Lucene search
K

7 matches found

Positive Technologies
Positive Technologies
added 2026/06/11 12:0 a.m.12 views

PT-2026-48669

Name of the Vulnerable Software and Affected Versions IBM Security QRadar EDR versions 3.12 through 3.12.24 Description User credentials are stored in plain text, which allows a local privileged user to read this sensitive information. Recommendations At the moment, there is no information about ...

4.4CVSS5.8AI score0.00094EPSS
Exploits0References5
Cvelist
Cvelist
added 2026/04/01 4:11 p.m.28 views

CVE-2026-33978 Notesnook: Stored XSS in mobile share editor via unescaped web clip title metadata

Notesnook is a note-taking app focused on user privacy & ease of use. Prior to version 3.3.17, a stored XSS vulnerability exists in the mobile share / web clip flow because attacker-controlled clip metadata is concatenated into HTML without escaping and then rendered with innerHTML inside the...

5.4CVSS0.00286EPSS
Exploits1References3
Positive Technologies
Positive Technologies
added 2026/03/25 12:0 a.m.5 views

PT-2026-27907

Name of the Vulnerable Software and Affected Versions SimpLy Gallery versions n/a through 3.3.2 Description An improper validation of the specified quantity in input within the GalleryCreator SimpLy Gallery simply-gallery-block component allows access to functionality that is not properly...

9.9CVSS5.9AI score0.00447EPSS
Exploits0References3
EUVD
EUVD
added 2026/03/05 9:30 p.m.6 views

EUVD-2026-9840

An authorization bypass vulnerability in Tata Consultancy Services Cognix Recon Client v3.0 allows authenticated users to escalate privileges across role boundaries via crafted requests...

5.9AI score0.00384EPSS
Exploits0References4
Cvelist
Cvelist
added 2025/11/25 7:28 a.m.6 views

CVE-2025-13414 Chamber Dashboard Business Directory <= 3.3.11 - Missing Authorization to Unauthenticated Business Information Export

The Chamber Dashboard Business Directory plugin for WordPress is vulnerable to unauthorized data export due to a missing capability check on the cdashwatchforexport function in all versions up to, and including, 3.3.11. This makes it possible for unauthenticated attackers to export business...

5.3CVSS0.0024EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2025/05/23 9:17 a.m.8 views

CVE-2024-30521

Cross-Site Request Forgery CSRF vulnerability in Landingi Landingi Landing Pages.This issue affects Landingi Landing Pages: from n/a through 3.1.1...

5.4CVSS8.6AI score0.00209EPSS
Exploits0References1
OSV
OSV
added 2021/10/01 9:15 p.m.2 views

CVE-2021-36309

Dell Enterprise SONiC OS, versions 3.3.0 and earlier, contains a sensitive information disclosure vulnerability. An authenticated malicious user with access to the system may use the TACACS\Radius credentials stored to read sensitive information and use it in further attacks...

6.5CVSS6.6AI score0.00624EPSS
Exploits0References1
Rows per page
Query Builder