Lucene search
K

38448 matches found

CNNVD
CNNVD
added 2026/03/23 12:0 a.m.7 views

jsrsasign 安全漏洞

jsrsasign is a signature verification library developed by Kenji Urushima. Versions of jsrsasign prior to 11.1.1 contained security vulnerabilities. These vulnerabilities stemmed from the bnModInverse function in ext/jsbn2.js, which could cause infinite loops when processing zero or negative...

8.7CVSS5.8AI score0.00554EPSS
Exploits1References5
CNNVD
CNNVD
added 2026/03/23 12:0 a.m.5 views

jsrsasign 安全漏洞

jsrsasign is a signature verification library developed by Kenji Urushima. Versions of jsrsasign prior to 11.1.1 contained security vulnerabilities. These vulnerabilities stemmed from zero-division errors in the parsing and reduction logic of ext/rsa.js and ext/jsbn.js, which could lead to RSA...

5.9CVSS5.8AI score0.001EPSS
Exploits1References5
CNNVD
CNNVD
added 2026/03/23 12:0 a.m.4 views

PHPGurukul Vehicle Record Management System 安全漏洞

PHPGurukul Vehicle Record Management System is a vehicle record management system developed by PHPGurukul Corporation. Version 1.0 of the PHPGurukul Vehicle Record Management System contains a security vulnerability. This vulnerability arises from improper cleaning of the brandname parameter in t...

4.8CVSS5.8AI score0.00184EPSS
Exploits1References2
Positive Technologies
Positive Technologies
added 2026/03/23 12:0 a.m.4 views

PT-2026-27059

Name of the Vulnerable Software and Affected Versions jsrsasign versions prior to 11.1.1 Description The jsrsasign package contains a flaw related to division by zero. This issue stems from the RSASetPublic/KEYUTIL parsing path within the 'ext/rsa.js' file and the BigInteger.modPowInt reduction...

5.9CVSS5.9AI score0.001EPSS
Exploits1References11
Tenable Nessus
Tenable Nessus
added 2026/03/23 12:0 a.m.6 views

Siemens SIMATIC S7-1500 Divide By Zero (CVE-2025-38312)

In the Linux kernel, the following vulnerability has been resolved: fbdev: core: fbcvt: avoid division by 0 in fbcvthperiod In fbfindmodecvt, iff mode-refresh somehow happens to be 0x80000000, cvt.frefresh will become 0 when multiplying it by 2 due to overflow. It's then passed to fbcvthperiod,...

5.5CVSS6.3AI score0.0015EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/03/23 12:0 a.m.6 views

SourceCodester Sales and Inventory System SQL注入漏洞

The SourceCodester Sales and Inventory System is an open-source sales and inventory management system developed by SourceCodester. Version 1.0 of the SourceCodester Sales and Inventory System contains a SQL injection vulnerability. This vulnerability arises from improper handling of the searchtxt...

6.5CVSS6.7AI score0.0025EPSS
Exploits1References5
Redos
Redos
added 2026/03/23 12:0 a.m.5 views

ROS-20260323-73-0004

A vulnerability in the ptprate function of the Linux kernel is related to the lack of division by zero check. Exploitation of the vulnerability could allow an attacker to cause a denial of service...

5.5CVSS6.1AI score0.00158EPSS
Exploits0
CNNVD
CNNVD
added 2026/03/23 12:0 a.m.9 views

PHPGurukul Vehicle Record Management System 安全漏洞

PHPGurukul Vehicle Record Management System is a vehicle record management system developed by PHPGurukul Corporation. Version 1.0 of the Phpgurukul Vehicle Record Management System contains a security vulnerability. This vulnerability arises from improper handling of the Mobile Number parameter...

4.8CVSS5.6AI score0.00184EPSS
Exploits1References2
CNNVD
CNNVD
added 2026/03/23 12:0 a.m.4 views

Code-Projects Exam Form Submission 代码注入漏洞

Code-Projects Exam Form Submission is an open-source exam form developed by Code-Projects. Version 1.0 of Code-Projects Exam Form Submission contains a code injection vulnerability. This vulnerability stems from incorrect handling of the parameter sname in the file admin/updates3.php, which may...

4.8CVSS5.7AI score0.00268EPSS
Exploits0References5
Rosalinux
Rosalinux
added 2026/03/22 6:39 p.m.9 views

Advisory ROSA-SA-2026-3223

software: cups-filters 2.0.1 OS: ROSA-CHROME unaffected versions = cups-filters-2.0.1-1 affected versions cups-filters-2.0.1-1 CVE-ID: CVE-2025-64524 BDU-ID: 2026-03142 CVE-Crit: LOW CVE-DESC.: A vulnerability in the CUPS Filters print package is related to an operation exceeding buffer boundarie...

5.5CVSS5.8AI score0.00181EPSS
Exploits1
CVE
CVE
added 2026/03/22 8:35 a.m.14 views

CVE-2026-4542

CVE-2026-4542 affects SSCMS 4.7.0, specifically the LayerImage Endpoint’s LayerImageController.Submit.cs handling of the filePaths argument. The root cause is manipulation of filePaths leading to path traversal. Attack can be performed remotely; exploit maturity is PROOF-OF-CONCEPT. CVSS metrics ...

5.5CVSS5.6AI score0.0031EPSS
Exploits0References4
SUSE CVE
SUSE CVE
added 2026/03/22 12:24 a.m.6 views

SUSE CVE-2026-23274

In the Linux kernel, the following vulnerability has been resolved: netfilter: xtIDLETIMER: reject rev0 reuse of ALARM timer labels IDLETIMER revision 0 rules reuse existing timers by label and always call modtimer on timer-timer. If the label was created first by revision 1 with XTIDLETIMERALARM...

7CVSS5.7AI score0.00123EPSS
Exploits0References95
CNNVD
CNNVD
added 2026/03/22 12:0 a.m.7 views

Projectworlds Online Notes Sharing System 安全漏洞

Projectworlds Online Notes Sharing System is an online note-sharing system developed under the open-source Projectworlds framework. Version 1.0 of the Projectworlds Online Notes Sharing System contains a security vulnerability, which stems from incorrect handling of the User parameter in the...

7.5CVSS7.2AI score0.00359EPSS
Exploits0References4
CNNVD
CNNVD
added 2026/03/22 12:0 a.m.9 views

Iperius Backup 安全漏洞

Iperius Backup is a backup tool developed by the Italian company Iperius Backup. Version 6.1.0 of Iperius Backup contains a security vulnerability. This vulnerability stems from an issue with privilege escalation, which could allow low-privilege users to execute arbitrary programs by elevating...

8.6CVSS6.1AI score0.00137EPSS
Exploits0References4
vulnersOsv
vulnersOsv
added 2026/03/21 12:34 p.m.2 views

cy-ai-trainer (>=0.0.1 <=0.0.2), llama-index-packs-vanna (>=0.0.1 <=0.3.0) +2 more potentially affected by CVE-2026-4513 via vanna (>=0.0.30 <=2.0.2)

vanna PYPI version =0.0.30, =0.0.1, =0.0.1, =1.0.0, =2.0.0 Source cves: CVE-2026-4513 Source advisory: SNYK:PYTHON-VANNA-15756488...

6.5CVSS6.5AI score0.00196EPSS
Exploits0
EUVD
EUVD
added 2026/03/21 6:30 a.m.2 views

EUVD-2026-14015

The Smarter Analytics plugin for WordPress is vulnerable to unauthorized access in all versions up to, and including, 2.0. This is due to missing authentication and capability checks on the configuration reset functionality in the global scope of smarter-analytics.php. This makes it possible for...

5.3CVSS5.8AI score0.00302EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2026/03/21 3:27 a.m.1 views

CVE-2026-2501 Ed's Social Share <= 2.0 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode Attributes

The Ed's Social Share plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's socialshare shortcode in all versions up to, and including, 2.0. This is due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for...

6.4CVSS6AI score0.00193EPSS
Exploits0References4
CVE
CVE
added 2026/03/21 3:27 a.m.9 views

CVE-2026-2501

CVE-2026-2501 : The Ed's Social Share WordPress plugin is vulnerable to Stored Cross-Site Scripting via the plugin’s social_share shortcode in all versions up to and including 2.0. The root cause is insufficient input sanitization and output escaping on user-supplied attributes. This enables auth...

6.4CVSS6AI score0.00193EPSS
Exploits0References4
ATTACKERKB
ATTACKERKB
added 2026/03/21 3:27 a.m.1 views

CVE-2026-4004

The Task Manager plugin for WordPress is vulnerable to arbitrary shortcode execution via the 'search' AJAX action in all versions up to, and including, 3.0.2. This is due to missing capability checks in the callbacksearch function and insufficient input validation that allows shortcode syntax...

6.5CVSS6.1AI score0.00254EPSS
Exploits0References8
Vulnrichment
Vulnrichment
added 2026/03/21 3:26 a.m.1 views

CVE-2026-3331 Lobot Slider Administrator <= 0.6.0 - Cross-Site Request Forgery to Settings Update

The Lobot Slider Administrator plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 0.6.0. This is due to missing or incorrect nonce validation on the fourtyslideroptionspage function. This makes it possible for unauthenticated attackers to modify...

4.3CVSS5.7AI score0.0014EPSS
Exploits0References3
Rows per page
Query Builder