Lucene search
K

10 matches found

vulnersOsv
vulnersOsv
added 2026/05/18 9:0 p.m.6 views

@agentscope-ai/chat (>=1.1.43 <=1.1.68-beta.1780902884191), @ant-design/charts (>=2.2.2 <=2.6.7) +72 more potentially affected by unknown CVE via @antv/g-svg (>=2.0.0 <=2.1.1)

@antv/g-svg NPM version =2.0.0, =1.1.43, =2.2.2, =2.0.0, =1.0.0, =1.1.0, =2.0.0, =2.0.0, =0.1.6, =0.1.0, =0.1.0, =1.2.0, =2.0.28, =0.0.18, =0.0.23 and more Source cves: unknown CVE Source advisory: SNYK:JS-ANTVGSVG-16754949...

5.7AI score
Exploits0
Patchstack
Patchstack
added 2025/05/07 3:6 p.m.6 views

WordPress Submission DOM tracking for Contact Form 7 plugin <= 2.1 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by Nabil Irawan in WordPress Plugin Submission DOM tracking for Contact Form 7 versions = 2.1...

5.9CVSS8.3AI score0.00226EPSS
Exploits0Affected Software1
Positive Technologies
Positive Technologies
added 2025/01/13 12:0 a.m.5 views

PT-2025-4559 · Unknown · Miloš Đekić Inline Tweets

Name of the Vulnerable Software and Affected Versions: Miloš Đekić Inline Tweets versions n/a through 2.0 Description: The issue is related to an improper neutralization of input during web page generation, also known as Cross-site Scripting XSS, which allows Stored XSS. This means that an attack...

7.1CVSS6.6AI score0.00295EPSS
Exploits0References5
OSV
OSV
added 2024/08/20 4:15 a.m.4 views

CVE-2024-7780

The Contact Form by Bit Form: Multi Step Form, Calculation Contact Form, Payment Contact Form & Custom Contact Form builder plugin for WordPress is vulnerable to generic SQL Injection via the id parameter in versions 2.0 to 2.13.9 due to insufficient escaping on the user-supplied parameter and la...

7.2CVSS5.9AI score0.00506EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2024/08/04 12:0 a.m.4 views

PT-2024-26336 · Mongodb +1 · Mongodb +1

Name of the Vulnerable Software and Affected Versions: IBM Planning Analytics Local versions 2.0 through 2.1 Description: The issue concerns a lack of password authentication in MongoDB connections, allowing a remote attacker to gain unauthorized access to the database. This could potentially lea...

9.1CVSS8.8AI score0.0043EPSS
Exploits0References6
vulnersOsv
vulnersOsv
added 2024/03/21 9:31 a.m.6 views

br.gov.frameworkdemoiselle:demoiselle (>=3.0.0-ALPHA1 <=3.0.0-ALPHA2), ch.sbb.releasetrain:business (>=0.0.3 <=0.0.16) +396 more potentially affected by CVE-2024-29131 via org.apache.commons:commons-configuration2 (>=2.0 <=2.10.0)

org.apache.commons:commons-configuration2 MAVEN version =2.0, =3.0.0-ALPHA1, =0.0.3, =0.0.3, =0.0.3, =0.0.3, =0.0.3, =0.0.1, =2.1.0, =3.0.0, =2.0.0, =3.0.0, =2.0.0, =2.0.0, =4.0.0, =2.3, =2.9 and more Source cves: CVE-2024-29131 Source advisory: OSV:GHSA-XJP4-HW94-MVP5...

7.3CVSS6.7AI score0.02054EPSS
Exploits0
SUSE CVE
SUSE CVE
added 2023/02/15 5:3 a.m.4 views

SUSE CVE-2016-4081

epan/dissectors/packet-iax2.c in the IAX2 dissector in Wireshark 1.12.x before 1.12.11 and 2.0.x before 2.0.3 uses an incorrect integer data type, which allows remote attackers to cause a denial of service infinite loop via a crafted packet...

5.9CVSS5.9AI score0.02006EPSS
Exploits0References3
RedHat Linux
RedHat Linux
added 2022/01/26 3:52 p.m.10 views

log4j-core: Remote code execution in Log4j 2.x when logs contain an attacker-controlled string value

A flaw was found in the Apache Log4j logging library in versions from 2.0.0 and before 2.15.0. A remote attacker who can control log messages or log message parameters, can execute arbitrary code on the server via JNDI LDAP endpoint...

10CVSS7.7AI score0.99999EPSS
Exploits351References9
Positive Technologies
Positive Technologies
added 2019/10/23 12:0 a.m.7 views

PT-2019-7464 · Sandhills Development · Easy Digital Downloads

Name of the Vulnerable Software and Affected Versions: Easy Digital Downloads EDD core component versions 1.8.x through 1.8.6 Easy Digital Downloads EDD core component versions 1.9.x through 1.9.9 Easy Digital Downloads EDD core component versions 2.0.x through 2.0.4 Easy Digital Downloads EDD co...

6.1CVSS6.1AI score0.00923EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2006/07/03 4:10 p.m.6 views

security flaw

Unspecified vulnerability in Java Applets in OpenOffice.org 1.1.x aka StarOffice up to 1.1.5 and 2.0.x before 2.0.3 allows user-assisted attackers to escape the Java sandbox and conduct unauthorized activities via certain applets in OpenOffice documents...

7.6CVSS5.7AI score0.03344EPSS
Exploits0References4
Rows per page
Query Builder