Lucene search
+L

407 matches found

EUVD
EUVD
added 2026/07/11 2:31 a.m.8 views

EUVD-2026-43126

The LA-Studio Element Kit for Elementor plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 1.6.1 via the gettypetemplate function. This makes it possible for authenticated attackers, with contributor-level access and above, to include and execute...

7.5CVSS6.5AI score0.00565EPSS
Exploits0References7
NVD
NVD
added 2026/07/10 10:16 p.m.8 views

CVE-2026-58588

Improper Neutralization of Input During Web Page Generation "Cross-site Scripting" vulnerability in Drupal Drupal Canvas allows Cross-Site Scripting XSS. This issue affects Drupal Canvas versions: from 0.0.0 to 1.4.2, from 1.5.0 to 1.5.2, from 1.6.0 to 1.6.1, from 1.7.0 to 1.7.1...

6.1CVSS0.00253EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/07/10 6:0 a.m.31 views

CVE-2026-12276 LA-Studio Element Kit for Elementor < 1.6.1 - Unauthenticated Open Registration

The LA-Studio Element Kit for Elementor WordPress plugin before 1.6.1 does not check whether user registration is enabled on the site before creating an account through one of its unauthenticated AJAX actions, allowing unauthenticated attackers to register new accounts even when registration has...

0.00182EPSS
Exploits0References1
NVD
NVD
added 2026/06/26 3:16 p.m.8 views

CVE-2026-57647

Contributor Local File Inclusion in Panorama Viewer – 360 Degree Image + Video Viewer = 1.6.1 versions...

7.5CVSS0.00259EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/06/26 2:53 p.m.10 views

CVE-2026-57647

Contributor Local File Inclusion in Panorama Viewer – 360 Degree Image + Video Viewer = 1.6.1 versions...

7.5CVSS5.8AI score0.00259EPSS
Exploits0References2
CVE
CVE
added 2026/06/26 2:53 p.m.17 views

CVE-2026-57647

CVE-2026-57647 concerns the WordPress Panorama Viewer – 360 Degree Image + Video Viewer plugin, affected in versions

7.5CVSS5.8AI score0.00259EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/26 2:53 p.m.10 views

EUVD-2026-39762

Contributor Local File Inclusion in Panorama Viewer – 360 Degree Image + Video Viewer = 1.6.1 versions...

7.5CVSS5.8AI score0.00259EPSS
Exploits0References1
NVD
NVD
added 2026/06/24 9:16 a.m.13 views

CVE-2026-10745

Improper output neutralization for logs vulnerability in upKeeper Solutions upKeeper Instant Privilege Access on Windows allows Log Injection-Tampering-Forging. This issue affects upKeeper Instant Privilege Access: through 1.6.1...

7.9CVSS0.00264EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/06/24 8:4 a.m.6 views

CVE-2026-10745

Improper output neutralization for logs vulnerability in upKeeper Solutions upKeeper Instant Privilege Access on Windows allows Log Injection-Tampering-Forging. This issue affects upKeeper Instant Privilege Access: through 1.6.1...

7.9CVSS5.9AI score0.00264EPSS
Exploits0References2
CVE
CVE
added 2026/06/24 8:4 a.m.19 views

CVE-2026-10745

CVE-2026-10745 affects upKeeper Solutions a.k.a. upKeeper Instant Privilege Access on Windows, vulnerable through version 1.6.1. Root cause: improper output neutralization in logs (log injection/tampering/forging). Reported impact per metrics indicates high risk for subsequent system confidential...

7.9CVSS5.9AI score0.00264EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/24 8:4 a.m.38 views

CVE-2026-10745

Improper output neutralization for logs vulnerability in upKeeper Solutions upKeeper Instant Privilege Access on Windows allows Log Injection-Tampering-Forging. This issue affects upKeeper Instant Privilege Access: through 1.6.1...

7.9CVSS0.00264EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/19 2:46 p.m.12 views

EUVD-2026-37802

Improper neutralization of argument delimiters in AWS Bedrock AgentCore Python SDK installpackages...

8.4CVSS5.8AI score0.00302EPSS
Exploits0References4
NVD
NVD
added 2026/06/17 10:16 p.m.24 views

CVE-2026-12530

Improper neutralization of argument delimiters in the installpackages method in AWS Bedrock AgentCore Python SDK versions = 1.1.3 and 1.6.1 might allow a remote authenticated user to execute arbitrary commands within the Code Interpreter sandbox via crafted package name arguments. To mitigate thi...

8.4CVSS0.00302EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/06/17 9:5 p.m.23 views

CVE-2026-12530 Improper neutralization of argument delimiters in AWS Bedrock AgentCore Python SDK install_packages()

Improper neutralization of argument delimiters in the installpackages method in AWS Bedrock AgentCore Python SDK versions = 1.1.3 and 1.6.1 might allow a remote authenticated user to execute arbitrary commands within the Code Interpreter sandbox via crafted package name arguments. To mitigate thi...

8.4CVSS0.00302EPSS
Exploits0References2
EUVD
EUVD
added 2026/06/17 6:35 p.m.9 views

EUVD-2026-37673

Unauthenticated PHP Object Injection in Zermatt = 1.6.1 versions...

8.1CVSS5.3AI score0.00395EPSS
Exploits0References2
NVD
NVD
added 2026/06/17 1:20 p.m.10 views

CVE-2026-39545

Unauthenticated PHP Object Injection in Zermatt = 1.6.1 versions...

8.1CVSS0.00395EPSS
Exploits0References1
CVE
CVE
added 2026/06/17 9:50 a.m.10 views

CVE-2026-39545

The CVE-2026-39545 entry affects the WordPress Zermatt theme (versions &lt;= 1.6.1) and describes an unauthenticated PHP Object Injection vulnerability in Zermatt

8.1CVSS5.3AI score0.00395EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/06/17 12:0 a.m.22 views

PT-2026-50549

Name of the Vulnerable Software and Affected Versions AWS Bedrock AgentCore Python SDK versions 1.1.3 through 1.6.0 Description Improper neutralization of argument delimiters in the install packages method of the Code Interpreter client allows a remote authenticated user to execute arbitrary...

8.4CVSS6.3AI score0.00302EPSS
Exploits0References12
OSV
OSV
added 2026/06/08 2:53 p.m.16 views

CLEANSTART-2026-KK19266 Security fixes for CVE-2022-46146, CVE-2024-24786, CVE-2025-22871, CVE-2025-22873, CVE-2025-4673, CVE-2025-4674, CVE-2025-47906, CVE-2025-47907, CVE-2025-47912, CVE-2025-58183, CVE-2025-58185, CVE-2025-58186, CVE-2025-58187, CVE-2025-58188, CVE-2025-58189, CVE-2025-61723, CVE-2025-61724, CVE-2025-61725, CVE-2025-61726, CVE-2025-61727, CVE-2025-61728, CVE-2025-61729, CVE-2025-61730, CVE-2025-61731, CVE-2025-61732, CVE-2025-68121, CVE-2026-25679, CVE-2026-27139, CVE-2026-27142, CVE-2026-33811, CVE-2026-33814, CVE-2026-39817, CVE-2026-39819, CVE-2026-39820, CVE-2026-39823, CVE-2026-39825, CVE-2026-39826, CVE-2026-39836, CVE-2026-42499, CVE-2026-42501, ghsa-6v2p-p543-phr9, ghsa-cgrx-mc8f-2prm, ghsa-f6x5-jh6r-wrfv, ghsa-hcg3-q754-cr77, ghsa-j5w8-q4qc-rx2x, ghsa-qxp5-gwg8-xv66, ghsa-v778-237x-gjrc, ghsa-vvgc-356p-c3xw applied in versions: 1.11.0-r0, 1.5.0-r0, 1.6.1-r0, 1.8.0-r3

Multiple security vulnerabilities affect the prometheus-node-exporter package. These issues are resolved in later releases. See references for individual vulnerability details...

10CVSS7.2AI score0.01945EPSS
Exploits6References89
EUVD
EUVD
added 2026/05/25 2:15 p.m.15 views

EUVD-2018-21903

Joomla Responsive Portfolio 1.6.1 contains an SQL injection vulnerability that allows authenticated attackers to execute arbitrary SQL commands through multiple filter parameters. Attackers can inject malicious SQL code via the filtertypeid, filterpidid, and filtersearch parameters in POST reques...

7.1CVSS6.1AI score0.00284EPSS
Exploits0References4
Rows per page
Query Builder