Lucene search
K

9 matches found

Positive Technologies
Positive Technologies
added 2026/06/22 12:0 a.m.18 views

PT-2026-51315

Name of the Vulnerable Software and Affected Versions libxml2 versions 2.9.11 through 2.11.0 Description A Use After Free issue exists in the xmlParseInternalSubset function of libxml2. This occurs due to improper entity resolution handling, which allows a remote attacker to cause a...

8.3CVSS5.8AI score0.00289EPSS
Exploits0References13
Patchstack
Patchstack
added 2025/12/19 11:6 p.m.11 views

WordPress Ultimate Member plugin <= 2.11.0 - Unauthenticated Sensitive Information Exposure vulnerability

Unauthenticated Sensitive Information Exposure vulnerability discovered by Athiwat Tiprasaharn Jitlada in WordPress Plugin Ultimate Member versions = 2.11.0...

5.3CVSS6.7AI score0.00437EPSS
Exploits0References1Affected Software1
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2019-0416

Malware in sbrugna...

6.1CVSS6.1AI score0.0515EPSS
Exploits0References11
IBM Security Bulletins
IBM Security Bulletins
added 2025/09/11 6:9 p.m.3 views

Security Bulletin: IBM Fusion and IBM Fusion HCI are vulnerable to cross-site scripting due to DOMPurify (WS-2024-0017)

Summary The Fusion Web UI uses DOMPurify which is vulnerable to an attacker bypassing sanitizers and executing JavaScript code. WS-2024-0017 Vulnerability Details WSID: WS-2024-0017 DESCRIPTION: Insufficient checks in DOMPurify allows an attacker to bypass sanitizers and execute arbitrary...

6.8AI score
Exploits0Affected Software3
Positive Technologies
Positive Technologies
added 2024/02/15 12:0 a.m.2 views

PT-2024-18399 · Scrapy +3 · Scrapy +3

Name of the Vulnerable Software and Affected Versions: Scrapy versions 2.6.0 through 2.11.0 Scrapy versions prior to 1.8.4 Description: A Regular Expression Denial of Service ReDoS vulnerability exists in the XMLFeedSpider class of the Scrapy project, specifically in the parsing of XML content. B...

8.8CVSS6.9AI score0.01243EPSS
Exploits5References38
Gentoo Linux
Gentoo Linux
added 2024/01/12 12:0 a.m.51 views

FreeRDP: Multiple Vulnerabilities

Background FreeRDP is a free implementation of the remote desktop protocol. Description Multiple vulnerabilities have been discovered in FreeRDP. Please review the CVE identifiers referenced below for details. Impact Please review the referenced CVE identifiers for details. Workaround There is no...

9.8CVSS7.8AI score0.01529EPSS
Exploits17
OSV
OSV
added 2019/06/06 3:29 p.m.18 views

GHSA-CJ6J-32RG-45R2 Cross-site Scripting in JSPWiki

A carefully crafted InterWiki link could trigger an XSS vulnerability on Apache JSPWiki 2.9.0 to 2.11.0.M3, which could lead to session hijacking...

6.1CVSS5.9AI score0.04701EPSS
Exploits0References2
CNVD
CNVD
added 2018/01/04 12:0 a.m.4 views

Mautic Arbitrary File Download Vulnerability

Mautic is an open source marketing automation software. The software monitors and manages websites, sends emails and manages customer resources. A security vulnerability exists in Mautic versions 1.0.0 through 2.11.0. An attacker can exploit the vulnerability to download arbitrary files from the...

6.5CVSS7AI score0.01403EPSS
Exploits1References1
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2011/05/10 12:0 a.m.38 views

JVN#37878530: EC-CUBE vulnerable to cross-site request forgery

EC-CUBE provided by LOCKON CO.,LTD. is an open source system for creating shopping websites. EC-CUBE contains a cross-site request forgery vulnerability. Impact If a user views a malicious page while logged in, information stored within EC-CUBE may be altered. Solution Update the Software Apply t...

5.8CVSS6AI score0.0061EPSS
Exploits0
Rows per page
Query Builder