Lucene search
K

355 matches found

NVD
NVD
added 2025/11/12 11:15 a.m.17 views

CVE-2025-40143

In the Linux kernel, the following vulnerability has been resolved: bpf: dont report verifier bug for missing bpfsccvisit on speculative path Syzbot generated a program that triggers a verifierbug call in maybeexitscc. maybeexitscc assumes that, when called for a state with insnidx in some SCC,...

0.00241EPSS
Exploits0References2
OSV
OSV
added 2025/11/12 11:15 a.m.8 views

UBUNTU-CVE-2025-40143

In the Linux kernel, the following vulnerability has been resolved: bpf: dont report verifier bug for missing bpfsccvisit on speculative path Syzbot generated a program that triggers a verifierbug call in maybeexitscc. maybeexitscc assumes that, when called for a state with insnidx in some SCC,...

4.6CVSS5.9AI score0.00241EPSS
Exploits0References10
CVE
CVE
added 2025/11/12 10:23 a.m.17 views

CVE-2025-40143

CVE-2025-40143 concerns the Linux kernel BPF verifier. Syzbot-generated input could trigger a verifier_bug() in maybe_exit_scc() when processing a state inside an SCC, under speculative execution paths. The root cause was an assumption that an existing bpf_scc_visit instance always accompanies a ...

6AI score0.00241EPSS
Exploits0References2
Cvelist
Cvelist
added 2025/11/12 10:23 a.m.20 views

CVE-2025-40143 bpf: dont report verifier bug for missing bpf_scc_visit on speculative path

In the Linux kernel, the following vulnerability has been resolved: bpf: dont report verifier bug for missing bpfsccvisit on speculative path Syzbot generated a program that triggers a verifierbug call in maybeexitscc. maybeexitscc assumes that, when called for a state with insnidx in some SCC,...

0.00241EPSS
Exploits0References2
OSV
OSV
added 2025/11/12 10:23 a.m.6 views

CVE-2025-40143 bpf: dont report verifier bug for missing bpf_scc_visit on speculative path

In the Linux kernel, the following vulnerability has been resolved: bpf: dont report verifier bug for missing bpfsccvisit on speculative path Syzbot generated a program that triggers a verifierbug call in maybeexitscc. maybeexitscc assumes that, when called for a state with insnidx in some SCC,...

6.3AI score0.00241EPSS
Exploits0References5
Debian CVE
Debian CVE
added 2025/11/12 10:23 a.m.4 views

CVE-2025-40143

In the Linux kernel, the following vulnerability has been resolved: bpf: dont report verifier bug for missing bpfsccvisit on speculative path Syzbot generated a program that triggers a verifierbug call in maybeexitscc. maybeexitscc assumes that, when called for a state with insnidx in some SCC,...

5.4AI score0.00241EPSS
Exploits0
CVE
CVE
added 2025/11/12 7:47 a.m.17 views

CVE-2025-12872

The CVE-2025-12872 entry describes aStored Cross‑Site Scripting vulnerability in aEnrich’s a+HRD and a+HCM (Red Hat/other linked advisories confirm these products). The vulnerability arises from stored XSS where an authenticated remote attacker can upload files containing malicious JavaScript cod...

5.4CVSS5.7AI score0.00196EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2025/11/05 5:8 a.m.7 views

CVE-2025-12452

The Visit Counter plugin for WordPress is vulnerable to Cross-Site Request Forgery in version 1.0. This is due to missing or incorrect nonce validation on the widgets.php page. This makes it possible for unauthenticated attackers to update settings and inject malicious web scripts via a forged...

6.1CVSS5.8AI score0.00113EPSS
Exploits0References1
CVE
CVE
added 2025/11/04 4:27 a.m.16 views

CVE-2025-12452

The CVE-2025-12452 entry concerns the WordPress Visit Counter plugin (v1.0). It is affected by Cross-Site Request Forgery due to missing or incorrect nonce validation on widgets.php, enabling unauthenticated attackers to trigger settings updates and inject malicious scripts by persuading a site a...

6.1CVSS5.4AI score0.00113EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2025/11/04 4:27 a.m.4 views

CVE-2025-12452 Visit Counter 1.0 - Cross-Site Request Forgery to Stored Cross-Site Scripting

The Visit Counter plugin for WordPress is vulnerable to Cross-Site Request Forgery in version 1.0. This is due to missing or incorrect nonce validation on the widgets.php page. This makes it possible for unauthenticated attackers to update settings and inject malicious web scripts via a forged...

6.1CVSS5.4AI score0.00113EPSS
Exploits0References2
Cvelist
Cvelist
added 2025/11/04 4:27 a.m.10 views

CVE-2025-12452 Visit Counter 1.0 - Cross-Site Request Forgery to Stored Cross-Site Scripting

The Visit Counter plugin for WordPress is vulnerable to Cross-Site Request Forgery in version 1.0. This is due to missing or incorrect nonce validation on the widgets.php page. This makes it possible for unauthenticated attackers to update settings and inject malicious web scripts via a forged...

6.1CVSS0.00113EPSS
Exploits0References2
CNNVD
CNNVD
added 2025/11/04 12:0 a.m.6 views

WordPress plugin Visit Counter 跨站请求伪造漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress is a blogging platform developed using the PHP language, which provides the ability to host a personal blog site on a PHP and MySQL based...

6.1CVSS6.1AI score0.00113EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2025/11/04 12:0 a.m.6 views

PT-2025-44961

The Visit Counter plugin for WordPress is vulnerable to Cross-Site Request Forgery in version 1.0. This is due to missing or incorrect nonce validation on the widgets.php page. This makes it possible for unauthenticated attackers to update settings and inject malicious web scripts via a forged...

6.1CVSS5.8AI score0.00113EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/23 3:30 p.m.7 views

EUVD-2025-35691

Cross site request forgery CSRF vulnerability in KeeneticOS before 4.3 at "/rci" API endpoint allows attackers to take over the device via adding additional users with full permissions by managing the victim to open page with exploit...

5.3CVSS6.3AI score0.00169EPSS
Exploits1References3
RedhatCVE
RedhatCVE
added 2025/10/15 8:41 p.m.8 views

CVE-2025-54266

Adobe Commerce versions 2.4.9-alpha2, 2.4.8-p2, 2.4.7-p7, 2.4.6-p12, 2.4.5-p14, 2.4.4-p15 and earlier are affected by a stored Cross-Site Scripting XSS vulnerability that could be abused by a high-privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript ma...

4.8CVSS5.6AI score0.00252EPSS
Exploits0References1
OSV
OSV
added 2025/10/14 9:30 p.m.5 views

GHSA-PCRX-R49H-X2W5 Magento vulnerable to stored Cross-Site Scripting (XSS)

Magento versions 2.4.9-alpha2, 2.4.8-p2, 2.4.7-p7, 2.4.6-p12, 2.4.5-p14, 2.4.4-p15 and earlier are affected by a stored Cross-Site Scripting XSS vulnerability that could be abused by a high-privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be...

4.8CVSS5.7AI score0.00252EPSS
Exploits0References3
OSV
OSV
added 2025/10/14 8:27 p.m.3 views

CVE-2025-54266 Adobe Commerce | Cross-site Scripting (Stored XSS) (CWE-79)

Adobe Commerce versions 2.4.9-alpha2, 2.4.8-p2, 2.4.7-p7, 2.4.6-p12, 2.4.5-p14, 2.4.4-p15 and earlier are affected by a stored Cross-Site Scripting XSS vulnerability that could be abused by a high-privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript ma...

4.8CVSS5.9AI score0.00252EPSS
Exploits0References3
Cvelist
Cvelist
added 2025/10/14 8:27 p.m.9 views

CVE-2025-54266 Adobe Commerce | Cross-site Scripting (Stored XSS) (CWE-79)

Adobe Commerce versions 2.4.9-alpha2, 2.4.8-p2, 2.4.7-p7, 2.4.6-p12, 2.4.5-p14, 2.4.4-p15 and earlier are affected by a stored Cross-Site Scripting XSS vulnerability that could be abused by a high-privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript ma...

4.8CVSS0.00252EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2011-1808

Malware in sbrugna...

4.3CVSS6.1AI score0.01067EPSS
Exploits0References8
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2008-4129

Malware in sbrugna...

5CVSS6.4AI score0.02195EPSS
Exploits0References5
Rows per page
Query Builder