Lucene search
K

637 matches found

Positive Technologies
Positive Technologies
added 2025/07/09 12:0 a.m.5 views

PT-2025-29240 · Juniper Networks · Junos

Name of the Vulnerable Software and Affected Versions: Juniper Networks Junos OS versions prior to 21.2R3-S9 Juniper Networks Junos OS versions 21.4 before 21.4R3-S11 Juniper Networks Junos OS versions 22.2 before 22.2R3-S7 Juniper Networks Junos OS versions 22.4 before 22.4R3-S7 Juniper Networks...

6.9CVSS6.3AI score0.00318EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2025/07/08 12:0 a.m.7 views

PT-2025-28756 · Unknown · Config Pages Viewer

Name of the Vulnerable Software and Affected Versions: Config Pages Viewer versions 0.0.0 through 1.0.4 Description: The issue is related to missing authentication for critical functions in Config Pages Viewer, which can be exploited due to incorrectly configured access control security levels...

5.3CVSS6.7AI score0.00265EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2025/07/07 12:0 a.m.5 views

PT-2025-28206 · Mediawiki +1 · Mediawiki +1

Name of the Vulnerable Software and Affected Versions: Mediawiki - FlaggedRevs Extension versions 1.43.X through 1.43.1 Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-Site Scripting XSS. This allows for Cross-Site Scripting XS...

5.4CVSS5.7AI score0.0017EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2025/07/07 12:0 a.m.4 views

PT-2025-28219 · Wegia · Wegia

Name of the Vulnerable Software and Affected Versions: WeGIA versions prior to 3.4.3 Description: A critical issue was identified in WeGIA, a web manager for charitable institutions. The /html/funcionario/profile funcionario.php endpoint is vulnerable due to the id funcionario parameter not being...

9.8CVSS7AI score0.00488EPSS
Exploits1References8
OpenVAS
OpenVAS
added 2025/07/07 12:0 a.m.5 views

Debian: Security Advisory (DSA-5959-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS6.8AI score0.03057EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2025/07/04 12:0 a.m.4 views

PT-2025-27937 · WordPress · Kossy - Minimalist Ecommerce Wordpress Theme

Name of the Vulnerable Software and Affected Versions: Kossy - Minimalist eCommerce WordPress Theme versions 1.45 and earlier Description: The issue affects the Kossy - Minimalist eCommerce WordPress Theme due to improper control of filename for include/require statement in PHP program, allowing...

8.1CVSS6.2AI score0.00397EPSS
Exploits0References3
OpenVAS
OpenVAS
added 2025/07/04 12:0 a.m.6 views

Wireshark 3.6.x < 3.6.14, 4.0.x < 4.0.6 Multiple Vulnerabilities (Jul 2025) - Mac OS X

Wireshark is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:wireshark:wireshark"; ifdescripti...

6.5CVSS6.8AI score0.02256EPSS
Exploits2References2
Tenable Nessus
Tenable Nessus
added 2025/07/03 12:0 a.m.5 views

AlmaLinux 9 : nodejs:20 (ALSA-2025:7426)

The remote AlmaLinux 9 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2025:7426 advisory. c-ares: c-ares has a use-after-free in readanswers CVE-2025-31498 Tenable has extracted the preceding description block directly from the AlmaLinux security...

8.3CVSS7.3AI score0.00577EPSS
Exploits0References3
OpenVAS
OpenVAS
added 2025/07/03 12:0 a.m.2 views

Debian: Security Advisory (DSA-5956-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS7.5AI score0.0233EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2025/07/01 12:0 a.m.3 views

Fedora 42 : chromium (2025-b434717c22)

The remote Fedora 42 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2025-b434717c22 advisory. Update to 137.0.7151.119 CVE-2025-6191: Integer overflow in V8 CVE-2025-6192: Use after free in Profiler Tenable has extracted the preceding...

8.8CVSS8.3AI score0.09224EPSS
Exploits0References3
OpenVAS
OpenVAS
added 2025/06/30 12:0 a.m.4 views

Huawei EulerOS: Security Advisory for expat (EulerOS-SA-2025-1686)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS8AI score0.01569EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2025/06/30 12:0 a.m.4 views

Huawei EulerOS: Security Advisory for augeas (EulerOS-SA-2025-1699)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

4.8CVSS7.5AI score0.00241EPSS
Exploits1References2
OpenVAS
OpenVAS
added 2025/06/30 12:0 a.m.4 views

Huawei EulerOS: Security Advisory for augeas (EulerOS-SA-2025-1684)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

4.8CVSS3.8AI score0.00241EPSS
Exploits1References2
Positive Technologies
Positive Technologies
added 2025/06/27 12:0 a.m.5 views

PT-2025-27188 · WordPress · Category Slider For Woocommerce

Name of the Vulnerable Software and Affected Versions: WPB Category Slider for WooCommerce versions 1.71 and earlier Description: The issue is related to an Improper Control of Filename for Include/Require Statement in PHP Program, also known as 'PHP Remote File Inclusion', which allows PHP Local...

7.5CVSS7.3AI score0.00449EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2025/06/27 12:0 a.m.6 views

PT-2025-27140 · Unknown · Directiq Email Marketing

Name of the Vulnerable Software and Affected Versions: DirectIQ Email Marketing versions n/a through 2.0 Description: The issue is related to an SQL Injection vulnerability due to improper neutralization of special elements used in an SQL command. This allows for SQL Injection attacks...

9.3CVSS8AI score0.00275EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2025/06/27 12:0 a.m.6 views

PT-2025-27192 · Unknown · Quick Favicon

Name of the Vulnerable Software and Affected Versions: Quick Favicon versions through 0.22.8 Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting, which allows Stored XSS. This enables an attacker to inject malicious...

5.9CVSS5.7AI score0.00212EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2025/06/27 12:0 a.m.8 views

PT-2025-27133 · Ancorathemes · Ancorathemes Citygov

Name of the Vulnerable Software and Affected Versions: AncoraThemes CityGov versions 1.9 and earlier Description: The issue is related to improper control of filename for include/require statement in PHP programs, also known as 'PHP Remote File Inclusion', which allows PHP Local File Inclusion...

8.1CVSS7AI score0.00397EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2025/06/27 12:0 a.m.6 views

PT-2025-27103 · Sneeit · Sneeit Magone

Name of the Vulnerable Software and Affected Versions: Sneeit MagOne versions through 8.5 Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting, which allows Reflected XSS. This means that an attacker can inject...

7.1CVSS6.2AI score0.00222EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2025/06/27 12:0 a.m.5 views

PT-2025-27207 · Zealousweb · Zealousweb Accept Stripe Payments Using Contact Form 7

Name of the Vulnerable Software and Affected Versions: ZealousWeb Accept Stripe Payments Using Contact Form 7 versions 3.0 and earlier Description: The issue allows the retrieval of embedded sensitive data due to the insertion of sensitive information into sent data. Recommendations: For ZealousW...

5.3CVSS6.7AI score0.00237EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2025/06/27 12:0 a.m.6 views

PT-2025-27096 · Unknown · Thembay Puca

Name of the Vulnerable Software and Affected Versions: thembay Puca versions n/a through 2.6.33 Description: The issue is related to an Improper Control of Filename for Include/Require Statement in PHP Program, also known as 'PHP Remote File Inclusion', which allows PHP Local File Inclusion. This...

8.1CVSS7.5AI score0.00489EPSS
Exploits0References3
Rows per page
Query Builder