Lucene search
+L

112 matches found

CVE
CVE
added 2025/10/07 12:37 p.m.25 views

CVE-2025-40889

CVE-2025-40889 involves a path traversal in Nozomi Networks Guardian/CMC Time Machine functionality caused by inadequate validation of two input parameters. An authenticated user with limited privileges can craft requests to potentially alter file structures/content in the /data directory or affe...

8.1CVSS6.3AI score0.00379EPSS
Exploits0References1Affected Software2
EUVD
EUVD
added 2025/10/07 12:30 a.m.7 views

EUVD-2011-3425

Malware in sbrugna...

5CVSS6.1AI score0.01562EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2019-18057

Malware in sbrugna...

5.3CVSS6.9AI score0.00433EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2012-0707

Malware in sbrugna...

4.3CVSS6.2AI score0.01792EPSS
Exploits0References4
EUVD
EUVD
added 2025/10/07 12:30 a.m.8 views

EUVD-2008-0051

Malware in sbrugna...

1.9CVSS6.1AI score0.00334EPSS
Exploits1References8
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2016-2869

Malware in sbrugna...

5.3CVSS5.7AI score0.01667EPSS
Exploits0References5
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2008-3605

Malware in sbrugna...

2.1CVSS6.2AI score0.00374EPSS
Exploits1References8
EUVD
EUVD
added 2025/10/07 12:30 a.m.9 views

EUVD-2010-1823

Malware in sbrugna...

4.3CVSS6.1AI score0.01698EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2025/10/07 12:0 a.m.7 views

PT-2025-40992

Name of the Vulnerable Software and Affected Versions Time Machine affected versions not specified Description A path traversal issue exists in the Time Machine functionality because of inadequate input validation of two parameters. An authenticated user with limited privileges can potentially...

8.1CVSS6.2AI score0.00379EPSS
Exploits0References5
NOZOMI
NOZOMI
added 2025/10/07 12:0 a.m.6 views

Path traversal in Time Machine functionality in Guardian/CMC before 25.2.0

Summary A path traversal vulnerability was discovered in the Time Machine functionality due to missing validation of two input parameters. Impact An authenticated user with limited privileges, by issuing a specifically-crafted request, can potentially alter the structure and content of files in t...

8.1CVSS6.6AI score0.00379EPSS
Exploits0Affected Software2
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2025-9523

Malicious code in bioql PyPI...

6.1CVSS7.1AI score0.00301EPSS
Exploits0References4
Packet Storm News
Packet Storm News
added 2025/05/27 12:0 a.m.19 views

JavaSith: a Client-Side Framework for Analyzing Potentially Malicious Extensions in Browsers, VS Code, and NPM Packages

Modern software supply chains face an increasing threat from malicious code hidden in trusted components such as browser extensions, IDE extensions, and open-source packages. This paper introduces JavaSith, a novel client-side framework for analyzing potentially malicious extensions in web...

7.1AI score
Exploits0
RedhatCVE
RedhatCVE
added 2025/05/22 6:50 a.m.10 views

CVE-2019-8667

An inconsistent user interface issue was addressed with improved state management. This issue is fixed in macOS Mojave 10.14.6. The encryption status of a Time Machine backup may be incorrect...

5.3CVSS5.9AI score0.00433EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 4:13 a.m.5 views

CVE-2011-3462

Time Machine in Apple Mac OS X before 10.7.3 does not verify the unique identifier of its remote AFP volume or Time Capsule, which allows remote attackers to obtain sensitive information contained in new backups by spoofing this storage object, a different vulnerability than CVE-2010-1803...

5CVSS5.9AI score0.01698EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/04/02 9:21 a.m.19 views

CVE-2025-3097 wp Time Machine <= 3.4.0 - Cross-Site Request Forgery to Stored Cross-Site Scripting

The wp Time Machine plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 3.4.0. This is due to missing or incorrect nonce validation on the 'wpTimeMachineCore.php' page. This makes it possible for unauthenticated attackers to update settings and...

6.1CVSS0.00301EPSS
Exploits0References3
CVE
CVE
added 2025/04/02 9:21 a.m.67 views

CVE-2025-3097

CVE-2025-3097 affects the WordPress plugin wp Time Machine. It is vulnerable to Cross-Site Request Forgery due to missing nonce validation on wpTimeMachineCore.php in all versions up to 3.4.0. This allows unauthenticated attackers to update settings and inject malicious web scripts via forged req...

6.1CVSS6.7AI score0.00301EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2025/04/02 9:21 a.m.17 views

CVE-2025-3097 wp Time Machine <= 3.4.0 - Cross-Site Request Forgery to Stored Cross-Site Scripting

The wp Time Machine plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 3.4.0. This is due to missing or incorrect nonce validation on the 'wpTimeMachineCore.php' page. This makes it possible for unauthenticated attackers to update settings and...

6.1CVSS6.7AI score0.00301EPSS
Exploits0References3
CNNVD
CNNVD
added 2025/04/02 12:0 a.m.6 views

WordPress plugin wp Time Machine 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting...

6.1CVSS6.4AI score0.00301EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2025/04/02 12:0 a.m.9 views

PT-2025-14475 · WordPress · Time Machine

Name of the Vulnerable Software and Affected Versions: wp Time Machine plugin for WordPress versions up to, and including, 3.4.0 Description: The issue is related to Cross-Site Request Forgery due to missing or incorrect nonce validation on the 'wpTimeMachineCore.php' page. This allows...

6.1CVSS9.4AI score0.00301EPSS
Exploits0References7
Patchstack
Patchstack
added 2025/04/01 10:32 p.m.8 views

WordPress wp Time Machine plugin <= 3.4.0 - Cross-Site Request Forgery to Stored Cross-Site Scripting vulnerability

Cross-Site Request Forgery to Stored Cross-Site Scripting vulnerability discovered by johska in WordPress Plugin wp Time Machine versions = 3.4.0...

6.1CVSS6.4AI score0.00301EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder