Lucene search
K

9 matches found

RedhatCVE
RedhatCVE
added 2025/12/15 4:34 a.m.4 views

CVE-2025-13126

The wpForo Forum plugin for WordPress is vulnerable to generic SQL Injection via the postargs and topicargs parameters in all versions up to, and including, 2.4.12 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes ...

7.5CVSS6.8AI score0.00322EPSS
Exploits0References1
OSV
OSV
added 2025/09/11 6:15 p.m.4 views

ALPINE-CVE-2025-58060

OpenPrinting CUPS is an open source printing system for Linux and other Unix-like operating systems. In versions 2.4.12 and earlier, when the AuthType is set to anything but Basic, if the request contains an Authorization: Basic ... header, the password is not checked. This results in...

8CVSS7AI score0.00964EPSS
Exploits1References1
Cvelist
Cvelist
added 2025/09/11 5:26 p.m.10 views

CVE-2025-58364 cups: Remote DoS via null dereference

OpenPrinting CUPS is an open source printing system for Linux and other Unix-like operating systems. In versions 2.4.12 and earlier, an unsafe deserialization and validation of printer attributes causes null dereference in the libcups library. This is a remote DoS vulnerability available in local...

6.5CVSS0.01063EPSS
Exploits1References2
Vulnrichment
Vulnrichment
added 2025/09/11 5:6 p.m.2 views

CVE-2025-58060 cups has Authentication bypass with AuthType Negotiate

OpenPrinting CUPS is an open source printing system for Linux and other Unix-like operating systems. In versions 2.4.12 and earlier, when the AuthType is set to anything but Basic, if the request contains an Authorization: Basic ... header, the password is not checked. This results in...

8CVSS6.7AI score0.00964EPSS
Exploits1References2
Patchstack
Patchstack
added 2024/04/19 2:11 a.m.5 views

WordPress Easy Custom Auto Excerpt plugin <= 2.4.12 - Sensitive Information Exposure vulnerability

Sensitive Information Exposure vulnerability discovered by Krzysztof Zając in WordPress Plugin Easy Custom Auto Excerpt versions = 2.4.12...

5.3CVSS7AI score0.00573EPSS
Exploits0References1Affected Software1
SUSE CVE
SUSE CVE
added 2023/02/15 5:50 a.m.5 views

SUSE CVE-2011-3372

imap/nntpd.c in the NNTP server nntpd for Cyrus IMAPd 2.4.x before 2.4.12 allows remote attackers to bypass authentication by sending an AUTHINFO USER command without sending an additional AUTHINFO PASS command...

7.5CVSS7.4AI score0.03364EPSS
Exploits0References3
OSV
OSV
added 2022/03/18 6:15 p.m.4 views

ALPINE-CVE-2022-0547

OpenVPN 2.1 until v2.4.12 and v2.5.6 may enable authentication bypass in external authentication plug-ins when more than one of them makes use of deferred authentication replies, which allows an external user to be granted access with only partially correct credentials...

9.8CVSS7.1AI score0.03519EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2021/07/15 12:0 a.m.5 views

PT-2021-3932 · Advantech · Advantech R-Seenet

Name of the Vulnerable Software and Affected Versions: Advantech R-SeeNet version 2.4.12 Description: The issue exists in the telnet form.php script functionality, allowing for cross-site scripting vulnerabilities. If a user visits a specially crafted URL, it can lead to arbitrary JavaScript code...

9.6CVSS7.7AI score0.12293EPSS
Exploits1References5
CNVD
CNVD
added 2019/02/28 12:0 a.m.5 views

Wireshark Null Pointer Dereference Vulnerability (CNVD-2019-18501)

Wireshark formerly known as Ethereal is a network packet analyzer software developed by the Wireshark team. The function of the software is to intercept network packets and display detailed data for analysis. A null pointer dereference vulnerability exists in the TCAP parser in Wireshark versions...

7.5CVSS8.1AI score0.03863EPSS
Exploits1References1
Rows per page
Query Builder