Lucene search
K

2773 matches found

Vulnrichment
Vulnrichment
added 2025/08/05 9:2 a.m.3 views

CVE-2025-8554 atjiu pybbs list cross site scripting

A vulnerability, which was classified as problematic, has been found in atjiu pybbs up to 6.0.0. This issue affects some unknown processing of the file /admin/user/list. The manipulation of the argument Username leads to cross site scripting. The attack may be initiated remotely. The exploit has...

4.8CVSS6.5AI score0.00235EPSS
Exploits1References7
CVE
CVE
added 2025/08/05 6:2 a.m.24 views

CVE-2025-8548

Affects atjiu pybbs up to 6.0.0 in the Registered Email Handler: the sendEmailCode function (SettingsApiController.java) exposes information via error messages when the email argument is manipulated. The issue can be remotely triggered with high attack complexity; exploitation is publicly disclos...

6.3CVSS4.2AI score0.00434EPSS
Exploits1References7Affected Software1
Tenable Nessus
Tenable Nessus
added 2025/08/05 12:0 a.m.2 views

Linux Distros Unpatched Vulnerability : CVE-2025-38189

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - drm/v3d: Avoid NULL pointer dereference in v3djobupdatestats The following kernel Oops was recently reported by Mesa CI: 800.139824 Unable to handle kernel NULL...

5.5CVSS6.5AI score0.00145EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/08/05 12:0 a.m.3 views

Linux Distros Unpatched Vulnerability : CVE-2021-47148

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: octeontx2-pf: fix a buffer overflow in otx2setrxfhcontext This function is called from...

7.8CVSS6AI score0.00234EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/08/05 12:0 a.m.4 views

Linux Distros Unpatched Vulnerability : CVE-2025-38091

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - drm/amd/display: check stream id dml21 wrapper to get planeid Why & How Fix a false positive warning which occurs due to lack of correct checks when querying...

7.8CVSS6.6AI score0.00142EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2025/08/05 12:0 a.m.6 views

PT-2025-31910 · Unknown · Atjiu Pybbs

Name of the Vulnerable Software and Affected Versions: atjiu pybbs versions up to 6.0.0 Description: A critical issue exists in atjiu pybbs up to version 6.0.0 related to weak password requirements in the update function of the file...

6.3CVSS4.4AI score0.00398EPSS
Exploits1References12
Tenable Nessus
Tenable Nessus
added 2025/08/05 12:0 a.m.3 views

Linux Distros Unpatched Vulnerability : CVE-2023-52524

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: net: nfc: llcp: Add lock when modifying device list The device list needs its associated loc...

7.8CVSS6.2AI score0.00183EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/08/05 12:0 a.m.6 views

Linux Distros Unpatched Vulnerability : CVE-2025-38045

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - wifi: iwlwifi: fix debug actions order The order of actions taken for debug was implemented incorrectly. Now we implemented the dump split and do the FW reset...

5.5CVSS6.7AI score0.00157EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2025/08/05 12:0 a.m.10 views

Linux Distros Unpatched Vulnerability : CVE-2025-22057

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - net: decrease cached dst counters in dstrelease Upstream fix ac888d58869b net: do not delay dstentriesadd in dstrelease moved decrementing the dst count from...

5.5CVSS6.7AI score0.00165EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2025/08/05 12:0 a.m.9 views

Linux Distros Unpatched Vulnerability : CVE-2022-49980

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - USB: gadget: Fix use-after-free Read in usbudcuevent The syzbot fuzzer found a race between uevent callbacks and gadget driver unregistration that can cause a...

7.8CVSS6.3AI score0.00203EPSS
Exploits0References4
CVE
CVE
added 2025/08/04 11:32 p.m.63 views

CVE-2025-8534

CVE-2025-8534 affects libtiff 4.6.0, specifically PS_Lvl2page in tools/tiff2ps.c (tiff2ps). The vulnerability yields a null pointer dereference and can be triggered locally; attack complexity is high, but exploitation has been disclosed. A patch exists (6ba36f159fd396ad11bf6b7874554197736ecc8b) a...

2.5CVSS3.8AI score0.00174EPSS
Exploits1References8Affected Software1
Vulnrichment
Vulnrichment
added 2025/08/04 5:32 p.m.5 views

CVE-2025-8519 givanz Vvveb Drag-and-Drop Editor editor information disclosure

A vulnerability classified as problematic has been found in givanz Vvveb up to 1.0.5. This affects an unknown part of the file /vadmin123/index.php?module=editor/editor of the component Drag-and-Drop Editor. The manipulation of the argument url leads to information disclosure. It is possible to...

5.1CVSS6.8AI score0.00383EPSS
Exploits1References6
OSV
OSV
added 2025/08/04 3:12 p.m.4 views

GHSA-VF2R-CXG9-P7RF The ADOdb sqlite3 driver allows SQL injection

Improper escaping of a query parameter may allow an attacker to execute arbitrary SQL statements when the code using ADOdb connects to a sqlite3 database and calls the metaColumns, metaForeignKeys or metaIndexes methods with a crafted table name. Note that the indicated Severity corresponds to a...

10CVSS7.2AI score0.00463EPSS
Exploits0References6
Tenable Nessus
Tenable Nessus
added 2025/08/04 12:0 a.m.5 views

Linux Distros Unpatched Vulnerability : CVE-2019-19043

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A memory leak in the i40esetupmacvlans function in drivers/net/ethernet/intel/i40e/i40emain.c in the Linux kernel through 5.3.11 allows attackers to cause a...

5.5CVSS6.5AI score0.00393EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/08/04 12:0 a.m.3 views

Linux Distros Unpatched Vulnerability : CVE-2024-27390

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: ipv6: mcast: remove one synchronizenet barrier in ipv6mcdown As discussed in the past commit...

5.5CVSS5.9AI score0.00223EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/08/04 12:0 a.m.2 views

Linux Distros Unpatched Vulnerability : CVE-2025-5991

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - There is a Use After Free vulnerability in Qt's QHttp2ProtocolHandler in the QtNetwork module. This only affects HTTP/2 handling, HTTP handling is not affected ...

2.1CVSS5.8AI score0.00119EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2025/08/01 5:38 p.m.4 views

CVE-2025-5999 Vault Root Namespace Operator May Elevate Token Privileges

A privileged Vault operator with write permissions to the root namespace’s identity endpoint could escalate their own or another user’s token privileges to Vault’s root policy. Fixed in Vault Community Edition 1.20.0 and Vault Enterprise 1.20.0, 1.19.6, 1.18.11 and 1.16.22...

7.2CVSS6.8AI score0.00459EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/07/31 8:13 p.m.3 views

CVE-2025-48071 OpenEXR's Forged Unpacked Size can Lead to Heap-Based Buffer Overflow in Deep Scanline Parsing

OpenEXR provides the specification and reference implementation of the EXR file format, an image storage format for the motion picture industry. In versions 3.3.2 through 3.3.0, there is a heap-based buffer overflow during a write operation when decompressing ZIPS-packed deep scan-line EXR files...

8.4CVSS7AI score0.00299EPSS
Exploits1References3
OSV
OSV
added 2025/07/30 8:1 p.m.5 views

CVE-2025-54584 GitProxy is vulnerable to a packfile parsing exploit

GitProxy is an application that stands between developers and a Git remote endpoint e.g., github.com. In versions 1.19.1 and below, an attacker can craft a malicious Git packfile to exploit the PACK signature detection in the parsePush.ts file. By embedding a misleading PACK signature within comm...

7CVSS6.6AI score0.0047EPSS
Exploits1References6
Patchstack
Patchstack
added 2025/07/30 3:1 p.m.8 views

WordPress JetEngine Plugin plugin <= 3.7.1.2 - Cross Site Scripting (XSS) Vulnerability

Cross Site Scripting XSS Vulnerability discovered by stealthcopter in WordPress Plugin JetEngine versions = 3.7.1.2...

6.5CVSS6AI score0.00202EPSS
Exploits0Affected Software1
Rows per page
Query Builder