Lucene search
K

13369 matches found

Snyk
Snyk
added 2025/10/28 2:4 a.m.1 views

Malicious Package

Overview energy-portal is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...

9.8CVSS6.8AI score
Exploits0References2
Snyk
Snyk
added 2025/10/28 1:39 a.m.1 views

Malicious Package

Overview vite-plugin-es6-compat is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this packag...

9.8CVSS6.8AI score
Exploits0References2
RedhatCVE
RedhatCVE
added 2025/10/28 1:34 a.m.4 views

CVE-2025-62884

Missing Authorization vulnerability in Elliot Sowersby / RelyWP Coupon Affiliates woo-coupon-usage allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Coupon Affiliates: from n/a through = 7.2.0...

5.3CVSS5.9AI score0.00249EPSS
Exploits0References1
Snyk
Snyk
added 2025/10/27 5:30 p.m.5 views

Improper Resource Shutdown or Release

Overview org.apache.tomcat:tomcat-catalina is a Tomcat Servlet Engine Core Classes and Standard implementations. Affected versions of this package are vulnerable to Improper Resource Shutdown or Release due to the delayed cleaning of multipart upload temporary files. An attacker can cause a...

6CVSS7.1AI score0.01139EPSS
Exploits0References2
Cvelist
Cvelist
added 2025/10/27 10:9 a.m.7 views

CVE-2025-59459 Denial-of-service (DoS) via resource consumption

An attacker that gains SSH access to an unprivileged account may be able to disrupt services including SSH, causing persistent loss of availability...

5.5CVSS0.00315EPSS
Exploits0References6
Snyk
Snyk
added 2025/10/27 7:25 a.m.6 views

Malicious Package

Overview jquery-ui-source is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...

9.8CVSS6.8AI score
Exploits0References2
Snyk
Snyk
added 2025/10/27 7:18 a.m.2 views

Malicious Package

Overview paysafe-client-proxy is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...

9.8CVSS6.8AI score
Exploits0References2
Snyk
Snyk
added 2025/10/27 6:44 a.m.1 views

Malicious Package

Overview graphclient is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package authorshi...

9.8CVSS6.8AI score
Exploits0References2
Snyk
Snyk
added 2025/10/27 6:11 a.m.1 views

Malicious Package

Overview eslint-comments is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...

9.8CVSS6.8AI score
Exploits0References2
Snyk
Snyk
added 2025/10/27 6:11 a.m.2 views

Malicious Package

Overview unused-imports is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...

9.8CVSS6.8AI score
Exploits0References2
Snyk
Snyk
added 2025/10/27 6:11 a.m.3 views

Malicious Package

Overview op-cli-installer is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...

9.8CVSS6.8AI score
Exploits0References2
EUVD
EUVD
added 2025/10/27 3:30 a.m.5 views

EUVD-2025-36053

Missing Authorization vulnerability in Elliot Sowersby / RelyWP Coupon Affiliates woo-coupon-usage allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Coupon Affiliates: from n/a through = 7.0.3...

5.3CVSS6.5AI score0.00249EPSS
Exploits0References2
NVD
NVD
added 2025/10/27 2:15 a.m.4 views

CVE-2025-62884

Missing Authorization vulnerability in Elliot Sowersby / RelyWP Coupon Affiliates woo-coupon-usage allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Coupon Affiliates: from n/a through = 7.2.0...

5.3CVSS0.00249EPSS
Exploits0References1
CVE
CVE
added 2025/10/27 1:33 a.m.7 views

CVE-2025-62884

CVE-2025-62884 affects the WordPress Coupon Affiliates plugin (woo-coupon-usage) with broken access control due to Missing Authorization, impacting versions up to 7.0.3 (some sources cite up to 7.2.0). The issue enables access to functionality not constrained by ACLs. Base metrics indicate CVSS v...

5.3CVSS5.9AI score0.00249EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/10/27 1:33 a.m.2 views

CVE-2025-62884 WordPress Coupon Affiliates plugin <= 7.2.0 - Broken Access Control vulnerability

Missing Authorization vulnerability in Elliot Sowersby / RelyWP Coupon Affiliates woo-coupon-usage allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Coupon Affiliates: from n/a through = 7.2.0...

5.3CVSS5.2AI score0.00249EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/10/27 12:0 a.m.4 views

PT-2025-43764

Missing Authorization vulnerability in Elliot Sowersby / RelyWP Coupon Affiliates woo-coupon-usage allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Coupon Affiliates: from n/a through = 7.0.3...

5.3CVSS7AI score0.00249EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2025/10/25 6:17 a.m.9 views

CVE-2025-9978

The Jeg Kit for Elementor WordPress plugin before 2.7.0 does not sanitize SVG file contents when uploaded via xmlrpc.php, leading to a cross site scripting vulnerability...

6.8CVSS6.2AI score0.00275EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/24 6:30 p.m.3 views

EUVD-2022-54526

In the Linux kernel, the following vulnerability has been resolved: cfi: Fix cfislowpathdiag RCU usage with cpuidle RCUNONIDLE usage during cfislowpathdiag can result in an invalid RCU state in the cpuidle code path: WARNING: CPU: 1 PID: 0 at kernel/rcu/tree.c:613 rcueqsenter+0xe4/0x138 ... Call...

5.5CVSS5.1AI score0.00237EPSS
Exploits0References4
SUSE Linux
SUSE Linux
added 2025/10/24 12:38 p.m.2 views

Security update for haproxy

This update for haproxy fixes the following issues: CVE-2025-11230: Fixed mjson JSON decoder excessive resource consumption bsc1250983 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can run...

6.9CVSS7.1AI score0.00469EPSS
Exploits0References4
Snyk
Snyk
added 2025/10/24 3:3 a.m.1 views

Malicious Package

Overview glowmotion is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package authorship...

9.8CVSS6.8AI score
Exploits0References2
Rows per page
Query Builder