Lucene search
K

4 matches found

Tenable Nessus
Tenable Nessus
added 2025/04/08 12:0 a.m.10 views

SUSE SLED15 / SLES15 / openSUSE 15 : Recommended update for apache-commons-io (SUSE-SU-SUSE-RU-2025:1150-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-SUSE-RU-2025:1150-1 advisory. apache-commons-io was updated from version 2.15.1 to 2.18.0: - Key changes across versions: Clean...

4.3CVSS6.9AI score0.01249EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2025/02/05 10:24 a.m.6 views

CVE-2024-12313

The Compare Products for WooCommerce plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 3.2.1 via deserialization of untrusted input from the 'woocomparelist' cookie. This makes it possible for unauthenticated attackers to inject a PHP Object. No know...

8.1CVSS7.3AI score0.00778EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2023/01/13 6:5 p.m.8 views

CVE-2023-22491 gatsby-transformer-remark vulnerable to unsanitized JavaScript code injection

Gatsby is a free and open source framework based on React that helps developers build websites and apps. The gatsby-transformer-remark plugin prior to versions 5.25.1 and 6.3.2 passes input through to the gray-matter npm package, which is vulnerable to JavaScript injection in its default...

8.1CVSS8.2AI score0.00613EPSS
Exploits1References1
Veracode
Veracode
added 2021/02/03 4:10 a.m.19 views

OS Command Injection

mechanize is vulnerable to OS command injection. The Kernel.open method could be used to inject and execute arbitrary OS commands invoked through several class methods. Exploitation is possible when untrusted input is used as a local filename and is passed to the affected functions...

8.3CVSS3.6AI score0.03507EPSS
Exploits0References12Affected Software2
Rows per page
Query Builder