Lucene search
K

34 matches found

Patchstack
Patchstack
added 2026/06/29 2:59 p.m.6 views

WordPress Automotive Listings plugin <= 18.6 - Reflected Cross Site Scripting (XSS) vulnerability

Reflected Cross Site Scripting XSS vulnerability discovered by João Pedro S Alcântara Kinorth in WordPress Plugin Automotive Listings versions = 18.6...

7.1CVSS5.8AI score0.0018EPSS
Exploits0Affected Software1
SUSE CVE
SUSE CVE
added 2026/05/18 1:22 p.m.13 views

SUSE CVE-2026-6476

SQL injection in PostgreSQL pgcreatesubscriber allows an attacker with pgcreatesubscription rights to execute arbitrary SQL as a superuser. The attack takes effect when pgcreatesubscriber next runs. Within major versions 17 and 18, minor versions before PostgreSQL 18.4 and 17.10 are affected...

7.2CVSS6.1AI score0.00287EPSS
Exploits0References10
NVD
NVD
added 2026/04/24 6:16 p.m.8 views

CVE-2026-41680

Marked is a markdown parser and compiler. From 18.0.0 to 18.0.1, a critical Denial of Service DoS vulnerability exists in marked. By providing a specific 3-byte input sequence a tab, a vertical tab, and a newline \x09\x0b\n—an unauthenticated attacker can trigger an infinite recursion loop during...

8.7CVSS0.00342EPSS
Exploits1References1
CNNVD
CNNVD
added 2026/04/05 12:0 a.m.10 views

Ollama 代码问题漏洞

Ollama is an open-source tool developed by Ollama that allows for the running, management, and customization of large language models on local devices. Ollama versions 18.1 and earlier had a code vulnerability caused by server-side request forgery in the file server/download.go...

6.5CVSS6.6AI score0.00288EPSS
Exploits2References3
CVE
CVE
added 2026/03/11 4:5 p.m.17 views

CVE-2026-1090

GitLab CE/EE versions before 18.7.6 (specifically 10.6–18.7.x), 18.8 before 18.8.6, and 18.9 before 18.9.2 were affected by an issue where, with the markdown_placeholders feature flag enabled, an authenticated user could inject JavaScript in a browser due to improper sanitization of placeholder c...

8.7CVSS5.8AI score0.00231EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2026/02/25 8:4 p.m.20 views

CVE-2026-1725 Allocation of Resources Without Limits or Throttling in GitLab

GitLab has remediated an issue in GitLab CE/EE affecting versions from 18.9 before 18.9.1 that could have under certain conditions, allowed an unauthenticated user to cause denial of service by sending specially crafted requests to a CI jobs API endpoint...

5.3CVSS0.0035EPSS
Exploits0References3
NVD
NVD
added 2026/02/11 12:16 p.m.4 views

CVE-2026-1456

GitLab has remediated an issue in GitLab CE/EE affecting all versions from 18.7 before 18.7.4, and 18.8 before 18.8.4 that could have allowed an unauthenticated user to cause denial of service through CPU exhaustion by submitting specially crafted markdown files that trigger exponential processin...

7.5CVSS0.00364EPSS
Exploits0References3
OSV
OSV
added 2026/02/11 12:16 p.m.6 views

UBUNTU-CVE-2026-1456

GitLab has remediated an issue in GitLab CE/EE affecting all versions from 18.7 before 18.7.4, and 18.8 before 18.8.4 that could have allowed an unauthenticated user to cause denial of service through CPU exhaustion by submitting specially crafted markdown files that trigger exponential processin...

7.5CVSS5.8AI score0.00364EPSS
Exploits0References5
Cvelist
Cvelist
added 2026/02/11 11:34 a.m.25 views

CVE-2025-14592 Missing Authorization in GitLab

GitLab has remediated an issue in GitLab CE/EE affecting all versions from 18.6 before 18.6.6, 18.7 before 18.7.4, and 18.8 before 18.8.4 that, under certain conditions could have allowed an authenticated user to perform unauthorized operations by submitting GraphQL mutations through the GLQL API...

3.7CVSS0.00254EPSS
Exploits0References3
OSV
OSV
added 2025/10/27 12:5 a.m.4 views

CVE-2025-11974 Allocation of Resources Without Limits or Throttling in GitLab

GitLab has remediated an issue in GitLab CE/EE affecting all versions from 11.7 before 18.3.5, 18.4 before 18.4.3, and 18.5 before 18.5.1 that could have allowed an unauthenticated attacker to create a denial of service condition by uploading large files to specific API endpoints...

6.5CVSS6.5AI score0.00351EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2025/10/09 12:0 a.m.5 views

GitLab 18.3 < 18.3.4 / 18.4 < 18.4.2 (CVE-2025-11340)

The version of GitLab installed on the remote host is affected by a vulnerability, as follows: - GitLab has remediated an issue in GitLab EE affecting all versions from 18.3 to 18.3.4, 18.4 to 18.4.2 that, under certain conditions, could have allowed authenticated users with read-only API tokens ...

7.7CVSS5.6AI score0.00349EPSS
Exploits0References4
NVD
NVD
added 2025/10/08 6:15 p.m.6 views

CVE-2025-61906

Opencast is a free, open-source platform to support the management of educational audio and video content. Prior to Opencast 17.8 and 18.2, in some situations, Opencast's editor may publish a video without notifying the user. This may lead to users accidentally publishing media not meant for...

4.3CVSS0.00274EPSS
Exploits1References3
CVE
CVE
added 2025/10/08 6:6 p.m.14 views

CVE-2025-61906

Opencast versions prior to 17.8 and 18.2 have a flaw where the editor may publish a video without notifying the user, potentially exposing internal media. The vulnerability requires a user with write access to an event who uses the editor and first clicks Save & Publish, then Save. Impact is desc...

4.3CVSS6.4AI score0.00274EPSS
Exploits1References3Affected Software1
CNNVD
CNNVD
added 2025/09/15 12:0 a.m.5 views

Apple多款产品 安全漏洞

Apple iOS is an operating system developed for mobile devices, Apple tvOS is a smart TV operating system, and Apple watchOS is a smart watch operating system. A security vulnerability exists in several Apple products, which stems from a shortcut that may bypass sandboxing restrictions. The...

8.8CVSS6.4AI score0.00277EPSS
Exploits0References10
CNNVD
CNNVD
added 2025/09/12 12:0 a.m.3 views

GitLab CE和EE 代码问题漏洞

GitLab Enterprise Edition EE and GitLab Community Edition CE are both products of GitLab, Inc. GitLab Enterprise Edition is a content management system. GitLab Enterprise Edition is a content management system. A code issue vulnerability exists in GitLab CE and EE versions 16.11 through before...

8.8CVSS6.5AI score0.00645EPSS
Exploits0References5
Microsoft CVE
Microsoft CVE
added 2025/09/04 4:55 a.m.4 views

A vulnerability was found in DPDK versions 18.11 and above

...

5.1CVSS7AI score0.00353EPSS
Exploits0
CNNVD
CNNVD
added 2025/08/12 12:0 a.m.4 views

Microsoft Azure 安全漏洞

Microsoft Azure is a suite of open, enterprise-grade cloud computing platforms from Microsoft Corporation USA. A security vulnerability exists in Microsoft Azure File Sync. An attacker can exploit the vulnerability to elevate privileges. The following products and versions are affected: Azure Fil...

7.8CVSS6.3AI score0.0027EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/04/29 12:0 a.m.5 views

Apple iOS和Apple iPadOS 安全漏洞

Apple iOS and Apple iPadOS are products of Apple Inc. Apple iOS is an operating system developed for mobile devices, and Apple iPadOS is an operating system for iPad tablets. A security vulnerability exists in Apple iOS prior to 18.4 and Apple iPadOS prior to 18.4, which stems from a memory...

8.8CVSS9.2AI score0.0127EPSS
Exploits2References7
OSV
OSV
added 2025/02/05 12:15 p.m.6 views

CVE-2024-49348

IBM Cloud Pak for Business Automation 18.0.0, 18.0.1, 18.0.2, 19.0.1, 19.0.2, 19.0.3, 20.0.1, 20.0.2, 20.0.3, 21.0.1, 21.0.2, 21.0.3, 22.0.1, and 22.0.2 allows restricting access to organizational data to valid contexts. The fact that tasks of type comment can be reassigned via API implicitly...

6.5CVSS5.8AI score0.00247EPSS
Exploits0References1
SUSE CVE
SUSE CVE
added 2025/01/23 3:48 a.m.6 views

SUSE CVE-2025-23085

A memory leak could occur when a remote peer abruptly closes the socket without sending a GOAWAY notification. Additionally, if an invalid header was detected by nghttp2, causing the connection to be terminated by the peer, the same leak was triggered. This flaw could lead to increased memory...

5.3CVSS6.7AI score0.01327EPSS
Exploits0References15
Rows per page
Query Builder