Lucene search
K

41 matches found

EUVD
EUVD
added 2026/06/26 2:53 p.m.5 views

EUVD-2026-39754

Contributor Cross Site Scripting XSS in Fluent Booking = 2.1.0 versions...

6.5CVSS5.8AI score0.00161EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/05/27 8:47 a.m.9 views

CVE-2026-48877 WordPress GenerateBlocks plugin <= 2.1.0 - Sensitive Data Exposure vulnerability

Insertion of Sensitive Information Into Sent Data vulnerability in Tom GenerateBlocks allows Retrieve Embedded Sensitive Data. This issue affects GenerateBlocks: from n/a through 2.1.0...

6.5CVSS5.8AI score0.00298EPSS
Exploits0References1
IBM Security Bulletins
IBM Security Bulletins
added 2026/05/07 7:43 p.m.10 views

Security Bulletin: IBM Watson Discovery Cartridge affected by vulnerabilities in multer-2.0.2.tgz

Summary IBM Watson Discovery Cartridge affected by vulnerabilities in multer-2.0.2.tgz Vulnerability Details CVEID:CVE-2026-2359 DESCRIPTION: Multer is a node.js middleware for handling multipart/form-data. A vulnerability in Multer prior to version 2.1.0 allows an attacker to trigger a Denial of...

8.7CVSS5.8AI score0.00663EPSS
Exploits1Affected Software1
Snyk
Snyk
added 2026/04/01 10:13 p.m.5 views

Improper Verification of Cryptographic Signature

Overview @stablelib/ed25519 is an Ed25519 public-key signature EdDSA with Curve25519 Affected versions of this package are vulnerable to Improper Verification of Cryptographic Signature via the verify function. An attacker can generate a second distinct valid signature for the same message withou...

9.1CVSS5.9AI score
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/03/05 5:53 a.m.2 views

CVE-2026-27406 WordPress My Tickets plugin <= 2.1.0 - Sensitive Data Exposure vulnerability

Insertion of Sensitive Information Into Sent Data vulnerability in Joe Dolson My Tickets my-tickets allows Retrieve Embedded Sensitive Data.This issue affects My Tickets: from n/a through = 2.1.0...

5.8AI score0.00384EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/02/27 3:44 p.m.19 views

CVE-2026-3304 Multer vulnerable to Denial of Service via incomplete cleanup

Multer is a node.js middleware for handling multipart/form-data. A vulnerability in Multer prior to version 2.1.0 allows an attacker to trigger a Denial of Service DoS by sending malformed requests, potentially causing resource exhaustion. Users should upgrade to version 2.1.0 to receive a patch...

8.7CVSS0.00663EPSS
Exploits1References4
ATTACKERKB
ATTACKERKB
added 2026/02/27 3:42 p.m.6 views

CVE-2026-2359

Multer is a node.js middleware for handling multipart/form-data. A vulnerability in Multer prior to version 2.1.0 allows an attacker to trigger a Denial of Service DoS by dropping connection during file upload, potentially causing resource exhaustion. Users should upgrade to version 2.1.0 to...

8.7CVSS5.9AI score0.00663EPSS
Exploits0References5
Cvelist
Cvelist
added 2026/01/23 2:29 p.m.34 views

CVE-2026-24617 WordPress Easy Modal plugin <= 2.1.0 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Daniel Iser Easy Modal easy-modal allows Stored XSS.This issue affects Easy Modal: from n/a through = 2.1.0...

6.5CVSS0.00127EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/01/23 12:0 a.m.7 views

PT-2026-4389

Name of the Vulnerable Software and Affected Versions WP Term Order versions through 2.1.0 Description A Cross-Site Request Forgery CSRF issue exists in WP Term Order. This allows attackers to perform actions on behalf of authenticated users without their knowledge. Recommendations Update WP Term...

5.3AI score0.00133EPSS
Exploits0References3
NVD
NVD
added 2026/01/20 3:16 p.m.8 views

CVE-2025-1722

IBM Concert 1.0.0 through 2.1.0 could allow a remote attacker to obtain sensitive information from allocated memory due to improper clearing of heap memory...

7.5CVSS0.00334EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/01/20 3:1 p.m.6 views

CVE-2025-1719 Multiple Vulnerabilities in IBM Concert Software

IBM Concert 1.0.0 through 2.1.0 could allow a remote attacker to obtain sensitive information from allocated memory due to improper clearing of heap memory...

5.9CVSS5.8AI score0.00334EPSS
Exploits0References1
Patchstack
Patchstack
added 2026/01/11 1:44 p.m.6 views

WordPress Easy Modal plugin <= 2.1.0 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by Doan Dinh Van in WordPress Plugin Easy Modal versions = 2.1.0...

6.5CVSS5.3AI score0.00127EPSS
Exploits0Affected Software1
RedhatCVE
RedhatCVE
added 2026/01/10 5:41 a.m.7 views

CVE-2025-22509

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in TMRW-studio Atlas atlas allows PHP Local File Inclusion.This issue affects Atlas: from n/a through = 2.1.0...

8.1CVSS5.9AI score0.00512EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/12/26 12:0 a.m.4 views

PT-2025-53582

Name of the Vulnerable Software and Affected Versions IBM Concert versions 1.0.0 through 2.1.0 Description The software potentially allows a remote attacker to access sensitive information stored in memory due to insufficient clearing of heap memory. Recommendations Update to a version later than...

7.5CVSS6.4AI score0.00286EPSS
Exploits0References7
RedhatCVE
RedhatCVE
added 2025/12/10 2:22 p.m.4 views

CVE-2025-64257

Missing Authorization vulnerability in Joe Dolson My Tickets my-tickets allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects My Tickets: from n/a through = 2.1.0...

4.3CVSS7AI score0.00197EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/09/17 12:0 a.m.4 views

PT-2025-38258

Name of the Vulnerable Software and Affected Versions Dragonfly versions prior to 2.1.0 Description Dragonfly, an open source P2P-based file distribution and image acceleration system, disables TLS certificate verification in its HTTP clients. These clients are not configurable, preventing users...

9.9CVSS9AI score0.02829EPSS
Exploits11References45
Positive Technologies
Positive Technologies
added 2025/09/17 12:0 a.m.7 views

PT-2025-38273

Name of the Vulnerable Software and Affected Versions Dragonfly versions prior to 2.1.0 Description Dragonfly2 uses the MD5 hash function for downloaded files, which does not provide collision resistance. This allows attackers to replace files with malicious ones that have a colliding hash. An...

9.9CVSS9.1AI score0.02829EPSS
Exploits11References45
OSV
OSV
added 2025/05/28 9:31 a.m.4 views

GHSA-98V7-XXXV-HCRH Apache InLong: JDBC Vulnerability for Invisible Character Bypass Leading to Arbitrary File Read

Deserialization of Untrusted Data vulnerability in Apache InLong. This issue affects Apache InLong: from 1.13.0 through 2.1.0. This vulnerability allows attackers to bypass the security mechanisms of InLong JDBC and leads to arbitrary file reading. Users are advised to upgrade to Apache InLong's...

8.7CVSS7.4AI score0.00576EPSS
Exploits0References5
RedhatCVE
RedhatCVE
added 2025/05/23 2:11 a.m.6 views

CVE-2023-6069

Improper Link Resolution Before File Access in GitHub repository froxlor/froxlor prior to 2.1.0...

9.9CVSS6.8AI score0.00836EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/23 1:52 a.m.9 views

CVE-2023-2228

Cross-Site Request Forgery CSRF in GitHub repository modoboa/modoboa prior to 2.1.0...

6.8CVSS6.9AI score0.00378EPSS
Exploits1References1
Rows per page
Query Builder