Lucene search
K

34 matches found

RedhatCVE
RedhatCVE
added 2026/01/07 9:18 a.m.5 views

CVE-2025-1351

IBM Storage Virtualize 8.5, 8.6, and 8.7 products could allow a user to escalate their privileges to that of another user logging in at the same time due to a race condition in the login function...

7CVSS6.4AI score0.00086EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/07 9:12 a.m.18 views

CVE-2025-1313

The Nokri - Job Board WordPress Theme theme for WordPress is vulnerable to privilege escalation via account takeover in all versions up to, and including, 1.6.3. This is due to the plugin not properly validating a user's identity prior to updating their details like email address. This makes it...

8.8CVSS6.9AI score0.00371EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2003-0944

Malware in sbrugna...

7.2CVSS6.4AI score0.00419EPSS
Exploits0References7
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2021-11078

Malware in sbrugna...

4.3CVSS4.8AI score0.00889EPSS
Exploits2References3
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2012-5969

Malware in sbrugna...

4CVSS6.2AI score0.01118EPSS
Exploits0References4
EUVD
EUVD
added 2025/10/07 12:30 a.m.3 views

EUVD-2018-14251

Malware in sbrugna...

6.5CVSS6.6AI score0.00924EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/07 12:30 a.m.3 views

EUVD-2007-0952

Malware in sbrugna...

2.1CVSS6AI score0.00394EPSS
Exploits0References26
EUVD
EUVD
added 2025/10/07 12:30 a.m.8 views

EUVD-2003-0690

Malware in sbrugna...

7.5CVSS6.1AI score0.01961EPSS
Exploits0References9
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2023-59420

Malicious code in bioql PyPI...

7.5CVSS9AI score0.00456EPSS
Exploits2References3
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2024-27382

Malicious code in bioql PyPI...

5.5CVSS5.6AI score0.00153EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2024-51297

Malicious code in bioql PyPI...

5.4CVSS6.3AI score0.00272EPSS
Exploits1References2
Positive Technologies
Positive Technologies
added 2025/07/22 12:0 a.m.3 views

PT-2025-30447 · Duracomm · Duracomm Dp-10In-100-Mu +1

Name of the Vulnerable Software and Affected Versions: DuraComm SPM-500 DP-10iN-100-MU DuraComm DP-10iN-100-MU Description: The software is susceptible to a cross-site scripting attack, potentially preventing legitimate users from accessing the web interface. Recommendations: At the moment, there...

8.1CVSS5.6AI score0.00337EPSS
Exploits0References8
RedhatCVE
RedhatCVE
added 2025/05/23 8:19 a.m.5 views

CVE-2024-10970

The The Motors – Car Dealer, Classifieds & Listing plugin for WordPress is vulnerable to arbitrary shortcode execution in all versions up to, and including, 1.4.43. This is due to the software allowing users to execute an action that does not properly validate a value before running doshortcode...

5.4CVSS7.3AI score0.00323EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 5:13 a.m.19 views

CVE-2023-23469

IBM ICP4A - Automation Decision Services 18.0.0, 18.0.1, 18.0.2, 19.0.1, 19.0.2, 19.0.3, 20.0.1, 20.0.2, 20.0.3, 21.0.1, 21.0.2, 21.0.3, 22.0.1, and 22.0.2 allows web pages to be stored locally which can be read by another user on the system. IBM X-Force ID: 244504...

4CVSS5.8AI score0.00179EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 1:52 a.m.8 views

CVE-2023-2190

An issue has been discovered in GitLab CE/EE affecting all versions starting from 13.10 before 15.11.10, all versions starting from 16.0 before 16.0.6, all versions starting from 16.1 before 16.1.1. It may be possible for users to view new commits to private projects in a fork created while the...

6.5CVSS6.3AI score0.00663EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 1:49 a.m.9 views

CVE-2023-2300

The Contact Form Builder by vcita plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'email' parameter in versions up to, and including, 4.9.1 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers with the editposts...

6.4CVSS5.8AI score0.0051EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/22 11:9 p.m.6 views

CVE-2022-35898

OpenText BizManager before 16.6.0.1 does not perform proper validation during the change-password operation. This allows any authenticated user to change the password of any other user, including the Administrator account...

9.8CVSS6.9AI score0.0064EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 8:43 a.m.7 views

CVE-2019-5602

In FreeBSD 12.0-STABLE before r349628, 12.0-RELEASE before 12.0-RELEASE-p7, 11.3-PRERELEASE before r349629, 11.3-RC3 before 11.3-RC3-p1, and 11.2-RELEASE before 11.2-RELEASE-p11, a bug in the cdrom driver allows users with read access to the cdrom device to arbitrarily overwrite kernel memory whe...

9CVSS6.7AI score0.0409EPSS
Exploits0References1
OSV
OSV
added 2025/05/15 6:31 p.m.6 views

GHSA-H356-3MFW-X368 Mattermost Fails to Verify User's Permissions When Accessing Groups

Mattermost versions 10.5.x = 10.5.2, 9.11.x = 9.11.11 failed to properly verify a user's permissions when accessing groups, which allows an attacker to view group information via an API request...

4.3CVSS6.4AI score0.00257EPSS
Exploits0References3
OSV
OSV
added 2025/05/15 6:31 p.m.10 views

GHSA-FPFF-WJ6M-GRVR Mattermost Fails to Check User Access to `ExperimentalSettings`

Mattermost versions 10.5.x = 10.5.2, 9.11.x = 9.11.11 fail to check RestrictSystemAdmin setting if user doesn't have access to ExperimentalSettings which allows a System Manager to access ExperimentSettings when RestrictSystemAdmin is true via System Console...

2.7CVSS6.7AI score0.00278EPSS
Exploits0References3
Rows per page
Query Builder