Lucene search
K

14 matches found

EUVD
EUVD
added 6 days ago7 views

EUVD-2026-39713

Subscriber Arbitrary File Upload in Travel Booking = 2.2.5 versions...

9.9CVSS5.8AI score0.00362EPSS
Exploits0References1
NVD
NVD
added 2026/02/16 7:17 a.m.8 views

CVE-2026-2538

A security flaw has been discovered in Flos Freeware Notepad2 4.2.22/4.2.23/4.2.24/4.2.25. Affected is an unknown function in the library Msimg32.dll. Performing a manipulation results in uncontrolled search path. Attacking locally is a requirement. The attack's complexity is rated as high. The...

7.3CVSS0.00157EPSS
Exploits0References4
ATTACKERKB
ATTACKERKB
added 2026/02/06 5:19 p.m.5 views

CVE-2026-1769

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Xerox CentreWare on Windows allows Stored XSS.This issue affects CentreWare: through 7.0.6. Consider upgrading Xerox® CentreWare Web® to v7.2.2.25 via the software available on Xerox.com...

5.3CVSS5.4AI score0.00146EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/01/20 12:0 a.m.6 views

MiracleLinux 9 : kernel-5.14.0-70.30.1.el9_0 (AXSA:2023-5105:05)

The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2023-5105:05 advisory. posix cpu timer use-after-free may lead to local privilege escalation CVE-2022-2585 Unprivileged users may use PTRACESEIZE to set...

7.8CVSS6.8AI score0.01284EPSS
Exploits4References3
NVD
NVD
added 2025/11/11 4:15 a.m.3 views

CVE-2025-11168

The Mementor Core plugin for WordPress is vulnerable to Privilege Escalation in all versions up to, and including, 2.2.5. This is due to plugin not properly handling the user switch back function. This makes it possible for authenticated attackers, with Subscriber-level access and above, to eleva...

8.8CVSS0.00283EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2025/10/13 12:0 a.m.5 views

Linux Distros Unpatched Vulnerability : CVE-2022-50544

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - usb: host: xhci: Fix potential memory leak in xhciallocstreaminfo xhciallocstreaminfo allocates stream context array for streaminfo -streamctxarray with...

5.5CVSS6.1AI score0.00147EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2025/05/22 10:32 p.m.5 views

CVE-2022-25196

Jenkins GitLab Authentication Plugin 1.13 and earlier records the HTTP Referer header as part of the URL query parameters when the authentication process starts, allowing attackers with access to Jenkins to craft a URL that will redirect users to an attacker-specified URL after logging in...

5.4CVSS6.7AI score0.00712EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/01/07 12:0 a.m.7 views

PT-2025-1760 · WordPress · Wp Job Portal

Name of the Vulnerable Software and Affected Versions: WP Job Portal – A Complete Recruitment System for Company or Job Board website plugin for WordPress versions up to, and including, 2.2.5 Description: The issue is related to Insecure Direct Object Reference due to missing validation on a user...

4.3CVSS6.8AI score0.00303EPSS
Exploits0References7
CNNVD
CNNVD
added 2024/02/23 12:0 a.m.3 views

Intel Ethernet Adapters and Intel Ethernet Controller I225 Manageability firmware security vulnerability

Intel Ethernet Adapters and Intel Ethernet Controllers are products of Intel Corporation, USA. Intel Ethernet Adapters are Ethernet adapters. Intel Ethernet Controllers are Ethernet controllers. Intel Ethernet Adapters and Intel Ethernet Controllers are products of Intel Corporation. A security...

6CVSS6.3AI score0.00229EPSS
Exploits0References2
OSV
OSV
added 2023/11/07 4:15 p.m.4 views

CVE-2023-22719

Improper Neutralization of Formula Elements in a CSV File vulnerability in GiveWP.This issue affects GiveWP: from n/a through 2.25.1...

9.8CVSS5.8AI score0.00629EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2022/12/08 12:0 a.m.3 views

PT-2022-36381 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v5.4.225 Description: The issue is related to the 9p/trans fd functionality, where it does not always use O NONBLOCK for read/write operations. The actual impact and potential for attack have not been proven yet...

7.2AI score
Exploits0References1
PyPA
PyPA
added 2021/12/08 12:15 a.m.5 views

PYSEC-2021-439

In Django 2.2 before 2.2.25, 3.1 before 3.1.14, and 3.2 before 3.2.10, HTTP requests for URLs with trailing newlines could bypass upstream access control based on URL paths...

7.5CVSS6.9AI score0.02295EPSS
Exploits0References5Affected Software1
Positive Technologies
Positive Technologies
added 2021/12/07 12:0 a.m.7 views

PT-2021-24086 · Django +4 · Django +4

Name of the Vulnerable Software and Affected Versions: Django versions 2.2 before 2.2.25 Django versions 3.1 before 3.1.14 Django versions 3.2 before 3.2.10 Description: HTTP requests for URLs with trailing newlines could bypass upstream access control based on URL paths. This issue has low...

9.8CVSS6.8AI score0.49246EPSS
Exploits4References551
OSV
OSV
added 2018/03/13 3:29 p.m.2 views

CVE-2018-1000092

CMS Made Simple version versions 2.2.5 contains a Cross ite Request Forgery CSRF vulnerability in Admin profile page that can result in Details can be found here http://dev.cmsmadesimple.org/bug/view/11715. This attack appear to be exploitable via A specially crafted web page. This vulnerability...

8.8CVSS5.7AI score0.00393EPSS
Exploits1References1
Rows per page
Query Builder