Lucene search
K

12638 matches found

RedhatCVE
RedhatCVE
added 2025/08/16 9:26 a.m.10 views

CVE-2025-5998

The PPWP – Password Protect Pages WordPress plugin before version 1.9.11 allows to put the site content behind a password authorization, however users with subscriber or greater roles can view content via the REST API...

6.5CVSS7.1AI score0.0029EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/08/15 2:20 p.m.9 views

CVE-2025-55163

A flaw was found in Netty where malformed client requests can trigger server-side stream resets without triggering abuse counters. This issue, referred to as the "MadeYouReset" attack, allows malicious clients to induce excessive server workload by repeatedly causing server-side stream aborts...

8.2CVSS5.9AI score0.00979EPSS
Exploits1References5
RedhatCVE
RedhatCVE
added 2025/08/15 2:20 p.m.10 views

CVE-2025-54074

Cherry Studio is a desktop client that supports for multiple LLM providers. From versions 1.2.5 to 1.5.1, Cherry Studio is vulnerable to OS Command Injection during a connection with a malicious MCP server in HTTP Streamable mode. Attackers can setup a malicious MCP server with compatible OAuth...

7.7CVSS8.1AI score0.02144EPSS
Exploits1References1
NVD
NVD
added 2025/08/15 8:15 a.m.9 views

CVE-2025-9021

A vulnerability was determined in SourceCodester Online Bank Management System up to 1.0. This vulnerability affects unknown code of the file /bank/transfer.php. The manipulation of the argument email leads to sql injection. The attack can be initiated remotely...

9.8CVSS0.00463EPSS
Exploits0References4
CVE
CVE
added 2025/08/15 8:2 a.m.21 views

CVE-2025-9021

SourceCodester Online Bank Management System up to version 1.0 contains a SQL injection in /bank/transfer.php caused by manipulation of the email parameter. The vulnerability is reported as remotely exploitable, with attack complexity low and no privileges required; CVSS data indicates a high-imp...

9.8CVSS7.7AI score0.00463EPSS
Exploits0References4Affected Software1
Vulnrichment
Vulnrichment
added 2025/08/15 8:2 a.m.4 views

CVE-2025-9021 SourceCodester Online Bank Management System transfer.php sql injection

A vulnerability was determined in SourceCodester Online Bank Management System up to 1.0. This vulnerability affects unknown code of the file /bank/transfer.php. The manipulation of the argument email leads to sql injection. The attack can be initiated remotely...

7.5CVSS7.5AI score0.00463EPSS
Exploits0References4
Cvelist
Cvelist
added 2025/08/15 8:2 a.m.14 views

CVE-2025-9021 SourceCodester Online Bank Management System transfer.php sql injection

A vulnerability was determined in SourceCodester Online Bank Management System up to 1.0. This vulnerability affects unknown code of the file /bank/transfer.php. The manipulation of the argument email leads to sql injection. The attack can be initiated remotely...

7.5CVSS0.00463EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2025/08/15 12:0 a.m.8 views

PT-2025-33455 · Sourcecodester · Sourcecodester Online Dj Management System

Name of the Vulnerable Software and Affected Versions: SourceCodester Online Bank Management System version 1.0 Description: A vulnerability exists in SourceCodester Online Bank Management System up to version 1.0. The issue affects unknown code within the /bank/transfer.php file. Manipulation of...

9.8CVSS8AI score0.00463EPSS
Exploits0References9
Tenable Nessus
Tenable Nessus
added 2025/08/15 12:0 a.m.5 views

FreeBSD : nginx -- worker process memory disclosure (eb03714d-79f0-11f0-b4c1-ac5afc632ba3)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the eb03714d-79f0-11f0-b4c1-ac5afc632ba3 advisory. F5 reports: NGINX Open Source and NGINX Plus have a vulnerability in the ngxmailsmtpmodule that might...

6.3CVSS5.8AI score0.00371EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2025/08/15 12:0 a.m.4 views

Linux Distros Unpatched Vulnerability : CVE-2021-47304

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: tcp: fix tcpinittransfer to not reset icskcainitialized This commit fixes a bug found by...

5.5CVSS6AI score0.00235EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/08/15 12:0 a.m.3 views

Linux Distros Unpatched Vulnerability : CVE-2019-9807

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - When arbitrary text is sent over an FTP connection and a page reload is initiated, it is possible to create a modal alert message with this text as the content...

4.3CVSS7.2AI score0.00791EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2025/08/15 12:0 a.m.3 views

Linux Distros Unpatched Vulnerability : CVE-2021-47475

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - comedi: vmk80xx: fix transfer-buffer overflows The driver uses endpoint-sized USB transfer buffers but up until recently had no sanity checks on the sizes. Comm...

7.8CVSS6.3AI score0.00259EPSS
Exploits0References2
CNNVD
CNNVD
added 2025/08/15 12:0 a.m.4 views

SourceCodester Online Bank Management System 注入漏洞

SourceCodester Online Bank Management System is a SourceCodester open source online bank management system. SourceCodester Online Bank Management System 1.0 and earlier versions exist injection vulnerability, the vulnerability stems from the file /bank/transfer.php parameter email mishandling lea...

9.8CVSS7.7AI score0.00463EPSS
Exploits0References6
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/08/14 6:52 p.m.3 views

Malicious code in ftp-adaptor (npm)

The package ftp-adaptor was found to contain malicious code...

7AI score
Exploits0
NVD
NVD
added 2025/08/14 5:15 p.m.8 views

CVE-2025-20306

A vulnerability in the web-based management interface of Cisco Secure Firewall Management Center FMC Software could allow an authenticated, remote attacker with Administrator-level privileges to execute arbitrary commands on the underlying operating system. This vulnerability is due to insufficie...

4.9CVSS0.00344EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/08/14 4:30 p.m.8 views

CVE-2025-20268 Cisco Secure Firewall Threat Defense Software Geolocation Remote Access VPN Bypass Vulnerability

A vulnerability in the Geolocation-Based Remote Access RA VPN feature of Cisco Secure Firewall Threat Defense FTD Software could allow an unauthenticated, remote attacker to bypass configured policies to allow or deny HTTP connections based on a country or region. This vulnerability exists becaus...

5.8CVSS0.00449EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/08/14 4:29 p.m.2 views

CVE-2025-20263 Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software Web Services Buffer Overflow Denial of Service Vulnerability

A vulnerability in the web services interface of Cisco Secure Firewall Adaptive Security Appliance ASA Software and Cisco Secure Firewall Threat Defense FTD Software could allow an unauthenticated, remote attacker to cause a buffer overflow on an affected system. This vulnerability is due to...

8.6CVSS7.8AI score0.00603EPSS
Exploits0References1
CVE
CVE
added 2025/08/14 4:29 p.m.21 views

CVE-2025-20251

CVE-2025-20251 affects Cisco Secure Firewall ASA/FTD VPN Web Server: authenticated remote attacker can use crafted HTTP requests to create or delete arbitrary files on the OS due to insufficient input validation, potentially dropping VPN sessions and causing DoS; device reboot may be required. Ex...

8.5CVSS7.4AI score0.00407EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/08/14 8:48 a.m.5 views

CVE-2025-5998 PPWP < 1.9.11 - Subscriber+ Access Bypass via REST API

The PPWP – Password Protect Pages WordPress plugin before version 1.9.11 allows to put the site content behind a password authorization, however users with subscriber or greater roles can view content via the REST API...

7AI score0.0029EPSS
Exploits1References1
Tenable Nessus
Tenable Nessus
added 2025/08/14 12:0 a.m.5 views

FreeBSD : www/varnish7 -- Denial of Service in HTTP/2 (e2d49973-785a-11f0-a1c0-0050569f0b83)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the e2d49973-785a-11f0-a1c0-0050569f0b83 advisory. Varnish Development Team reports: A denial of service attack can be performed on Varnish Cache servers...

7.5CVSS6.2AI score0.04604EPSS
Exploits3References3
Rows per page
Query Builder