Lucene search
K

273 matches found

OSV
OSV
added 2025/06/08 12:15 p.m.6 views

CVE-2025-26691

in OpenHarmony v5.0.3 and prior versions allow a local attacker cause information leak through get permission...

5.5CVSS5.8AI score0.00113EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/06/06 12:0 a.m.3 views

Huawei HarmonyOS 安全漏洞

Huawei HarmonyOS is an operating system from Huawei China. It provides a full-scenario distributed operating system based on a microkernel. Huawei HarmonyOS version 5.0.0 suffers from a security vulnerability, no details of the vulnerability are provided at this time...

8.8CVSS6.8AI score0.0018EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/06/06 12:0 a.m.3 views

WordPress plugin Car Repair Services 代码问题漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A code issue vulnerability exists in...

5.4CVSS5.8AI score0.00214EPSS
Exploits0References2
CNNVD
CNNVD
added 2025/06/06 12:0 a.m.5 views

Huawei HarmonyOS 安全漏洞

Huawei HarmonyOS is an operating system from Huawei China. It provides a full-scenario distributed operating system based on a microkernel. A security vulnerability exists in Huawei HarmonyOS version 5.0.0, which can be exploited by attackers to affect availability...

4CVSS6.6AI score0.00099EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/06/06 12:0 a.m.5 views

Huawei HarmonyOS 安全漏洞

Huawei HarmonyOS is an operating system from Huawei China. It provides a full-scenario distributed operating system based on a microkernel. Huawei HarmonyOS version 5.0.0 suffers from a security vulnerability, no details of the vulnerability are provided at this time...

6.2CVSS6.8AI score0.00093EPSS
Exploits0References1
OSV
OSV
added 2025/05/26 2:15 p.m.2 views

DEBIAN-CVE-2025-46804

A minor information leak when running Screen with setuid-root privileges allows unprivileged users to deduce information about a path that would otherwise not be available. Affected are older Screen versions, as well as version 5.0.0...

2CVSS4.5AI score0.00213EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 5:14 a.m.5 views

CVE-2017-1000240

The application OpenEMR is affected by multiple reflected & stored Cross-Site Scripting XSS vulnerabilities affecting version 5.0.0 and prior versions. These vulnerabilities could allow remote authenticated attackers to inject arbitrary web script or HTML...

5.4CVSS6AI score0.00736EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/05/21 12:0 a.m.5 views

TYPO3 安全漏洞

TYPO3 is a free and open source content management system framework CMS/CMF from the Swiss TYPO3 Association. A security vulnerability exists in TYPO3 version 5.0.0 and earlier, which stems from the presence of an unsafe direct object reference...

8.6CVSS6.5AI score0.00301EPSS
Exploits0References2
CNNVD
CNNVD
added 2025/05/16 12:0 a.m.6 views

SAMSUNG Galaxy Watch3 Plugin 信任管理问题漏洞

The SAMSUNG Galaxy Watch3 Plugin is a component of a Galaxy Wearable application from Samsung South Korea. A security vulnerability exists in SAMSUNG Galaxy Watch3 Plugin version 5.0.9 that stems from not properly validating TLS certificates, which could lead to a man-in-the-middle attack...

5.9CVSS6.5AI score0.00251EPSS
Exploits1References2
ATTACKERKB
ATTACKERKB
added 2025/05/07 3:16 p.m.5 views

CVE-2025-47649

Path Traversal: '.../...//' vulnerability in StackWC Open Close WooCommerce Store woc-open-close allows PHP Local File Inclusion.This issue affects Open Close WooCommerce Store: from n/a through = 4.9.9...

8.8CVSS8.6AI score0.00422EPSS
Exploits0References3
Patchstack
Patchstack
added 2025/05/07 12:0 a.m.5 views

Drupal Enterprise MFA - TFA for Drupal module < 4.7.0,5.0.0-5.1.0 - Unauthenticated Broken Access Control vulnerability

Drupal Enterprise MFA - TFA for Drupal module 4.7.0,5.0.0-5.1.0 - Unauthenticated Broken Access Control vulnerability discovered by Conrad Lara cmlara in WordPress Module Enterprise MFA - TFA for Drupal versions 4.7.0,5.0.0-5.1.0...

4.8CVSS7AI score0.00235EPSS
Exploits0References1Affected Software1
CNNVD
CNNVD
added 2025/04/15 12:0 a.m.7 views

Demtec Graphytics 代码注入漏洞

Demtec Graphytics is an application from Demtec Corporation. A code injection vulnerability exists in Demtec Graphytics version 5.0.7 that stems from improper handling of the description parameter in the /visualization file, which could lead to a cross-site scripting attack...

5.1CVSS4.8AI score0.00285EPSS
Exploits0References4
CNNVD
CNNVD
added 2025/02/26 12:0 a.m.4 views

WordPress plugin WP BASE Booking of Appointments, Services and Events 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed in the PHP language. WordPress plugin is an application plugin that supports personal blog sites on PHP and MySQL servers. A security vulnerability exists in the WordPress plugi...

6.1CVSS8.7AI score0.00578EPSS
Exploits1References2
CNNVD
CNNVD
added 2025/02/24 12:0 a.m.4 views

MITRE Caldera 安全漏洞

MITRE Caldera is a MITRE open source automated adversarial simulation platform. A security vulnerability exists in MITRE Caldera versions 4.2.0 and earlier and 5.0.0 and earlier, which stems from remote code execution in the Dynamic Proxy Compilation feature and allows an attacker to execute...

10CVSS8.9AI score0.23813EPSS
Exploits2References7
Patchstack
Patchstack
added 2025/02/12 7:54 a.m.5 views

WordPress LTL Freight Quotes – Worldwide Express Edition plugin <= 5.0.20 - Arbitrary Content Deletion vulnerability

Arbitrary Content Deletion vulnerability discovered by Mika Patchstack Alliance in WordPress Plugin LTL Freight Quotes – Worldwide Express Edition versions = 5.0.20...

5.3CVSS7AI score0.00277EPSS
Exploits0Affected Software1
Positive Technologies
Positive Technologies
added 2025/02/03 12:0 a.m.6 views

PT-2025-4622 · Hakan Ozevin · Wp Base Booking

Name of the Vulnerable Software and Affected Versions: Hakan Ozevin WP BASE Booking versions prior to 5.0.0 Description: The issue is related to improper neutralization of input during web page generation, which allows for stored Cross-site Scripting XSS. This means that an attacker can inject...

7.1CVSS9AI score0.00322EPSS
Exploits0References5
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/01/30 4:55 p.m.1 views

Malicious code in grabathon-5.0 (npm)

The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=-...

6.9AI score
Exploits0
CNNVD
CNNVD
added 2025/01/20 12:0 a.m.6 views

IBM DevOps Velocity和IBM UrbanCode Velocity 加密问题漏洞

IBM DevOps Velocity and IBM UrbanCode Velocity are both products of International Business Machines IBM.IBM DevOps Velocity is an enterprise-class release management application that supports cloud-native and local deployments.IBM UrbanCode Velocity is an enterprise-class release management and...

7.5CVSS6.1AI score0.00311EPSS
Exploits0References2
CNNVD
CNNVD
added 2025/01/20 12:0 a.m.5 views

IBM DevOps Velocity和IBM UrbanCode Velocity 安全漏洞

IBM DevOps Velocity and IBM UrbanCode Velocity are both products of International Business Machines IBM.IBM DevOps Velocity is an enterprise-class release management application that supports cloud-native and local deployments.IBM UrbanCode Velocity is an enterprise-class release management and...

4CVSS6AI score0.00206EPSS
Exploits0References2
Patchstack
Patchstack
added 2025/01/07 1:1 p.m.5 views

WordPress WOOEXIM Plugin <= 5.0.0 - SQL Injection vulnerability

SQL Injection vulnerability discovered by João Pedro S Alcântara Kinorth in WordPress Plugin WOOEXIM versions = 5.0.0...

7.6CVSS8.1AI score0.00564EPSS
Exploits0Affected Software1
Rows per page
Query Builder