Lucene search
K

15 matches found

CNNVD
CNNVD
added 2026/03/11 12:0 a.m.5 views

WordPress plugin Happy Addons for Elementor 安全漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows users to create personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that extends the...

5.4CVSS5.8AI score0.00193EPSS
Exploits0References6
RedhatCVE
RedhatCVE
added 2026/01/23 9:17 p.m.3 views

CVE-2025-67940

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Mikado-Themes Powerlift powerlift allows PHP Local File Inclusion.This issue affects Powerlift: from n/a through 3.2.1...

8.1CVSS5.5AI score0.00504EPSS
Exploits0References1
NVD
NVD
added 2026/01/14 6:16 p.m.6 views

CVE-2026-22856

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.20.1, a race in the serial channel IRP thread tracking allows a heap use‑after‑free when one thread removes an entry from serial-IrpThreads while another reads it. This vulnerability is fixed in 3.20.1...

8.1CVSS0.00286EPSS
Exploits1References2
Positive Technologies
Positive Technologies
added 2026/01/01 12:0 a.m.5 views

PT-2026-3460

Name of the Vulnerable Software and Affected Versions FreeRDP versions prior to 3.21.0 Description The issue is a buffer overflow in the Glyph Alloc function of the FreeRDP Remote Desktop Protocol client. The FastGlyph parsing component trusts the cbData/remaining length and does not validate it...

9.8CVSS7.2AI score0.00534EPSS
Exploits5References247
Patchstack
Patchstack
added 2025/12/31 12:0 a.m.4 views

WordPress Compare Products for WooCommerce plugin <= 3.2.1 - Reflected Cross-Site Scripting vulnerability

Reflected Cross-Site Scripting vulnerability discovered by vgo0 in WordPress Plugin Compare Products for WooCommerce versions = 3.2.1...

6.1CVSS5.4AI score0.00354EPSS
Exploits0References1Affected Software1
EUVD
EUVD
added 2025/12/09 6:30 p.m.4 views

EUVD-2025-202140

Missing Authorization vulnerability in Mikado-Themes Powerlift powerlift allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Powerlift: from n/a through 3.2.1...

6.5AI score0.00239EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2025-27724

Malicious code in bioql PyPI...

4.3CVSS6.5AI score0.00239EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/09/09 7:46 p.m.3 views

CVE-2025-58442 Saleor has user enumeration vulnerability due to different error messages

Saleor is an e-commerce platform. Starting in version 3.21.0 and prior to version 3.21.16, requesting certain fields in the response of accountRegister may result in errors that could unintentionally reveal whether a user with the provided email already exists in Saleor. Version 3.21.16 fixes the...

5.3CVSS6.1AI score0.0029EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2025/05/23 2:52 a.m.3 views

CVE-2023-0878

Cross-site Scripting XSS - Generic in GitHub repository nuxt/framework prior to 3.2.1...

6.1CVSS6.4AI score0.00528EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/23 12:28 a.m.11 views

CVE-2022-48175

Rukovoditel v3.2.1 was discovered to contain a remote code execution RCE vulnerability in the component /rukovoditel/index.php?module=dashboard/ajaxrequest...

9.8CVSS8.3AI score0.0174EPSS
Exploits1
NVD
NVD
added 2025/02/25 3:15 p.m.4 views

CVE-2025-26751

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Fahad Mahmood Alphabetic Pagination alphabetic-pagination allows Reflected XSS.This issue affects Alphabetic Pagination: from n/a through = 3.2.1...

7.1CVSS0.00252EPSS
Exploits0References1
CNVD
CNVD
added 2020/03/17 12:0 a.m.4 views

Nagios NRPE Heap Buffer Overflow Vulnerability

Nagios NRPE is an extension of Nagios to execute plug-in programs on remote Linux/Unix hosts. A heap buffer overflow vulnerability exists in Nagios NRPE 3.2.1. An attacker could exploit this vulnerability to cause a denial of service...

7.5CVSS7.5AI score0.03871EPSS
Exploits1References1
CNVD
CNVD
added 2018/04/04 12:0 a.m.3 views

iScripts EasyCreate cross-site scripting vulnerability (CNVD-2018-08315)

IScripts EasyCreate is a set of online website builder from Iscripts, Inc. The tool can be used on the server for the client to provide website building services , belong to the fully customizable . A cross-site scripting vulnerability exists in the Site title field in IScripts EasyCreate version...

5.4CVSS6.1AI score0.01882EPSS
Exploits4References1
RedHat Linux
RedHat Linux
added 2012/02/09 4:33 p.m.4 views

kernel: igmp: Avoid zero delay when receiving odd mixture of IGMP queries

The igmpheardquery function in net/ipv4/igmp.c in the Linux kernel before 3.2.1 allows remote attackers to cause a denial of service divide-by-zero error and panic via IGMP packets...

7.8CVSS7.2AI score0.20492EPSS
Exploits5References4
securityvulns
securityvulns
added 2001/08/17 12:0 a.m.77 views

[LoWNOISE] Tomcat 3.2.1 ..0 DoS &#40;WinNT&#41;

-- LoWNOISE Aug/2001 -- Jakarta-Tomcat v3.2.1 Maybe Others Tested on: Apache 1.3.19 WinNT 4.0 The Problems: --Path Revealing and Method discovery Example: http://host/index.jsp Error: 500 Location: /index.jsp Internal Servlet Error: org.apache.jasper.JasperException: Unable to compile class for J...

0.1AI score
Exploits0
Rows per page
Query Builder