Lucene search
K

344 matches found

Tenable Nessus
Tenable Nessus
added 6 days ago7 views

Fedora 44 : pacemaker (2026-2c31df81dc)

The remote Fedora 44 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2026-2c31df81dc advisory. Wed Jun 17 2026 Klaus Wenninger - 3.0.2-3 - fix CVE-2026-10649: Fix integer overflows in remote message code Tenable has extracted the preceding description...

8.6CVSS5.8AI score0.0044EPSS
Exploits0References2
OSV
OSV
added 2026/06/23 12:0 a.m.2 views

OPENSUSE-SU-2026:11111-1 pacemaker-3.0.2+20260616.4544f351-1.1 on GA media

These are all security issues fixed in the pacemaker-3.0.2+20260616.4544f351-1.1 package on the GA media of openSUSE Tumbleweed...

8.6CVSS5.9AI score0.0044EPSS
Exploits0References1
NVD
NVD
added 2026/06/17 1:19 p.m.9 views

CVE-2025-49403

Unauthenticated Arbitrary File Download in Premium Age Verification / Restriction for WordPress = 3.0.2 versions...

7.5CVSS0.00294EPSS
Exploits0References1
CVE
CVE
added 2026/06/17 9:50 a.m.11 views

CVE-2025-49403

CVE-2025-49403 affects Premium Age Verification / Restriction for WordPress (WordPress plugin) versions <= 3.0.2. Unauthenticated Arbitrary File Download is reported; Patchstack notes vulnerability in versions

7.5CVSS5.2AI score0.00294EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/17 9:50 a.m.30 views

CVE-2025-49403 WordPress Premium Age Verification / Restriction for WordPress Plugin <= 3.0.2 - Arbitrary File Download Vulnerability

Unauthenticated Arbitrary File Download in Premium Age Verification / Restriction for WordPress = 3.0.2 versions...

7.5CVSS0.00294EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/15 8:19 p.m.8 views

EUVD-2026-36905

Subscriber SQL Injection in WCMultiShipping = 3.0.2 versions...

8.5CVSS5.7AI score0.00339EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/15 8:19 p.m.27 views

CVE-2026-52700 WordPress WCMultiShipping plugin <= 3.0.2 - SQL Injection vulnerability

Subscriber SQL Injection in WCMultiShipping = 3.0.2 versions...

8.5CVSS0.00339EPSS
Exploits0References1
CVE
CVE
added 2026/06/15 8:19 p.m.16 views

CVE-2026-52700

WordPress plugin WCMultiShipping (versions

8.5CVSS5.7AI score0.00339EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/06/15 8:18 p.m.6 views

CVE-2026-40767 WordPress wpForo Forum plugin < 3.0.2 - Broken Access Control vulnerability

Unauthenticated Broken Access Control in wpForo Forum 3.0.2 versions...

7.5CVSS5.2AI score0.00287EPSS
Exploits0References1
Patchstack
Patchstack
added 2026/06/11 12:51 p.m.6 views

WordPress Decent Comments plugin < 3.0.2 - Unauthenticated Email Address Disclosure vulnerability

Unauthenticated Email Address Disclosure vulnerability discovered by Vaibhav Narkhede in WordPress Plugin Decent Comments versions 3.0.2...

5.8CVSS5.4AI score0.00271EPSS
Exploits0References1Affected Software1
NVD
NVD
added 2026/06/09 2:16 p.m.18 views

CVE-2026-7486

Improper neutralization of special elements used in an SQL command 'SQL injection' vulnerability in Netcad Software Inc. E-İmar allows SQL Injection. This issue affects E-İmar: from 2.10.1.0 before 3.0.2...

9.8CVSS0.00275EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/09 12:24 p.m.29 views

CVE-2026-7486 SQLi in Netcad's E-İmar

Improper neutralization of special elements used in an SQL command 'SQL injection' vulnerability in Netcad Software Inc. E-İmar allows SQL Injection. This issue affects E-İmar: from 2.10.1.0 before 3.0.2...

9.8CVSS0.00275EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/09 12:0 a.m.14 views

Netcad E-İmar SQL注入漏洞

Netcad E-İmar is a GIS-based urban planning information query platform developed by the Turkish company Netcad. Versions of Netcad E-İmar from 2.10.1.0 to 3.0.2 contained a SQL injection vulnerability. This vulnerability stemmed from improper handling of special elements within SQL commands, whic...

9.8CVSS5.7AI score0.00275EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/05/27 9:49 a.m.7 views

CVE-2026-42732

Improper Validation of Specified Quantity in Input vulnerability in Ads by WPQuads Ads by WPQuads quick-adsense-reloaded allows Input Data Manipulation.This issue affects Ads by WPQuads: from n/a through = 3.0.2...

6.5CVSS5.8AI score0.00248EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/05/27 9:49 a.m.9 views

CVE-2026-42732 WordPress Ads by WPQuads plugin <= 3.0.2 - Broken Authentication vulnerability

Improper Validation of Specified Quantity in Input vulnerability in Ads by WPQuads Ads by WPQuads quick-adsense-reloaded allows Input Data Manipulation.This issue affects Ads by WPQuads: from n/a through = 3.0.2...

6.5CVSS5.8AI score0.00248EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/27 12:0 a.m.9 views

WordPress plugin Ads by WPQuads 安全漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...

6.5CVSS5.7AI score0.00207EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/05/26 1:30 a.m.9 views

CVE-2026-9520 blitz-js blitz Sign-in LoginForm.tsx cross site scripting

A weakness has been identified in blitz-js blitz up to 3.0.2 on GitHub. This impacts an unknown function of the file packages/generator/templates/app/src/app/auth/components/LoginForm.tsx of the component Sign-in. This manipulation of the argument Next causes cross site scripting. It is possible ...

5.3CVSS4.2AI score0.00336EPSS
Exploits0References4
Patchstack
Patchstack
added 2026/05/24 12:10 p.m.8 views

WordPress Ads by WPQuads plugin <= 3.0.2 - Broken Authentication vulnerability

Broken Authentication vulnerability discovered by Bas Albers in WordPress Plugin Ads by WPQuads versions = 3.0.2...

6.5CVSS5.8AI score0.00248EPSS
Exploits0Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/05/22 3:39 a.m.5 views

CVE-2026-7249

The Location Weather plugin for WordPress is vulnerable to unauthorized modification of data due to missing capability checks on the splwupdateblockoptions and lwpcleanweathertransients functions in all versions up to, and including, 3.0.2. This makes it possible for authenticated attackers, with...

4.3CVSS5.8AI score0.00248EPSS
Exploits0References7
EUVD
EUVD
added 2026/05/22 3:39 a.m.15 views

EUVD-2026-31404

The Location Weather plugin for WordPress is vulnerable to unauthorized modification of data due to missing capability checks on the splwupdateblockoptions and lwpcleanweathertransients functions in all versions up to, and including, 3.0.2. This makes it possible for authenticated attackers, with...

4.3CVSS5.8AI score0.00248EPSS
Exploits0References6
Rows per page
Query Builder