30 matches found
CVE-2026-20461
creationtimestamp| type| source ---|---|--- 2026-07-01 12:44:26+00:00| seen| https://bsky.app/profile/kriptabiz.bsky.social/post/3mplkanecxd2l 2026-07-02 06:10:04+00:00| seen| https://bsky.app/profile/kriptabiz.bsky.social/post/3mpneoflxez2y 2026-07-07 16:45:03+00:00| seen|...
CVE-2026-5171
creationtimestamp| type| source ---|---|--- 2026-05-22 17:28:38+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mmhhhzhovv2p...
EUVD-2014-4416
Malware in sbrugna...
EUVD-2017-7164
Malware in sbrugna...
EUVD-2017-14520
Malware in sbrugna...
EUVD-2020-18276
Malware in sbrugna...
EUVD-2024-22637
Malicious code in bioql PyPI...
EUVD-2025-4098
Malicious code in bioql PyPI...
WordPress Event RSVP and Simple Event Management Plugin plugin <= 4.1.0 - Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability
Authenticated Contributor+ Stored Cross-Site Scripting vulnerability discovered by muhammad yudha in WordPress Plugin Event RSVP and Simple Event Management Plugin versions = 4.1.0...
GHSA-C46W-GR7F-JM2P Salt vulnerable to arbitrary event injection
Arbitrary event injection on Salt Master. The master's "minionevent" method can be used by and authorized minion to send arbitrary events onto the master's event bus...
CVE-2024-22873
Tencent Blueking CMDB v3.2.x to v3.9.x was discovered to contain a Server-Side Request Forgery SSRF via the event subscription function /service/subscription.go. This vulnerability allows attackers to access internal requests via a crafted POST request...
CVE-2023-28607
js/event-graph.js in MISP before 2.4.169 allows XSS via the event-graph relationship tooltip...
CVE-2021-24146
Lack of authorisation checks in the Modern Events Calendar Lite WordPress plugin, versions before 5.16.5, did not properly restrict access to the export files, allowing unauthenticated users to exports all events data in CSV or XML format for example...
CVE-2020-15412
An issue was discovered in MISP 2.4.128. app/Controller/EventsController.php lacks an event ACL check before proceeding to allow a user to send an event contact form...
CVE-2025-3444
creationtimestamp| type| source ---|---|--- 2025-05-22 10:42:58+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/17262 2025-05-22 12:42:23+00:00| seen| https://infosec.exchange/users/cR0w/statuses/114551537185858831...
CVE-2025-37810
CVE-2025-37810 refers to a Linux kernel issue in the usb: dwc3 gadget path where the event count check did not validate that the count did not exceed the event buffer length. The problem could allow an out-of-bounds memcpy of an event if the count is larger than the buffer, leading to a crash (ke...
CVE-2025-37810 usb: dwc3: gadget: check that event count does not exceed event buffer length
In the Linux kernel, the following vulnerability has been resolved: usb: dwc3: gadget: check that event count does not exceed event buffer length The event count is read from register DWC3GEVNTCOUNT. There is a check for the count being zero, but not for exceeding the event buffer length. Check...
CVE-2025-47668
creationtimestamp| type| source ---|---|--- 2025-05-07 18:22:49+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/15365 2025-05-07 18:26:53+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3lolzkctwsj2p 2025-05-07 19:00:52+00:00| seen|...
PT-2025-17495 · Unknown · Event Post
Name of the Vulnerable Software and Affected Versions: Bastien Ho Event post versions n/a through 5.9.11 Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting, allowing DOM-Based XSS in the Event post. Recommendations:...
CVE-2025-2877
Summary: CVE-2025-2877 concerns Red Hat Ansible Automation Platform’s Event-Driven Ansible where, in configurations with verbosity set to debug, inventory passwords are exposed in plain text during rulebook activations and related Event Streams. Affected scope (from connected docs): Red Hat Ansib...