Lucene search
K

14 matches found

NVD
NVD
added 4 days ago8 views

CVE-2026-13489

A weakness has been identified in 78 xiaozhi-esp32 up to 2.2.6. Affected by this issue is the function ParseMessage of the file main/mcpserver.cc of the component MCP Response Handler. This manipulation causes improper synchronization. Remote exploitation of the attack is possible. The attack's...

3.1CVSS0.00228EPSS
Exploits0References7
NVD
NVD
added 2026/06/17 10:54 a.m.10 views

CVE-2026-46905

Vulnerability in the JD Edwards EnterpriseOne Tools product of Oracle JD Edwards component: Web Runtime Security. Supported versions that are affected are 9.2.0.0-9.2.26.2. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise JD Edwards...

9.8CVSS0.00483EPSS
Exploits0References1
Patchstack
Patchstack
added 2026/03/23 1:12 p.m.6 views

WordPress Review Schema plugin <= 2.2.6 - Sensitive Data Exposure vulnerability

Sensitive Data Exposure vulnerability discovered by Doan Dinh Van in WordPress Plugin Review Schema versions = 2.2.6...

6.5CVSS5.8AI score0.0027EPSS
Exploits0Affected Software1
RedhatCVE
RedhatCVE
added 2026/01/09 10:42 a.m.11 views

CVE-2022-26748

An out-of-bounds write issue was addressed with improved input validation. This issue is fixed in Security Update 2022-004 Catalina, macOS Monterey 12.4, macOS Big Sur 11.6.6. Processing maliciously crafted web content may lead to arbitrary code execution...

8.8CVSS7AI score0.01371EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/12/10 2:22 p.m.2 views

CVE-2025-67550

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in rhewlif Donation Thermometer donation-thermometer allows Stored XSS.This issue affects Donation Thermometer: from n/a through = 2.2.6...

6.5CVSS6AI score0.00161EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/12/09 2:14 p.m.2 views

CVE-2025-67550 WordPress Donation Thermometer plugin <= 2.2.6 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in rhewlif Donation Thermometer donation-thermometer allows Stored XSS.This issue affects Donation Thermometer: from n/a through = 2.2.6...

6.5CVSS5.6AI score0.00161EPSS
Exploits0References1
Circl
Circl
added 2025/08/14 10:0 a.m.3 views

CVE-2024-49879

creationtimestamp| type| source ---|---|--- 2025-08-14 10:00:00+00:00| seen| https://www.cisa.gov/news-events/ics-advisories/icsa-25-226-07...

5.5CVSS7.3AI score0.00249EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2024/05/15 12:0 a.m.4 views

PT-2024-40368 · Adobe · Magento Open Source +1

Name of the Vulnerable Software and Affected Versions: Magento Commerce and Open Source versions prior to 2.2.6 Magento Commerce and Open Source versions prior to 2.1.15 Description: The issue concerns security enhancements to address Cross-Site Scripting XSS and other vulnerabilities...

6.5AI score
Exploits0References4
OSV
OSV
added 2023/11/30 2:15 p.m.3 views

CVE-2023-47645

Cross-Site Request Forgery CSRF vulnerability in RegistrationMagic RegistrationMagic – Custom Registration Forms, User Registration, Payment, and User Login allows Cross Site Request Forgery.This issue affects RegistrationMagic – Custom Registration Forms, User Registration, Payment, and User...

8.8CVSS7.3AI score
Exploits0References1
Positive Technologies
Positive Technologies
added 2023/11/30 12:0 a.m.5 views

PT-2023-30650 · WordPress · Wpforo Forum

Name of the Vulnerable Software and Affected Versions: wpForo Forum versions through 2.2.6 Description: The issue is related to Cross-Site Request Forgery CSRF and Missing Authorization, allowing unauthorized access to functionality not properly constrained by Access Control Lists ACLs. This can...

8.8CVSS9AI score0.00267EPSS
Exploits0References7
CNNVD
CNNVD
added 2023/05/30 12:0 a.m.4 views

WordPress plugin Otter 代码问题漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress plugin is an application plugin that supports personal blog sites on PHP and MySQL servers. A code issue vulnerability exists in the WordPress...

8.8CVSS8.5AI score0.17973EPSS
Exploits2References2
Circl
Circl
added 2022/04/06 3:10 p.m.5 views

CVE-2022-26631

creationtimestamp| type| source ---|---|--- 2022-04-06 15:10:40+00:00| published-proof-of-concept| https://t.me/GithubRedTeam/1877 2022-04-18 18:23:22+00:00| seen| https://t.me/cibsecurity/41010...

9.8CVSS8.7AI score0.01118EPSS
Exploits0References2
OSV
OSV
added 2018/03/13 3:29 p.m.2 views

CVE-2018-1000092

CMS Made Simple version versions 2.2.5 contains a Cross ite Request Forgery CSRF vulnerability in Admin profile page that can result in Details can be found here http://dev.cmsmadesimple.org/bug/view/11715. This attack appear to be exploitable via A specially crafted web page. This vulnerability...

8.8CVSS5.7AI score0.00393EPSS
Exploits1References1
Positive Technologies
Positive Technologies
added 2007/09/14 12:0 a.m.15 views

PT-2007-5645 · Apache +1 · Apache Http Server +1

Name of the Vulnerable Software and Affected Versions: Apache HTTP Server versions prior to 2.2.6 Description: A cross-site scripting XSS issue allows remote attackers to inject arbitrary web script or HTML via the P parameter using the UTF-7 charset when the charset on a server-generated page is...

10CVSS6.3AI score0.96436EPSS
Exploits89References125
Rows per page
Query Builder