/18 2:17 p.m.28 views

CVE-2026-27099

Jenkins 2.483 through 2.550 both inclusive, LTS 2.492.1 through 2.541.1 both inclusive does not escape the user-provided description of the "Mark temporarily offline" offline cause, resulting in a stored cross-site scripting XSS vulnerability exploitable by attackers with Agent/Configure or...

0.00505EPSS
Exploits0References1
OSV
OSV
added 2025/12/03 12:34 p.m.2 views

SUSE-SU-2025:4319-1 Security update for cups

This update for cups fixes the following issues: - The fix for CVE-2025-58436 causes a regression where GTK applications will hang. bsc1254353 See also https://github.com/OpenPrinting/cups/issues/1429 The fix has been temporary disabled...

5.5CVSS5.7AI score0.00195EPSS
Exploits1References3
Tenable Nessus
Tenable Nessus
added 2025/10/16 12:0 a.m.3 views

openSUSE 15 Security Update : libxslt (SUSE-SU-2025:03595-1)

The remote openSUSE 15 host has a package installed that is affected by a vulnerability as referenced in the SUSE- SU-2025:03595-1 advisory. - last fix caused a regression, patch was temporary disabled bsc1250553 Tenable has extracted the preceding description block directly from the SUSE securit...

5.5CVSS5.5AI score0.00161EPSS
Exploits0References4
SUSE Linux
SUSE Linux
added 2025/10/14 9:7 p.m.3 views

Security update for libxslt

This update for libxslt fixes the following issues: last fix caused a regression, patch was temporary disabled bsc1250553 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can run the command...

6.8CVSS7AI score0.00161EPSS
Exploits0References4
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2025-26509

Malicious code in bioql PyPI...

5.1CVSS6.5AI score0.00101EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/07/19 12:0 a.m.7 views

WordPress plugin Temporarily Hidden Content 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed in the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site scripting vulnerability exists in...

6.4CVSS5.7AI score0.00218EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2025/07/19 12:0 a.m.5 views

PT-2025-30111 · WordPress · Temporarily Hidden Content

Name of the Vulnerable Software and Affected Versions: Temporarily Hidden Content plugin for WordPress versions up to and including 1.0.6 Description: The Temporarily Hidden Content plugin for WordPress is susceptible to Stored Cross-Site Scripting through the plugin’s temphc-start shortcode...

6.4CVSS5.7AI score0.00218EPSS
Exploits0References7
Positive Technologies
Positive Technologies
added 2024/05/23 12:0 a.m.4 views

PT-2024-40216 · Silverstripe · Silverstripe

Name of the Vulnerable Software and Affected Versions: SilverStripe forms affected versions not specified Description: The issue concerns form fields in SilverStripe forms that return isReadonly as true, making them vulnerable to reflected XSS injections. This includes fields like ReadonlyField,...

6.1CVSS6.1AI score
Exploits0References5
Positive Technologies
Positive Technologies
added 2024/05/02 12:0 a.m.6 views

PT-2024-24996 · WordPress · User Registration – Custom Registration Form

Name of the Vulnerable Software and Affected Versions: User Registration – Custom Registration Form, Login Form, and User Profile WordPress Plugin versions up to, and including, 3.1.5 Description: The issue is related to unauthorized loss of data due to a missing capability check on the profile p...

6.5CVSS6.9AI score0.0091EPSS
Exploits0References6
Oracle linux
Oracle linux
added 2024/04/23 12:0 a.m.39 views

golang security update

1.20.12-4 - Rebuild for z-stream - Related: RHEL-28939 1.20.12-3 - Fix CVE-2023-45288 - Resolves: RHEL-28939 - Temporarily disable FIPS tests RHELBLD-14822...

7.5CVSS7.1AI score0.91969EPSS
Exploits1
Positive Technologies
Positive Technologies
added 2024/03/20 12:0 a.m.10 views

PT-2024-3990

Name of the Vulnerable Software and Affected Versions Progress Telerik Report Server versions 2024 Q1 10.0.24.305 or earlier Description The issue is related to an authentication bypass vulnerability in Progress Telerik Report Server, allowing an unauthenticated attacker to gain access to...

9.9CVSS5.9AI score0.97482EPSS
Exploits14References62
Positive Technologies
Positive Technologies
added 2024/01/07 12:0 a.m.4 views

PT-2024-15451 · Beijing Baichuo · Beijing Baichuo Smart S150 Management Platform

Name of the Vulnerable Software and Affected Versions: Beijing Baichuo Smart S150 Management Platform versions up to 20240101 Description: A critical issue affects some unknown functionality of the file /useratte/userattestation.php of the component HTTP POST Request Handler. The manipulation of...

9.8CVSS6.6AI score0.05703EPSS
Exploits1References8
Openbugbounty
Openbugbounty
added 2023/06/24 10:52 p.m.18 views

gaspares.com.au Cross Site Scripting vulnerability OBB-3466216

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

6.1AI score
Exploits0
OSV
OSV
added 2023/01/17 3:57 p.m.9 views

GSD-2023-1000070 drm/amdgpu: temporarily disable broken Clang builds due to blown stack-frame

drm/amdgpu: temporarily disable broken Clang builds due to blown stack-frame This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v6.0.12 by commit...

7.2AI score
Exploits0
Positive Technologies
Positive Technologies
added 2022/11/19 12:0 a.m.3 views

PT-2022-24956 · Alibaba · Aliyun-Oss-Client

Name of the Vulnerable Software and Affected Versions: aliyun-oss-client versions prior to 0.8.1 Description: The aliyun-oss-client unintentionally divulges the authentication secret. Users of this library will be affected, as the incoming secret will be disclosed unintentionally. Recommendations...

5.6CVSS4.3AI score0.00421EPSS
Exploits0References13
CNNVD
CNNVD
added 2022/06/14 12:0 a.m.5 views

SAP 3D Visual Enterprise Viewer 输入验证错误漏洞

SAP 3D Visual Enterprise Viewer is a 3D view viewer from SAP Germany. The software supports publishing 2D and 3D scenes in all industry-standard desktop applications and supports separate installations as standalone executables and ActiveX spaces. The vulnerability can be exploited to crash the...

5.5CVSS5.6AI score0.00695EPSS
Exploits0References3
Prion
Prion
added 2021/01/12 3:15 p.m.20 views

Input validation

SAP 3D Visual Enterprise Viewer, version - 9, allows a user to open manipulated DIB file received from untrusted sources which results in crashing of the application and becoming temporarily unavailable until the user restarts the application, this is caused due to Improper Input Validation...

6.8CVSS8.6AI score0.01199EPSS
Exploits0References2Affected Software1
Positive Technologies
Positive Technologies
added 2020/06/25 12:0 a.m.8 views

PT-2020-14546 · Centos · Centos Web Panel

Name of the Vulnerable Software and Affected Versions: CentOS Web Panel version cwp-e17.0.9.8.923 Description: This issue allows remote attackers to write arbitrary files on affected installations. Authentication is not required to exploit this issue. The flaw exists within the ajax mod...

10CVSS9.7AI score0.08335EPSS
Exploits0References2
Rows per page
Query Builder