Lucene search
K

17 matches found

RedhatCVE
RedhatCVE
added 2026/06/05 7:37 p.m.9 views

CVE-2026-3604

The WP SEO Structured Data Schema plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the kcseoativetab parameter in all versions up to, and including, 2.8.1 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with...

4.9CVSS5.7AI score0.00229EPSS
Exploits0References1
OSV
OSV
added 2026/04/01 9:13 a.m.9 views

CLEANSTART-2026-UJ06223 Security fixes for CVE-2025-25285, CVE-2026-21637, ghsa-23c5-xmqv-rm74, ghsa-34x7-hfp2-rc4v, ghsa-72xf-g2v4-qvf3, ghsa-7r86-cg39-jmmj, ghsa-83g3-92jg-28cx, ghsa-8gc5-j5rx-235r, ghsa-8qq5-rm4j-mr97, ghsa-9ppj-qmqm-q256, ghsa-fj3w-jwp8-x2g3, ghsa-fjxv-7rqg-78g4, ghsa-jp2q-39xq-3w4g, ghsa-mh29-5h37-fv8m, ghsa-pfrx-2q88-qq97, ghsa-qffp-2rhf-9h96, ghsa-r6q2-hw4h-h46w, ghsa-rc47-6667-2j5j, ghsa-rmvr-2pp2-xj38 applied in versions: 2.6.0-r1, 2.7.0-r0, 2.8.1-r0

Multiple security vulnerabilities affect the mongosh package. These issues are resolved in later releases. See references for individual vulnerability details...

7.5CVSS5.8AI score0.01056EPSS
Exploits0References22
RedhatCVE
RedhatCVE
added 2025/05/23 12:26 a.m.10 views

CVE-2022-47609

Cross-Site Request Forgery CSRF vulnerability in Nicearma DNUI plugin = 2.8.1 versions...

8.8CVSS7.1AI score0.00246EPSS
Exploits0References1
Patchstack
Patchstack
added 2025/01/13 8:12 p.m.7 views

WordPress W3 Total Cache plugin <= 2.8.1 Information Exposure via Log Files vulnerability

WordPress W3 Total Cache plugin = 2.8.1 Information Exposure via Log Files vulnerability discovered by villu164 in WordPress Plugin W3 Total Cache versions = 2.8.1...

7.5CVSS7AI score0.02169EPSS
Exploits0References1Affected Software1
OSV
OSV
added 2024/12/13 6:15 a.m.3 views

CVE-2024-11834

Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in PlexTrac allows arbitrary file writes.This issue affects PlexTrac: from 1.61.3 before 2.8.1...

8.9CVSS5.9AI score0.00488EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2024/12/13 12:0 a.m.4 views

PT-2024-17281 · Plextrac · Plextrac

Name of the Vulnerable Software and Affected Versions: PlexTrac versions 1.61.3 through 2.8.1 Description: The issue is related to a Path Traversal vulnerability, which allows arbitrary file writes due to improper limitation of a pathname to a restricted directory. This enables unauthorized acces...

9.1CVSS7AI score0.00488EPSS
Exploits0References8
Positive Technologies
Positive Technologies
added 2024/12/09 12:0 a.m.4 views

PT-2024-36096 · Unknown · Aio Contact

Name of the Vulnerable Software and Affected Versions: AIO Contact versions prior to 2.8.1 Description: The issue is related to a Missing Authorization vulnerability. Recommendations: For versions prior to 2.8.1, update to a version that contains a fix for this issue. At the moment, there is no...

6.5CVSS6.8AI score0.00298EPSS
Exploits0References4
Patchstack
Patchstack
added 2024/12/02 3:37 p.m.7 views

WordPress AIO Contact plugin <= 2.8.1 - Unauthenticated Site-Wide Cross Site Scripting (XSS) vulnerability

Unauthenticated Site-Wide Cross Site Scripting XSS vulnerability discovered by Dave Jong Patchstack in WordPress Plugin AIO Contact versions = 2.8.1...

7.1CVSS6.1AI score0.00347EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2024/04/19 2:12 a.m.5 views

WordPress ShopLentor plugin <= 2.8.1 - Improper Authorization via woolentor_template_store vulnerability

Improper Authorization via woolentortemplatestore vulnerability discovered by Lucio Sá in WordPress Plugin ShopLentor versions = 2.8.1...

4.3CVSS7AI score0.0034EPSS
Exploits0References1Affected Software1
vulnersOsv
vulnersOsv
added 2023/08/24 3:31 p.m.4 views

cn.aradin:aradin-spring-actuator-starter (>=1.0.1 <=1.0.3), cn.fscode.common:common-kafka-spring-boot-starter (=0.0.1) +423 more potentially affected by CVE-2023-34040 via org.springframework.kafka:spring-kafka (>=2.8.1 <=2.9.10)

org.springframework.kafka:spring-kafka MAVEN version =2.8.1, =1.0.1, =0.0.2, =2.7.7.5, =2.7.0.0, =1.1.0, =1.0.3, =1.0.3, =3.16.2, =0.0.1, =0.0.11 - com.argusoft:medplatlms =0.0.1 - com.argusoft:medplatsecurity =0.0.1 - com.brihaspathee.zeus:account-processor =0.0.1 and more Source cves:...

7.8CVSS7.1AI score0.02162EPSS
Exploits2
SUSE CVE
SUSE CVE
added 2023/02/15 3:26 a.m.4 views

SUSE CVE-2022-29196

TensorFlow is an open source platform for machine learning. Prior to versions 2.9.0, 2.8.1, 2.7.2, and 2.6.4, the implementation of tf.rawops.Conv3DBackpropFilterV2 does not fully validate the input arguments. This results in a CHECK-failure which can be used to trigger a denial of service attack...

5.5CVSS5.5AI score0.00317EPSS
Exploits1References3
CNNVD
CNNVD
added 2022/11/28 12:0 a.m.2 views

Discourse 信息泄露漏洞

Discourse is an open source community discussion platform. The platform includes features such as community, email and chat rooms. An information disclosure vulnerability exists in Discourse versions 2.8.1 and earlier, and 2.9.0.beta.13 and earlier. An attacker can exploit this vulnerability to...

4.3CVSS6AI score0.00448EPSS
Exploits0References3
CNNVD
CNNVD
added 2022/01/12 12:0 a.m.4 views

Caldera 安全漏洞

Caldera is a suite of software from Caldera France that provides color management, imaging and processing solutions for printer devices. Caldera suffers from an Access Control Error vulnerability in version 2.8.1 and earlier, which stems from the software's failure to properly segregate user...

8.1CVSS5.6AI score0.0119EPSS
Exploits2References3
CNNVD
CNNVD
added 2021/08/17 12:0 a.m.16 views

Dolibarr 授权问题漏洞

Dolibarr is a software application. A modern software package to help manage your organization's activities. A security vulnerability exists in Dolibarr versions v2.8.1 through v13.0.2 that allows a low-privileged attacker to reset the password of any user in the affected application using the...

8.8CVSS7.9AI score0.01058EPSS
Exploits0References2
CNNVD
CNNVD
added 2021/08/09 12:0 a.m.4 views

Dolibarr ERP/CRM 访问控制错误漏洞

Dolibarr ERP/CRM is a Web-based enterprise resource planning ERP and customer relationship management CRM system from the Dolibarr Foundation in France. The system can be used to manage products, inventory, invoices, orders, and more. An Access Control Error vulnerability exists in Dolibarr ERP/C...

4.3CVSS5.2AI score0.00702EPSS
Exploits0References3
PyPA
PyPA
added 2020/04/14 11:15 p.m.4 views

PYSEC-2020-152

In Wagtail before versions 2.8.1 and 2.7.2, a cross-site scripting XSS vulnerability exists on the page revision comparison view within the Wagtail admin interface. A user with a limited-permission editor account for the Wagtail admin could potentially craft a page revision history that, when...

6.8CVSS5.8AI score0.01273EPSS
Exploits1References3Affected Software1
Positive Technologies
Positive Technologies
added 2018/11/23 12:0 a.m.3 views

PT-2018-3065 · Freeware Advanced Audio Coder +1 · Faad2 +1

Name of the Vulnerable Software and Affected Versions: Freeware Advanced Audio Decoder 2 FAAD2 versions 2.8.1 and earlier Description: The issue is related to a heap-based buffer overflow in the excluded channels function of the Freeware Advanced Audio Decoder 2 FAAD2 audio decoder. This can allo...

7.8CVSS6.6AI score0.01518EPSS
Exploits22References113
Rows per page
Query Builder