Lucene search
+L

506 matches found

CVE
CVE
added 2025/06/20 12:0 a.m.28 views

CVE-2025-32877

CVE-2025-32877 affects COROS PACE 3 devices up to firmware 3.0808.0. The device identifies itself as having no input/output capabilities, leading to the use of the Just Works BLE pairing method with no authentication. This enables a machine-in-the-middle scenario and allows attackers to interact ...

9.8CVSS7.4AI score0.00623EPSS
Exploits1References3Affected Software1
RedhatCVE
RedhatCVE
added 2025/05/23 10:13 a.m.7 views

CVE-2024-32428

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Moss Web Works MWW Disclaimer Buttons allows Stored XSS.This issue affects MWW Disclaimer Buttons: from n/a through 3.0.2...

5.9CVSS5.2AI score0.00335EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 4:11 a.m.7 views

CVE-2023-39734

The leakage of the client secret in VISION MEAT WORKS TrackDiner10/10mc Line v13.6.1 allows attackers to obtain the channel access token and send crafted broadcast messages...

8.2CVSS6.8AI score0.0058EPSS
Exploits1
RedhatCVE
RedhatCVE
added 2025/05/23 4:10 a.m.8 views

CVE-2023-39051

An information leak in VISION MEAT WORKS Track Diner 10/10mbl v13.6.1 allows attackers to obtain the channel access token and send crafted messages...

7.5CVSS6.5AI score0.0062EPSS
Exploits1
RedhatCVE
RedhatCVE
added 2025/05/23 2:33 a.m.13 views

CVE-2023-1795

A vulnerability was found in SourceCodester Gadget Works Online Ordering System 1.0. It has been rated as problematic. This issue affects some unknown processing of the file /admin/products/index.php of the component GET Parameter Handler. The manipulation of the argument view with the input lead...

6.1CVSS6.2AI score0.00549EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/23 2:32 a.m.6 views

CVE-2023-1433

A vulnerability was found in SourceCodester Gadget Works Online Ordering System 1.0. It has been classified as problematic. This affects an unknown part of the file admin/products/controller.php?action=add of the component Products Handler. The manipulation of the argument filename leads to...

7.2CVSS7.2AI score0.00869EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/23 2:31 a.m.6 views

CVE-2023-1358

A vulnerability, which was classified as critical, was found in SourceCodester Gadget Works Online Ordering System 1.0. This affects an unknown part of the file /philosophy/admin/login.php of the component POST Parameter Handler. The manipulation of the argument useremail leads to sql injection. ...

9.8CVSS7.9AI score0.00726EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/22 11:15 p.m.8 views

CVE-2022-37462

A stored Cross-Site Scripting XSS vulnerability in the Chat gadget in Upstream Works Agent Desktop for Cisco Finesse through 4.2.12 and 5.0 allows remote attackers to inject arbitrary web script or HTML via AttachmentId in the file-upload details...

5.4CVSS5.6AI score0.00601EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/22 10:12 p.m.17 views

CVE-2022-39230

fhir-works-on-aws-authz-smart is an implementation of the authorization interface from the FHIR Works interface. Versions 3.1.1 and 3.1.2 are subject to Exposure of Sensitive Information to an Unauthorized Actor. This issue allows a client of the API to retrieve more information than the client’s...

6.5CVSS6.5AI score0.00608EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 7:50 p.m.7 views

CVE-2021-34073

A Cross Site Scripting XSS vulnerabilty exists in Sourcecodester Gadget Works Online Ordering System in PHP/MySQLi 1.0 via the Category parameter in an add function in category/index.php...

5.4CVSS6.1AI score0.00583EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/22 1:46 a.m.6 views

CVE-2011-5086

https50.ocx in IPWorks! SSL in the server in Unitronics UniOPC before 2.0.0 does not properly implement an unspecified function, which allows remote attackers to cause a denial of service application crash or possibly execute arbitrary code via a crafted web site...

6.8CVSS8.4AI score0.01677EPSS
Exploits0References1
OSV
OSV
added 2025/05/16 2:4 p.m.3 views

MAL-2025-3893 Malicious code in how-sezzle-works (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 8357087de81359973557c6bb5ec8ded0959d60d77dc8a8da4807ae8f57f9222a Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

7AI score
Exploits0References1
Packet Storm News
Packet Storm News
added 2025/04/17 12:0 a.m.7 views

ArtistAuditor: Auditing Artist Style Pirate in Text-To-Image Generation Models

Text-to-image models based on diffusion processes, such as DALL-E, Stable Diffusion, and Midjourney, are capable of transforming texts into detailed images and have widespread applications in art and design. As such, amateur users can easily imitate professional-level paintings by collecting an...

7AI score
Exploits0
Citrix
Citrix
added 2025/04/14 12:0 a.m.16 views

CVAD- 2308- Delete VM operation is showing access denied in the Web studio and same works in studio.

After the upgrade of the site from 2305 to 2308, the delegated users get a permissioned denied message when trying to delete a VM. Other operation from the web studio works fine. Same delete operation works fine in the desktop studio, but it shows access denied in the web studio. Under the CDF...

6.9AI score
Exploits0
Schneier on Security
Schneier on Security
added 2025/03/21 6:26 p.m.14 views

My Writings Are in the LibGen AI Training Corpus

The Atlantic has a search tool that allows you to search for specific works in the "LibGen" database of copyrighted works that Meta used to train its AI models. The rest of the article is behind a paywall, but not the search tool. It’s impossible to know exactly which parts of LibGen Meta used to...

7.3AI score
Exploits0
RedhatCVE
RedhatCVE
added 2025/02/13 9:20 a.m.9 views

CVE-2023-6942

Missing Authentication for Critical Function vulnerability in Mitsubishi Electric Corporation EZSocket versions 3.0 to 5.92, GT Designer3 Version1GOT1000 versions 1.325P and prior, GT Designer3 Version1GOT2000 versions 1.320J and prior, GX Works2 versions 1.11M to 1.626C, GX Works3 versions 1.106...

7.5CVSS7.7AI score0.00949EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2025/02/11 7:35 a.m.9 views

Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hcievent: The BR/EDR JUSTWORKS method has been aligned with LE. This alignment ensures that user confirmation is always requested since version 92516cd97fd4 „Bluetooth: Always request for user confirmation for Just...

5.5CVSS6.4AI score0.00261EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2024/12/19 3:49 a.m.3 views

SUSE CVE-2024-53144

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hcievent: Align BR/EDR JUSTWORKS paring with LE This aligned BR/EDR JUSTWORKS method with LE which since 92516cd97fd4 "Bluetooth: Always request for user confirmation for Just Works" always request user confirmation wi...

5.5CVSS8AI score0.00261EPSS
Exploits0References21
NVD
NVD
added 2024/12/17 4:15 p.m.15 views

CVE-2024-53144

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hcievent: Align BR/EDR JUSTWORKS paring with LE This aligned BR/EDR JUSTWORKS method with LE which since 92516cd97fd4 "Bluetooth: Always request for user confirmation for Just Works" always request user confirmation wi...

5.5CVSS0.00261EPSS
Exploits0References10
OSV
OSV
added 2024/12/17 4:15 p.m.5 views

UBUNTU-CVE-2024-53144

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hcievent: Align BR/EDR JUSTWORKS paring with LE This aligned BR/EDR JUSTWORKS method with LE which since 92516cd97fd4 "Bluetooth: Always request for user confirmation for Just Works" always request user confirmation wi...

5.5CVSS6.5AI score0.00261EPSS
Exploits0References36
Rows per page
Query Builder