Lucene search
K

14 matches found

NVD
NVD
added 6 days ago7 views

CVE-2026-53914

In JetBrains Kotlin before 2.4.20 code execution was possible via unsafe deserialization in the build cache metadata...

9.8CVSS0.00196EPSS
Exploits0References1
NVD
NVD
added 2026/06/04 10:16 p.m.9 views

CVE-2026-42547

IRIS is a web collaborative platform that helps incident responders share technical details during investigations. In versions prior to 2.4.28, users can create alerts for customers that are not assigned to them. This can be abused to falsely attribute fake alerts to customers. In combination wit...

5.4CVSS0.00174EPSS
Exploits0References2
EUVD
EUVD
added 2026/06/04 9:8 p.m.10 views

EUVD-2026-34330

IRIS is a web collaborative platform that helps incident responders share technical details during investigations. In versions prior to 2.4.28, users can create alerts for customers that are not assigned to them. This can be abused to falsely attribute fake alerts to customers. In combination wit...

5.4CVSS5.8AI score0.00174EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/04 8:57 p.m.28 views

CVE-2026-42540 IRIS has a Mass Assignment issue

IRIS is a web collaborative platform that helps incident responders share technical details during investigations. Versions prior to 2.4.28 allow a user to alter values in the database via manipulated API requests. Version 2.4.28 contains a patch...

4.3CVSS0.00183EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/04 8:57 p.m.8 views

EUVD-2026-34328

IRIS is a web collaborative platform that helps incident responders share technical details during investigations. Versions prior to 2.4.28 allow a user to alter values in the database via manipulated API requests. Version 2.4.28 contains a patch...

4.3CVSS5.8AI score0.00183EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/04 7:31 p.m.8 views

EUVD-2026-34320

Iris is a web collaborative platform that helps incident responders share technical details during investigations. Prior to version 2.4.28, DFIR-IRIS exposes an optional GraphQL endpoint at /graphql that does not enforce the same authorization checks as the REST API. Any authenticated user can...

7.1CVSS5.9AI score0.00246EPSS
Exploits0References1
Patchstack
Patchstack
added 2026/04/22 10:25 a.m.5 views

WordPress EmallShop theme <= 2.4.21 - PHP Object Injection vulnerability

PHP Object Injection vulnerability discovered by Phat RiO in WordPress Theme EmallShop versions = 2.4.21...

5.3AI score0.00308EPSS
Exploits0Affected Software1
Cvelist
Cvelist
added 2026/03/10 11:21 p.m.29 views

CVE-2026-2569 Dear Flipbook <= 2.4.20 - Authenticated (Auhtor+) Stored Cross-Site Scripting via PDF Page Labels

The Dear Flipbook – PDF Flipbook, 3D Flipbook, PDF embed, PDF viewer plugin for WordPress is vulnerable to Stored Cross-Site Scripting via PDF page labels in all versions up to, and including, 2.4.20 due to insufficient input sanitization and output escaping. This makes it possible for...

6.4CVSS0.00152EPSS
Exploits0References2
CVE
CVE
added 2026/03/10 11:21 p.m.14 views

CVE-2026-2569

The CVE-2026-2569 entry corresponds to the WordPress plugin Dear Flipbook – PDF Flipbook, 3D Flipbook, PDF embed, PDF viewer (3d-flipbook-dflip-lite) with a Stored Cross-Site Scripting flaw via PDF page labels in all versions up to 2.4.20. The issue is caused by insufficient input sanitization an...

6.4CVSS5.9AI score0.00152EPSS
Exploits0References2
CNNVD
CNNVD
added 2025/02/27 12:0 a.m.3 views

WordPress plugin FooGallery 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site...

5.1CVSS7.7AI score0.00384EPSS
Exploits0References3
Patchstack
Patchstack
added 2024/05/20 1:17 a.m.4 views

WordPress Piotnet Addons For Elementor plugin <= 2.4.26 - Authenticated (Contributor+) Stored Cross-Site Scripting via Multiple Widgets vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting via Multiple Widgets vulnerability discovered by Ankit Patel in WordPress Plugin Piotnet Addons For Elementor versions = 2.4.26...

6.4CVSS5.8AI score0.00342EPSS
Exploits0References1Affected Software1
Positive Technologies
Positive Technologies
added 2020/04/27 12:0 a.m.5 views

PT-2020-12481 · Percona · Percona Xtrabackup

Name of the Vulnerable Software and Affected Versions: Percona XtraBackup versions prior to 2.4.20 Description: The issue allows sensitive information to be unintentionally written to backup files and the PERCONA SCHEMA.xtrabackup history table when the --history option is used. This may include...

6.5CVSS6.2AI score0.00951EPSS
Exploits0References16
VulnCheck KEV
VulnCheck KEV
added 2017/06/20 12:0 a.m.5 views

VulnCheck KEV: CVE-2003-0127

The kernel module loader in Linux kernel 2.2.x before 2.2.25, and 2.4.x before 2.4.21, allows local users to gain root privileges by using ptrace to attach to a child process that is spawned by the kernel...

7.2CVSS5.8AI score0.01584EPSS
Exploits5References1
RedHat Linux
RedHat Linux
added 2014/02/24 5:57 p.m.20 views

openldap: segfault on certain queries with rwm overlay

The rwm overlay in OpenLDAP 2.4.23, 2.4.36, and earlier does not properly count references, which allows remote attackers to cause a denial of service slapd crash by unbinding immediately after a search request, which triggers rwmconndestroy to free the session context while it is being used by...

4.3CVSS6.2AI score0.10913EPSS
Exploits1References4
Rows per page
Query Builder