Lucene search
K

8 matches found

EUVD
EUVD
added 2025/12/12 6:32 a.m.4 views

EUVD-2025-203058

The WPNakama plugin for WordPress is vulnerable to time-based SQL Injection via the 'orderby' parameter in all versions up to, and including, 0.6.3 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for...

7.5CVSS6.3AI score0.00336EPSS
Exploits0References8
CNNVD
CNNVD
added 2025/12/12 12:0 a.m.3 views

WordPress plugin WPNakama SQL注入漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform has the ability to set up personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A SQL...

7.5CVSS7.5AI score0.00336EPSS
Exploits0References7
Vulnrichment
Vulnrichment
added 2025/11/25 7:59 p.m.5 views

CVE-2025-66017 CGGMP21 presignatures can be used in the way that significantly reduces security

CGGMP24 is a state-of-art ECDSA TSS protocol that supports 1-round signing requires 3 preprocessing rounds, identifiable abort, and a key refresh protocol. In versions 0.6.3 and prior of cggmp21 and version 0.7.0-alpha.1 of cggmp24, presignatures can be used in the way that significantly reduces...

8.2CVSS6.4AI score0.00181EPSS
Exploits0References2
Cvelist
Cvelist
added 2025/05/20 12:51 p.m.21 views

CVE-2025-40635 SQL injection at Comerzzia

SQL injection vulnerability in Comerzzia Backoffice: Sales Orchestrator 3.0.15. This vulnerability allows an attacker to retrieve, create, update and delete databases via the ‘uidActivity’, ‘codCompany’ and ‘uidInstance’ parameters of the ‘/comerzzia/login’ endpoint...

9.3CVSS0.0029EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2022/09/09 3:15 p.m.4 views

CVE-2022-36872

Pending Intent hijacking vulnerability in SpayNotification in Samsung Pay prior to version 5.0.63 for KR and 5.1.47 for Global allows attackers to access files without permission via implicit Intent...

6.5CVSS5.8AI score0.00166EPSS
Exploits0References3
Circl
Circl
added 2022/02/21 5:11 p.m.6 views

CVE-2022-0633

creationtimestamp| type| source ---|---|--- 2022-02-21 17:11:04+00:00| seen| https://t.me/truesecator/2655...

6.5CVSS6.5AI score0.01979EPSS
Exploits3References1
CNVD
CNVD
added 2017/08/02 12:0 a.m.4 views

ImageMagick 'ReadMATImage' function memory leak vulnerability

ImageMagick is a set of open-source image processing software from the U.S. company ImageMagick Studio. The software can read, convert and write pictures in a variety of formats. The coders/mat.c file in ImageMagick versions 6.9.9-3 and earlier and versions 7.x through 7.0.6-3 has a A memory leak...

6.5CVSS7.2AI score0.01814EPSS
Exploits0References1
NVD
NVD
added 2002/08/12 4:0 a.m.19 views

CVE-2002-0638

setpwnam.c in the util-linux package, as included in Red Hat Linux 7.3 and earlier, and other operating systems, does not properly lock a temporary file when modifying /etc/passwd, which may allow local users to gain privileges via a complex race condition that uses an open file descriptor in...

6.2CVSS6.4AI score0.00529EPSS
Exploits0References13
Rows per page
Query Builder