Lucene search
+L

320 matches found

AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.5 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: clk: qcom: ipq8074: Fixed the PCI-E clock-related errors. Fixed kernel errors related to the PCI-E clock that are caused by a missing clock parent. pcie0rchngclksrc has numparents set to 2, but only one parent is actually set...

5.5CVSS6.4AI score0.00238EPSS
Exploits0References2
NVD
NVD
added 2026/02/19 7:17 a.m.9 views

CVE-2026-0556

The XO Event Calendar plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'xoeventfield' shortcode in all versions up to, and including, 3.2.10 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for...

6.4CVSS0.00307EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/02/19 4:36 a.m.30 views

CVE-2026-0556 XO Event Calendar <= 3.2.10 - Authenticated (Contributor+) Stored Cross-Site Scripting via 'xo_event_field' shortcode

The XO Event Calendar plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'xoeventfield' shortcode in all versions up to, and including, 3.2.10 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for...

6.4CVSS0.00307EPSS
Exploits0References3
CVE
CVE
added 2026/02/19 4:36 a.m.42 views

CVE-2026-0556

CVE-2026-0556 concerns the XO Event Calendar WordPress plugin (versions

6.4CVSS5.7AI score0.00307EPSS
Exploits0References3
Patchstack
Patchstack
added 2026/02/19 12:14 a.m.11 views

WordPress XO Event Calendar plugin <= 3.2.10 - Authenticated (Contributor+) Stored Cross-Site Scripting via 'xo_event_field' shortcode vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting via 'xoeventfield' shortcode vulnerability discovered by Muhammad Yudha - DJ in WordPress Plugin XO Event Calendar versions = 3.2.10...

6.4CVSS5.5AI score0.00307EPSS
Exploits0References1Affected Software1
Positive Technologies
Positive Technologies
added 2026/02/19 12:0 a.m.10 views

PT-2026-20626

The XO Event Calendar plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'xo event field' shortcode in all versions up to, and including, 3.2.10 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for...

6.4CVSS5.7AI score0.00307EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2026/01/09 10:34 a.m.4 views

CVE-2017-18541

The xo-security plugin before 1.5.3 for WordPress has XSS...

6.1CVSS6.9AI score0.00915EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/11/24 8:38 p.m.12 views

CVE-2025-52538

Improper input validation within the XOCL driver may allow a local attacker to generate an integer overflow condition, potentially resulting in loss of confidentiality or availability...

8CVSS0.00118EPSS
Exploits0References1
CVE
CVE
added 2025/11/24 7:45 p.m.15 views

CVE-2025-0005

AMD XOCL driver (OpenCL) within the AMD XRT framework is affected by CVE-2025-0005 due to improper input validation, enabling a local overflow that can crash the system or cause a denial of service. Root cause: input validation flaw in XOCL. Impact: local attacker could trigger crash/DoS with low...

7.3CVSS6.5AI score0.00112EPSS
Exploits0References1
EUVD
EUVD
added 2025/11/13 3:23 a.m.3 views

EUVD-2025-175463

Malicious code in xo-sequelize-thermochronology-resonance npm...

6.6AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/11/13 3:23 a.m.6 views

Malicious code in xo-morgan-css-loader-prompts (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector df18935c38976d8952bf589369f1a0e87fbdb16e09e484594e5e302fd8d55ee6 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

6.9AI score
Exploits0
EUVD
EUVD
added 2025/11/13 3:23 a.m.3 views

EUVD-2025-177406

Malicious code in orogeny-algol-kastra-xo npm...

6.6AI score
Exploits0
EUVD
EUVD
added 2025/11/13 3:23 a.m.2 views

EUVD-2025-177273

Malicious code in pegasus-xo-charon-karma npm...

6.6AI score
Exploits0
EUVD
EUVD
added 2025/11/13 3:23 a.m.4 views

EUVD-2025-175464

Malicious code in xo-quasarjet-publish-npm npm...

6.6AI score
Exploits0
EUVD
EUVD
added 2025/11/13 3:23 a.m.6 views

EUVD-2025-178988

Malicious code in exec-zephyr-xo-izar npm...

6.6AI score
Exploits0
EUVD
EUVD
added 2025/11/13 3:23 a.m.3 views

EUVD-2025-178527

Malicious code in hexo-publish-hexo-xo npm...

6.6AI score
Exploits0
EUVD
EUVD
added 2025/11/13 3:23 a.m.4 views

EUVD-2025-175473

Malicious code in xo-csrf-radiant-halley npm...

6.6AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/11/13 3:23 a.m.5 views

Malicious code in mui-auth-betelgeuse-xo (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e0b2fd7a8c638947ae3bfc4c81fb4a2b89e7cee50538831189f80aab8974dcde This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

6.9AI score
Exploits0
EUVD
EUVD
added 2025/11/13 3:23 a.m.3 views

EUVD-2025-180074

Malicious code in biogeochemistry-multiverse-xo-regulus npm...

6.6AI score
Exploits0
EUVD
EUVD
added 2025/11/13 3:23 a.m.4 views

EUVD-2025-177265

Malicious code in perseus-astrobiology-xo-postgres npm...

6.6AI score
Exploits0
Rows per page
Query Builder