Lucene search
K

15 matches found

RedhatCVE
RedhatCVE
added 2026/04/09 7:23 p.m.5 views

CVE-2026-39648

Missing Authorization vulnerability in themebeez Cream Blog cream-blog allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Cream Blog: from n/a through = 2.1.7...

5.3CVSS5.9AI score0.0019EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/04/08 8:30 a.m.7 views

CVE-2026-39565

Missing Authorization vulnerability in magepeopleteam WpTravelly tour-booking-manager allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WpTravelly: from n/a through = 2.1.7...

5.9AI score0.00165EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/04/08 6:43 a.m.3 views

CVE-2026-5167 Masteriyo LMS <= 2.1.7 - Unauthenticated Authorization Bypass to Arbitrary Order Completion via Stripe Webhook Endpoint

The Masteriyo LMS – Online Course Builder for eLearning, LMS & Education plugin for WordPress is vulnerable to Authorization Bypass Through User-Controlled Key in versions up to and including 2.1.7. This is due to insufficient webhook signature verification in the handlewebhook function. The...

5.3CVSS6AI score0.00375EPSS
Exploits0References6
OSV
OSV
added 2026/03/10 6:18 p.m.4 views

CVE-2026-25605

A vulnerability has been identified in SICAM SIAPP SDK All versions V2.1.7. The affected application performs file deletion without properly validating the file path or target. An attacker could delete files or sockets that the affected process has permission to remove, potentially resulting in...

7.1CVSS5.7AI score0.00123EPSS
Exploits0References1
OSV
OSV
added 2026/03/10 6:18 p.m.6 views

CVE-2026-25569

A vulnerability has been identified in SICAM SIAPP SDK All versions V2.1.7. An out-of-bounds write vulnerability exists in SICAM SIAPP SDK. This could allow an attacker to write data beyond the intended buffer, potentially leading to denial of service, or arbitrary code execution...

7.8CVSS6.3AI score0.00143EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2026/01/20 12:0 a.m.5 views

MiracleLinux 8 : php:7.4 (AXSA:2022-3573:01)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2022-3573:01 advisory. php: Local privilege escalation via PHP-FPM CVE-2021-21703 php: SSRF bypass in FILTERVALIDATEURL CVE-2021-21705 Tenable has extracted the preceding...

7.8CVSS5.6AI score0.01945EPSS
Exploits2References3
Patchstack
Patchstack
added 2025/08/14 12:0 a.m.8 views

WordPress Blocksy Theme <= 2.1.6 is vulnerable to Cross Site Scripting (XSS)

Software Blocksy Type Theme Vulnerable versions = 2.1.6 Fixed in 2.1.7 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2025-55713 Patch priority Low CVSS severity Low 5.9 Developer Creative Themes PSID 05f50ffb9258 Credits savphill Required privilege Shop manager...

5.9CVSS6.9AI score0.0017EPSS
Exploits0References1Affected Software1
Positive Technologies
Positive Technologies
added 2025/04/01 12:0 a.m.5 views

PT-2025-14429 · Unknown · Ai Auto Tool Content Writing Assistant

Name of the Vulnerable Software and Affected Versions: Ai Auto Tool Content Writing Assistant Gemini Writer, ChatGPT All in One versions n/a through 2.1.7 Description: The issue is related to an SQL Injection vulnerability, specifically an Improper Neutralization of Special Elements used in an SQ...

8.5CVSS9.2AI score0.00424EPSS
Exploits0References6
Circl
Circl
added 2025/02/27 4:30 a.m.5 views

CVE-2025-21730

creationtimestamp| type| source ---|---|--- 2025-02-27 04:30:09+00:00| seen| https://t.me/cvedetector/18976 2026-03-19 00:00:00+00:00| seen| https://www.cert.ssi.gouv.fr/avis/CERTFR-2026-AVI-0316/...

5.5CVSS6.5AI score0.00168EPSS
Exploits0References2
Patchstack
Patchstack
added 2024/06/06 6:36 p.m.4 views

WordPress Contact Form Builder, Contact Widget plugin <= 2.1.7 - Bypass Vulnerability vulnerability

Bypass Vulnerability vulnerability discovered by Joshua Chan Patchstack Alliance in WordPress Plugin Contact Form Builder, Contact Widget versions = 2.1.7...

5.3CVSS6.9AI score0.00372EPSS
Exploits0Affected Software1
Vulnrichment
Vulnrichment
added 2023/04/11 7:13 p.m.13 views

CVE-2023-21769 Microsoft Message Queuing (MSMQ) Denial of Service Vulnerability

...

7.5CVSS7.6AI score0.91524EPSS
Exploits0References1
CNNVD
CNNVD
added 2023/02/24 12:0 a.m.5 views

URule 代码问题漏洞

URule is a pure Java rules engine by Gao Jie youseries individual developers. URule v2.1.7 version has a security vulnerability, the vulnerability stems from the existence of XML external entity XXE vulnerability, an attacker can be exploited to exploit the vulnerability by the carefully crafted...

9.8CVSS8.8AI score0.01192EPSS
Exploits1References3
CNVD
CNVD
added 2019/08/29 12:0 a.m.3 views

CloudBees Jenkins Stored Cross-Site Scripting Vulnerability

CloudBees Jenkins Hudson Labs is the United States CloudBees company's set of Java-based development of continuous integration tools. The product is mainly used to monitor the continuous software version of the release/test project and some timed tasks . LTS is a long-term support for...

4.8CVSS8.1AI score0.01371EPSS
Exploits0References1
Cvelist
Cvelist
added 1976/01/01 12:0 a.m.31 views

CVE-2026-21747

...

Exploits0
CVE
CVE
added 1976/01/01 12:0 a.m.13 views

CVE-2026-21744

CVE-2026-21744 entry is rejected/not used and does not represent an active vulnerability.

Exploits0
Rows per page
Query Builder