Lucene search
K

11 matches found

CVE
CVE
added 2026/05/21 5:9 p.m.20 views

CVE-2026-48217

Open ISES Tickets prior to 3.44.2 is affected by a reflected XSS in delete_module.php. The vulnerability allows an authenticated attacker to inject arbitrary JavaScript by passing unsanitized values through POST parameters module_choice, flag, and confirmation, which are then rendered into HTML c...

5.4CVSS5.8AI score0.00212EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2026/05/20 7:34 p.m.7 views

CVE-2026-35008

Open ISES Tickets before 3.44.2 contains a reflected cross-site scripting vulnerability in single.php that allows authenticated attackers to inject arbitrary JavaScript by passing an unsanitized value through the ticketid GET parameter directly into an HTML attribute. Attackers can craft a...

5.1CVSS5.8AI score0.00221EPSS
Exploits0References4
ATTACKERKB
ATTACKERKB
added 2026/05/20 7:31 p.m.9 views

CVE-2026-35007

Open ISES Tickets before 3.44.2 contains a reflected cross-site scripting vulnerability in singleunit.php that allows authenticated attackers to inject arbitrary JavaScript by passing an unsanitized value through the id GET parameter directly into an HTML attribute. Attackers can craft a maliciou...

5.1CVSS5.8AI score0.00221EPSS
Exploits0References4
EUVD
EUVD
added 2026/01/20 4:14 a.m.5 views

EUVD-2026-3449

Out of bounds memory access in V8 in Google Chrome prior to 144.0.7559.59 allowed a remote attacker to potentially exploit object corruption via a crafted HTML page. Chromium security severity: High...

8.8CVSS5.4AI score0.00382EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2026/01/20 12:0 a.m.8 views

MiracleLinux 9 : dotnet6.0-6.0.123-1.el9.ML.1 (AXSA:2023-6529:25)

The remote MiracleLinux 9 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2023-6529:25 advisory. HTTP/2: Multiple HTTP/2 enabled web servers are vulnerable to a DDoS attack Rapid Reset Attack CVE-2023-44487 Tenable has extracted the preceding description...

7.5CVSS7.5AI score0.99999EPSS
Exploits19References2
NVD
NVD
added 2025/11/13 10:15 a.m.4 views

CVE-2025-64274

Missing Authorization vulnerability in wpkoithemes WPKoi Templates for Elementor wpkoi-templates-for-elementor allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WPKoi Templates for Elementor: from n/a through = 3.4.4...

4.3CVSS0.00162EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/11/13 12:0 a.m.2 views

WordPress plugin WPKoi Templates for Elementor 安全漏洞

WordPress WPKoi Templates for Elementor plugin is a template plugin designed for Elementor page builder, offering 400+ preset templates and dynamic elements to help users quickly create visual websites. The WordPress WPKoi Templates for Elementor plugin suffers from a missing authorization...

4.3CVSS6.4AI score0.00162EPSS
Exploits0References1
Amazon
Amazon
added 2023/10/17 12:0 a.m.24 views

Important: dotnet6.0

Issue Overview: The HTTP/2 protocol allows a denial of service server resource consumption because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023. CVE-2023-44487 Affected Packages: dotnet6.0 Issue Correction: Run dnf update dotnet6.0...

7.5CVSS7.5AI score0.99999EPSS
Exploits19
CNNVD
CNNVD
added 2023/08/11 12:0 a.m.4 views

AudioCodes VoIP Trust Management Issues Vulnerability

AudioCodes VoIP is a series of desk phones from the Israeli company AudioCodes. A security vulnerability exists in AudioCodes VoIP desk phones version 3.4.4.1000 and earlier versions, which stems from the use of hard-coded keys in libacdes3.so...

7.5CVSS6.7AI score0.01131EPSS
Exploits2References5
CNNVD
CNNVD
added 2023/03/06 12:0 a.m.6 views

jeecg SQL注入漏洞

jeecg is a software application. An intelligent development platform based on a code generator. A security vulnerability exists in jeecg jeecg-boot version v3.4.4, which stems from the discovery of the inclusion of an SQL injection vulnerability via the build block report component...

8.8CVSS8.2AI score0.00842EPSS
Exploits1References2
OSV
OSV
added 2021/10/31 3:8 p.m.4 views

OPENSUSE-SU-2021:1426-1 Security update for dnsmasq

This update for dnsmasq fixes the following issues: Update to version 2.86 - CVE-2021-3448: fixed outgoing port used when --server is used with an interface name. bsc1183709 - CVE-2020-14312: Set --local-service by default bsc1173646. - Open inotify socket only when used bsc1180914. This update w...

5.9CVSS5.2AI score0.01988EPSS
Exploits1References6
Rows per page
Query Builder