Lucene search
K

6 matches found

NVD
NVD
added 3 days ago9 views

CVE-2026-59817

Ghost is a Node.js content management system. From 6.27.0 before 6.44.0, Ghost's public donation checkout flow allowed an unauthenticated attacker to control donation checkout metadata and obtain full paid gift memberships for a minimal payment without exposing customer or member data or stealing...

5.3CVSS0.00257EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2025/12/16 12:0 a.m.5 views

PT-2025-51560

WaveView client allows users to execute restricted set of predefined commands and scripts on the connected WaveStore Server. A malicious attacker with high-privileges is able to read or delete any file on the server using path traversal in the ilog script. This script is being run with root...

8.6CVSS7.2AI score0.0042EPSS
Exploits0References3
OSV
OSV
added 2025/10/17 6:3 a.m.4 views

CVE-2025-55087

In NextX Duo's snmp addon versions before 6.4.4, a part of the Eclipse Foundation ThreadX, an attacker could cause an out-of-bound read by a crafted SNMPv3 security parameters...

6.3CVSS6.7AI score0.00415EPSS
Exploits0References4
CNNVD
CNNVD
added 2025/10/17 12:0 a.m.7 views

Eclipse ThreadX NetX Duo 缓冲区错误漏洞

Eclipse ThreadX NetX Duo is an IPv4 and IPv6 dual network stack for Eclipse ThreadX open source. A buffer error vulnerability exists in Eclipse ThreadX NetX Duo versions prior to 6.4.4, which stems from a potential out-of-bounds read issue in the nxicmpv6validateoptions function when processing...

7.5CVSS6.9AI score0.00374EPSS
Exploits0References2
CNNVD
CNNVD
added 2025/10/17 12:0 a.m.8 views

Eclipse ThreadX NetX Duo 安全漏洞

Eclipse ThreadX NetX Duo is an IPv4 and IPv6 dual network stack for Eclipse ThreadX open source. A security vulnerability exists in Eclipse ThreadX NetX Duo versions prior to 6.4.4, which stems from the processing of IPv4 packets with a timestamp option that can lead to out-of-bounds reads...

6.9CVSS6.6AI score0.00301EPSS
Exploits0References2
VulnCheck KEV
VulnCheck KEV
added 2025/09/14 12:0 a.m.25 views

VulnCheck KEV: CVE-2018-17254

The JCK Editor component 6.4.4 for Joomla! allows SQL Injection via the jtreelink/dialogs/links.php parent parameter...

9.8CVSS7.4AI score0.82976EPSS
In wildExploits5References2
Rows per page
Query Builder