Lucene search
K

6889 matches found

CNNVD
CNNVD
added 2025/12/05 12:0 a.m.2 views

WordPress plugin EPROLO Dropshipping 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A security...

4.3CVSS6.2AI score0.0019EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2025/12/05 12:0 a.m.8 views

PT-2025-49201

The EPROLO Dropshipping plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the wp ajax eprolo delete tracking and wp ajax eprolo save tracking data AJAX endpoints in all versions up to, and including, 2.3.1. This makes it possible for...

4.3CVSS5.1AI score0.0019EPSS
Exploits0References3
vulnersOsv
vulnersOsv
added 2025/12/04 10:3 p.m.5 views

openwebui-token-tracking (=0.1.7) potentially affected by CVE-2025-65959 via open-webui (=0.6.0)

open-webui PYPI version =0.6.0 is affected by a known vulnerability. The following packages have a transitive dependency on open-webui and may be impacted: - openwebui-token-tracking =0.1.7 Source cves: CVE-2025-65959 Source advisory: SNYK:PYTHON-OPENWEBUI-14189879...

8.7CVSS5.8AI score0.00193EPSS
Exploits1
vulnersOsv
vulnersOsv
added 2025/12/04 10:3 p.m.3 views

openwebui-token-tracking (=0.1.7) potentially affected by CVE-2025-65958 via open-webui (=0.6.0)

open-webui PYPI version =0.6.0 is affected by a known vulnerability. The following packages have a transitive dependency on open-webui and may be impacted: - openwebui-token-tracking =0.1.7 Source cves: CVE-2025-65958 Source advisory: OSV:GHSA-C6XV-RCVW-V685...

8.5CVSS5.4AI score0.03965EPSS
Exploits1
vulnersOsv
vulnersOsv
added 2025/12/04 10:3 p.m.10 views

openwebui-token-tracking (=0.1.7) potentially affected by CVE-2025-65958 via open-webui (=0.6.0)

open-webui PYPI version =0.6.0 is affected by a known vulnerability. The following packages have a transitive dependency on open-webui and may be impacted: - openwebui-token-tracking =0.1.7 Source cves: CVE-2025-65958 Source advisory: SNYK:PYTHON-OPENWEBUI-14190245...

8.5CVSS5.8AI score0.03965EPSS
Exploits1
vulnersOsv
vulnersOsv
added 2025/12/04 6:30 p.m.5 views

openwebui-token-tracking (=0.1.7) potentially affected by CVE-2025-63681 via open-webui (=0.6.0)

open-webui PYPI version =0.6.0 is affected by a known vulnerability. The following packages have a transitive dependency on open-webui and may be impacted: - openwebui-token-tracking =0.1.7 Source cves: CVE-2025-63681 Source advisory: OSV:GHSA-FRV8-GFFC-37PX...

4.3CVSS5.8AI score0.00259EPSS
Exploits1
vulnersOsv
vulnersOsv
added 2025/12/04 3:45 p.m.3 views

openwebui-token-tracking (=0.1.7) potentially affected by CVE-2025-63681 via open-webui (=0.6.0)

open-webui PYPI version =0.6.0 is affected by a known vulnerability. The following packages have a transitive dependency on open-webui and may be impacted: - openwebui-token-tracking =0.1.7 Source cves: CVE-2025-63681 Source advisory: SNYK:PYTHON-OPENWEBUI-14190592...

4.3CVSS5.8AI score0.00259EPSS
Exploits1
OSV
OSV
added 2025/12/04 9:5 a.m.8 views

RLSA-2025:22405 Moderate: kernel security update

The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: nfsd: handle getclientlocked failure in nfsd4setclientidconfirm CVE-2025-38724 kernel: wifi: cfg80211: fix use-after-free in cmpbss CVE-2025-39864 kernel: e1000e: fix heap overflow in...

7.6CVSS6.7AI score0.00194EPSS
Exploits0References9
Tenable Nessus
Tenable Nessus
added 2025/12/04 12:0 a.m.5 views

Oracle Linux 10 : expat (ELSA-2025-21030)

The remote Oracle Linux 10 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2025-21030 advisory. - Fix CVE-2025-59375 - backport allocation tracking improvements Tenable has extracted the preceding description block directly from the Oracle Linux security...

7.5CVSS6.3AI score0.01279EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2025/12/04 12:0 a.m.11 views

RockyLinux 9 : kernel (RLSA-2025:22405)

The remote RockyLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2025:22405 advisory. kernel: nfsd: handle getclientlocked failure in nfsd4setclientidconfirm CVE-2025-38724 kernel: wifi: cfg80211: fix use-after-free in cmpbss CVE-2025-398...

7.8CVSS6.9AI score0.00194EPSS
Exploits0References16
Fedora
Fedora
added 2025/12/03 12:59 a.m.11 views

[SECURITY] Fedora 43 Update: forgejo-13.0.3-1.fc43

Forgejo pronounced /for=CB=88d=CD=A1=CA=92e.jo/ is a lightweight software f orge. Use it to host git repositories, track their issues and allow people to contribute to them!...

7AI score
Exploits0
RedHat Linux
RedHat Linux
added 2025/12/01 11:6 a.m.4 views

kernel: iommu/vt-d: Disallow dirty tracking if incoherent page walk

A flaw was found in the Intel VT-d IOMMU support in the Linux kernel. When an IOMMU is configured to perform dirty-page tracking, but the page-walk memory region is incoherent between the IOMMU and CPU, the hardware may attempt to atomically update the bits in a paging-structure entry that is not...

5.8AI score0.00194EPSS
Exploits0References5
Packet Storm News
Packet Storm News
added 2025/12/01 12:0 a.m.3 views

Physical ID-Transfer Attacks against Multi-Object Tracking Via Adversarial Trajectory

Multi-Object Tracking MOT is a critical task in computer vision, with applications ranging from surveillance systems to autonomous driving. However, threats to MOT algorithms have yet been widely studied. In particular, incorrect association between the tracked objects and their assigned IDs can...

6.5AI score
Exploits0
CNNVD
CNNVD
added 2025/11/30 12:0 a.m.4 views

Tryton trytond 安全漏洞

Tryton trytond is a core application server from Tryton Open Source. A security vulnerability exists in Tryton trytond versions prior to 7.6.11 that stems from the potential disclosure of sensitive tracking information...

4.3CVSS6.1AI score0.00251EPSS
Exploits1References3
vulnersOsv
vulnersOsv
added 2025/11/27 12:30 p.m.5 views

pretix-tracking-scripts (>=1.0.0 <=1.0.1) potentially affected by CVE-2025-13742 via pretix (=2024.11.0)

pretix PYPI version =2024.11.0 is affected by a known vulnerability. The following packages have a transitive dependency on pretix and may be impacted: - pretix-tracking-scripts =1.0.0, =1.0.1 Source cves: CVE-2025-13742 Source advisory: OSV:GHSA-2MM6-624X-FQRR...

6.1CVSS5.4AI score0.00155EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2025/11/27 11:15 a.m.8 views

pretix-tracking-scripts (>=1.0.0 <=1.0.1) potentially affected by CVE-2025-13742 via pretix (=2024.11.0)

pretix PYPI version =2024.11.0 is affected by a known vulnerability. The following packages have a transitive dependency on pretix and may be impacted: - pretix-tracking-scripts =1.0.0, =1.0.1 Source cves: CVE-2025-13742 Source advisory: OSV:PYSEC-2025-154...

6.1CVSS5.8AI score0.00155EPSS
Exploits0
CNVD
CNVD
added 2025/11/27 12:0 a.m.3 views

Online Shopping Portal Insecure Direct Object Reference Vulnerability

Online Shopping Portal is an online store. Online Shopping Portal suffers from an insecure direct object reference vulnerability, which stems from the order tracking functionality not properly implementing an access control mechanism that directly references data sent from the client as an object...

4.3CVSS6.7AI score0.00214EPSS
Exploits1References1
OSV
OSV
added 2025/11/25 8:16 p.m.6 views

CVE-2025-65647

Insecure Direct Object Reference IDOR in the Track order function in PHPGURUKUL Online Shopping Portal 2.1 allows information disclosure via the oid parameter...

4.3CVSS5.8AI score0.00214EPSS
Exploits1References2
Wired Threat Level
Wired Threat Level
added 2025/11/25 7:54 p.m.7 views

ICE Offers Up to $280 Million to Immigrant-Tracking ‘Bounty Hunter’ Firms

Immigration and Customs Enforcement lifted a $180 million cap on a proposed immigrant-tracking program while guaranteeing multimillion-dollar payouts for private surveillance firms...

7AI score
Exploits0
RedhatCVE
RedhatCVE
added 2025/11/25 6:2 a.m.11 views

CVE-2025-13585

A vulnerability was detected in itsourcecode COVID Tracking System 1.0. This issue affects some unknown processing of the file /login.php. The manipulation of the argument code results in sql injection. The attack may be performed from remote. The exploit is now public and may be used...

9.8CVSS7.3AI score0.00339EPSS
Exploits1References1
Rows per page
Query Builder