Lucene search
K

663 matches found

Tenable Nessus
Tenable Nessus
added 2026/01/07 12:0 a.m.3 views

EulerOS 2.0 SP9 : sqlite (EulerOS-SA-2026-1011)

According to the versions of the sqlite package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : There exists a vulnerability in SQLite versions before 3.50.2 where the number of aggregate terms could exceed the number of columns available. Thi...

7.7CVSS7.1AI score0.73495EPSS
Exploits3References2
NVD
NVD
added 2026/01/06 8:15 a.m.4 views

CVE-2025-14371

The Tag, Category, and Taxonomy Manager – AI Autotagger with OpenAI plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the taxopressaiaddpostterm function in all versions up to, and including, 3.41.0. This makes it possible for authenticat...

4.3CVSS0.00193EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/01/06 12:0 a.m.6 views

PT-2026-1421

Name of the Vulnerable Software and Affected Versions The Tag, Category, and Taxonomy Manager – AI Autotagger with OpenAI plugin for WordPress versions through 3.41.0 Description The software contains a flaw that allows unauthorized modification of data. Specifically, a missing capability check...

4.3CVSS6.2AI score0.00193EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2026/01/05 6:7 p.m.3 views

sqlite: Integer Truncation in SQLite

A memory corruption flaw was found in SQLite. Under specific conditions a query can be generated where the number of aggregate terms could exceed the number of columns available. This issue could lead to memory corruption and subsequent unintended behavior...

7.7CVSS7.2AI score0.73495EPSS
Exploits3References6
RedHat Linux
RedHat Linux
added 2026/01/05 6:1 p.m.6 views

sqlite: Integer Truncation in SQLite

A memory corruption flaw was found in SQLite. Under specific conditions a query can be generated where the number of aggregate terms could exceed the number of columns available. This issue could lead to memory corruption and subsequent unintended behavior...

7.7CVSS7.2AI score0.73495EPSS
Exploits3References6
RedHat Linux
RedHat Linux
added 2026/01/05 5:40 p.m.4 views

sqlite: Integer Truncation in SQLite

A memory corruption flaw was found in SQLite. Under specific conditions a query can be generated where the number of aggregate terms could exceed the number of columns available. This issue could lead to memory corruption and subsequent unintended behavior...

7.7CVSS7.2AI score0.73495EPSS
Exploits3References6
RedHat Linux
RedHat Linux
added 2026/01/05 12:51 a.m.9 views

sqlite: Integer Truncation in SQLite

A memory corruption flaw was found in SQLite. Under specific conditions a query can be generated where the number of aggregate terms could exceed the number of columns available. This issue could lead to memory corruption and subsequent unintended behavior...

7.7CVSS7.2AI score0.73495EPSS
Exploits3References6
RedhatCVE
RedhatCVE
added 2026/01/01 3:32 p.m.18 views

CVE-2025-62139

Insertion of Sensitive Information Into Sent Data vulnerability in Vladimir Statsenko Terms descriptions terms-descriptions allows Retrieve Embedded Sensitive Data.This issue affects Terms descriptions: from n/a through = 3.4.10...

5.3CVSS5.9AI score0.00192EPSS
Exploits0References1
NVD
NVD
added 2025/12/31 3:15 p.m.4 views

CVE-2025-62139

Insertion of Sensitive Information Into Sent Data vulnerability in Vladimir Statsenko Terms descriptions terms-descriptions allows Retrieve Embedded Sensitive Data.This issue affects Terms descriptions: from n/a through = 3.4.10...

5.3CVSS0.00192EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/12/31 3:8 p.m.2 views

CVE-2025-62139 WordPress Terms descriptions plugin <= 3.4.9 - Sensitive Data Exposure vulnerability

Insertion of Sensitive Information Into Sent Data vulnerability in Vladimir Statsenko Terms descriptions allows Retrieve Embedded Sensitive Data.This issue affects Terms descriptions: from n/a through 3.4.9...

5.3CVSS6.5AI score0.00192EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/12/31 3:8 p.m.27 views

CVE-2025-62139 WordPress Terms descriptions plugin <= 3.4.10 - Sensitive Data Exposure vulnerability

Insertion of Sensitive Information Into Sent Data vulnerability in Vladimir Statsenko Terms descriptions terms-descriptions allows Retrieve Embedded Sensitive Data.This issue affects Terms descriptions: from n/a through = 3.4.10...

5.3CVSS0.00192EPSS
Exploits0References1
EUVD
EUVD
added 2025/12/31 3:8 p.m.6 views

EUVD-2025-206039

Insertion of Sensitive Information Into Sent Data vulnerability in Vladimir Statsenko Terms descriptions allows Retrieve Embedded Sensitive Data.This issue affects Terms descriptions: from n/a through 3.4.9...

5.3CVSS6.4AI score0.00192EPSS
Exploits0References2
CVE
CVE
added 2025/12/31 3:8 p.m.11 views

CVE-2025-62139

CVE-2025-62139 affects the Terms descriptions plugin (versions

5.3CVSS5.9AI score0.00192EPSS
Exploits0References1
Patchstack
Patchstack
added 2025/12/31 3:5 p.m.7 views

WordPress Terms descriptions plugin <= 3.4.10 - Sensitive Data Exposure vulnerability

Sensitive Data Exposure vulnerability discovered by Muhammad Nur Ibnu Hubab in WordPress Plugin Terms descriptions versions = 3.4.10...

5.3CVSS5.9AI score0.00192EPSS
Exploits0Affected Software1
Positive Technologies
Positive Technologies
added 2025/12/31 12:0 a.m.5 views

PT-2025-54345

Name of the Vulnerable Software and Affected Versions Vladimir Statsenko Terms descriptions versions through 3.4.9 Description A flaw exists in Vladimir Statsenko Terms descriptions that allows retrieval of embedded sensitive data due to insertion of sensitive information into sent data...

5.3CVSS6.3AI score0.00192EPSS
Exploits0References3
CNNVD
CNNVD
added 2025/12/31 12:0 a.m.6 views

WordPress plugin Terms descriptions 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A security vulnerabili...

5.3CVSS6.4AI score0.00192EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/12/16 12:25 a.m.4 views

CVE-2025-66436

An SSTI Server-Side Template Injection vulnerability exists in the gettermsandconditions method of Frappe ERPNext through 15.89.0. The function renders attacker-controlled Jinja2 templates terms using frappe.rendertemplate with a user-supplied context doc. Although Frappe uses a custom...

4.3CVSS7.5AI score0.00289EPSS
Exploits1References1
EUVD
EUVD
added 2025/12/15 6:30 p.m.6 views

EUVD-2025-203390

An SSTI Server-Side Template Injection vulnerability exists in the gettermsandconditions method of Frappe ERPNext through 15.89.0. The function renders attacker-controlled Jinja2 templates terms using frappe.rendertemplate with a user-supplied context doc. Although Frappe uses a custom...

7AI score0.00289EPSS
Exploits1References3
EUVD
EUVD
added 2025/12/15 6:30 p.m.6 views

EUVD-2025-203396

An SSTI Server-Side Template Injection vulnerability exists in the getcontracttemplate method of Frappe ERPNext through 15.89.0. The function renders attacker-controlled Jinja2 templates contractterms using frappe.rendertemplate with a user-supplied context doc. Although Frappe uses a custom...

7AI score0.00289EPSS
Exploits1References3
NVD
NVD
added 2025/12/15 6:15 p.m.5 views

CVE-2025-66436

An SSTI Server-Side Template Injection vulnerability exists in the gettermsandconditions method of Frappe ERPNext through 15.89.0. The function renders attacker-controlled Jinja2 templates terms using frappe.rendertemplate with a user-supplied context doc. Although Frappe uses a custom...

4.3CVSS0.00289EPSS
Exploits1References2
Rows per page
Query Builder