Lucene search
K

14 matches found

Tenable Nessus
Tenable Nessus
added 2026/06/03 12:0 a.m.15 views

RockyLinux 9 : nginx:1.24 (RLSA-2026:19371)

The remote RockyLinux 9 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2026:19371 advisory. nginx: NGINX: Arbitrary Code Execution Vulnerability CVE-2026-42945 Tenable has extracted the preceding description block directly from the RockyLinux security...

9.2CVSS6.1AI score0.61469EPSS
Exploits40References3
ATTACKERKB
ATTACKERKB
added 2026/06/01 8:45 p.m.10 views

CVE-2026-10291

A security vulnerability has been detected in Enderfga claw-orchestrator up to 3.7.0. The impacted element is the function validateRegex of the file claw-orchestrator/src/embedded-server.ts of the component Session Grep Endpoint. The manipulation of the argument body.pattern leads to inefficient...

5.3CVSS5.4AI score0.00354EPSS
Exploits0References10Affected Software1
CNNVD
CNNVD
added 2026/03/25 12:0 a.m.7 views

WordPress plugin CitiLights 安全漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...

7.1CVSS5.6AI score0.00237EPSS
Exploits0References1
Patchstack
Patchstack
added 2025/03/27 2:51 a.m.2 views

WordPress Scheduled & Automatic Order Status Controller for WooCommerce plugin <= 3.7.1 - Open Redirection Vulnerability

Open Redirection Vulnerability discovered by Le Ngoc Anh in WordPress Plugin Scheduled & Automatic Order Status Controller for WooCommerce versions = 3.7.1...

4.7CVSS6.9AI score0.00436EPSS
Exploits0Affected Software1
VulnCheck KEV
VulnCheck KEV
added 2024/12/24 12:0 a.m.2 views

VulnCheck KEV: CVE-2024-48307

JeecgBoot v3.7.1 was discovered to contain a SQL injection vulnerability via the component /onlDragDatasetHead/getTotalData...

9.8CVSS5.8AI score0.4457EPSS
Exploits1References1
Elastic
Elastic
added 2024/06/05 8:57 p.m.9 views

Elastic Cloud Enterprise 3.7.1 Security Update (ESA-2024-08)

Elastic Cloud Enterprise - Uncontrolled Resource Consumption through HTTP/2 endpoints - CVE-2023-45288 ESA-2024-08 On April 4, 2024, the Go Project announced CVE-2023-45288, which can lead to CPU exhaustion as an attacker can cause an HTTP/2 endpoint to read arbitrary amounts of header data. In t...

7.5CVSS9.1AI score0.91969EPSS
Exploits1
CNNVD
CNNVD
added 2023/10/13 12:0 a.m.5 views

1E Platform SQL Injection Vulnerability

1E Platform is a terminal endpoint management and automation solution from 1E. A security vulnerability exists in 1E Platform versions prior to v8.1.2, prior to v8.4.1, prior to v9.0.1, and prior to v23.7.1 SaaS, which stems from the incorrect neutralization of special elements used in SQL...

9.9CVSS8.1AI score0.00642EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2023/06/29 12:15 a.m.2 views

CVE-2023-34738

Chemex through 3.7.1 is vulnerable to arbitrary file upload...

9.8CVSS7.5AI score0.0077EPSS
Exploits1References2
SUSE CVE
SUSE CVE
added 2023/02/15 4:26 a.m.5 views

SUSE CVE-2018-12035

In YARA 3.7.1 and prior, parsing a specially crafted compiled rule file can cause an out of bounds write vulnerability in yrexecutecode in libyara/exec.c...

7.8CVSS7.6AI score0.01243EPSS
Exploits1References3
Circl
Circl
added 2022/12/01 8:36 p.m.5 views

CVE-2022-3713

creationtimestamp| type| source ---|---|--- 2022-12-01 20:36:58+00:00| seen| https://t.me/cibsecurity/53778 2022-12-07 10:30:06+00:00| exploited| https://t.me/truesecator/3794...

8.8CVSS8.1AI score0.00682EPSS
Exploits0References2
CNNVD
CNNVD
added 2022/11/18 12:0 a.m.5 views

WordPress plugin Phone Orders for WooCommerce 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

6.5CVSS6.5AI score0.00591EPSS
Exploits0References3
Circl
Circl
added 2022/08/24 4:27 p.m.5 views

CVE-2022-37153

creationtimestamp| type| source ---|---|--- 2022-08-24 16:27:36+00:00| seen| https://t.me/cibsecurity/48640 2022-08-25 15:01:03+00:00| published-proof-of-concept| https://t.me/CyberSecurityTechnologies/6670 2025-09-17 21:02:39+00:00| seen|...

6.1CVSS6.3AI score0.01393EPSS
Exploits1References3
Positive Technologies
Positive Technologies
added 2019/07/12 12:0 a.m.8 views

PT-2019-11610 · Moodle +1 · Moodle +1

Name of the Vulnerable Software and Affected Versions: Moodle versions prior to 3.7.1 Moodle versions prior to 3.6.5 Moodle versions prior to 3.5.7 Description: A flaw was found in the XML loading/unloading admin tool where a sesskey CSRF token was not being utilized. Recommendations: For version...

8.8CVSS4.3AI score0.01093EPSS
Exploits0References21
Positive Technologies
Positive Technologies
added 2018/06/19 12:0 a.m.5 views

PT-2018-2307

Name of the Vulnerable Software and Affected Versions Sprockets versions 4.0.0.beta7 and lower Sprockets versions 3.7.1 and lower Sprockets versions 2.12.4 and lower Description The issue is related to errors in request processing, allowing a remote attacker to read files outside an application's...

7.5CVSS6.6AI score0.26717EPSS
Exploits2References60
Rows per page
Query Builder