Lucene search
K

8 matches found

CVE
CVE
added 2026/06/01 4:37 p.m.28 views

CVE-2026-45154

Nextcloud Collectives vulnerability: from version 2.6.0 through before 4.3.0, if a collective page was deleted and the collective was shared view‑only, guests with access could directly retrieve the deleted pages from the trashbin. Root cause: improper access control. A fix is available in versio...

2.6CVSS5.7AI score0.00189EPSS
Exploits0References3
NVD
NVD
added 2026/05/07 12:16 p.m.51 views

CVE-2026-41643

GoBGP is an open source Border Gateway Protocol BGP implementation in the Go Programming Language. Prior to version 4.3.0, a remote Denial of Service DoS vulnerability exists in GoBGP where a malformed BGP UPDATE message can trigger a runtime error: index out of range panic. This occurs during th...

7.5CVSS0.00503EPSS
Exploits1References2
CNNVD
CNNVD
added 2026/01/08 12:0 a.m.5 views

WordPress plugin Jobify 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A security vulnerabili...

7.1CVSS6AI score0.0018EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 9:38 a.m.5 views

CVE-2024-24023

A SQL injection vulnerability exists in Novel-Plus v4.3.0-RC1 and prior. An attacker can pass specially crafted offset, limit, and sort parameters to perform SQL injection via /novel/bookContent/list...

9.8CVSS9.6AI score0.00622EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 2:43 a.m.4 views

CVE-2023-5201

The OpenHook plugin for WordPress is vulnerable to Remote Code Execution in versions up to, and including, 4.3.0 via the 'php' shortcode. This allows authenticated attackers with subscriber-level permissions or above, to execute code on the server. This requires the php shortcode setting to be...

9.9CVSS6.1AI score0.01429EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 10:9 a.m.7 views

CVE-2019-19547

Symantec Endpoint Detection and Response SEDR, prior to 4.3.0, may be susceptible to a cross site scripting XSS issue. XSS is a type of issue that can enable attackers to inject client-side scripts into web pages viewed by other users. An XSS vulnerability may be used by attackers to potentially...

6.1CVSS5.2AI score0.01379EPSS
Exploits1References1
RedHat Linux
RedHat Linux
added 2022/11/15 3:17 p.m.4 views

libtiff: heap buffer overflow in extractImageSection

A heap buffer overflow in ExtractImageSection function in tiffcrop.c in libtiff library Version 4.3.0 allows attacker to trigger unsafe or out of bounds memory access via crafted TIFF image file which could result into application crash, potential information disclosure or any other...

7.1CVSS7.6AI score0.01542EPSS
Exploits1References4
CNVD
CNVD
added 2017/08/19 12:0 a.m.0 views

WordPress PressForward plugin cross-site scripting vulnerability

WordPress is the WordPress Software Foundation's set of blogging platform developed using the PHP language, the platform supports PHP and MySQL servers to set up a personal blog site.PressForward plugin is one of the workflow editing plugin. A cross-site scripting vulnerability exists in the...

6.1CVSS5.8AI score0.00757EPSS
Exploits1References1
Rows per page
Query Builder