Lucene search
K

130931 matches found

CNVD
CNVD
•added 2025/01/10 12:0 a.m.•7 views

WordPress Show Analytics widget plugin cross-site scripting vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting...

6.5CVSS6.2AI score0.00334EPSS
Exploits0References1
CNVD
CNVD
•added 2025/01/10 12:0 a.m.•3 views

WordPress Plugin eDoc Easy Tables SQL Injection Vulnerability

WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A SQL injection vulnerability exists in WordPress plugin eDoc Easy Tables version 1.29 and earlier...

8.5CVSS7.8AI score0.00446EPSS
Exploits0References1
CNVD
CNVD
•added 2025/01/10 12:0 a.m.•5 views

WordPress Plugin Elementor Addons AI Addons Information Disclosure Vulnerability

WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. An information disclosure vulnerability exists in WordPress plugin Elementor Addons AI Addons version...

4.3CVSS6.1AI score0.00434EPSS
Exploits0References1
CNVD
CNVD
•added 2025/01/10 12:0 a.m.•5 views

WordPress plugin Email Reminders cross-site scripting vulnerability

WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. WordPress plugin Email Reminders version 2.0.5 and previous versions of cross-site scripting vulnerabili...

5.9CVSS6.6AI score0.00295EPSS
Exploits0References1
CNVD
CNVD
•added 2025/01/10 12:0 a.m.•3 views

WordPress Plugin EMC2 Alert Boxes Cross-Site Scripting Vulnerability

WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. WordPress plugin EMC2 Alert Boxes version 1.3 and previous versions exist cross-site scripting...

6.5CVSS6.6AI score0.00218EPSS
Exploits0References1
CNVD
CNVD
•added 2025/01/10 12:0 a.m.•4 views

WordPress plugin EO4WP cross-site scripting vulnerability

WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. WordPress plugin EO4WP version 1.0.7 and previous versions of cross-site scripting vulnerability , the...

6.5CVSS6.6AI score0.00206EPSS
Exploits0References1
CNVD
CNVD
•added 2025/01/10 12:0 a.m.•8 views

WordPress Plugin Enable Accessibility Cross-Site Scripting Vulnerability

WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. WordPress plugin Enable Accessibility version 1.4.1 and previous versions of the existence of cross-site...

6.1CVSS6.9AI score0.0028EPSS
Exploits0References1
CNVD
CNVD
•added 2025/01/10 12:0 a.m.•7 views

WordPress Plugin Estatik Mortgage Calculator Cross-Site Scripting Vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting...

6.1CVSS6.2AI score0.00424EPSS
Exploits0References1
CNVD
CNVD
•added 2025/01/10 12:0 a.m.•5 views

WordPress Plugin FlickRocket Cross-Site Scripting Vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. WordPress plugin FlickRocke...

6.1CVSS6.6AI score0.0037EPSS
Exploits0References1
CNVD
CNVD
•added 2025/01/10 12:0 a.m.•5 views

WordPress plugin formafzar cross-site scripting vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. WordPress plugin formafzar...

6.5CVSS6.8AI score0.00324EPSS
Exploits0References1
CNVD
CNVD
•added 2025/01/10 12:0 a.m.•4 views

WordPress Plugin Geo Content Cross-Site Scripting Vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. WordPress plugin Geo Conten...

6.4CVSS6.6AI score0.00313EPSS
Exploits0References1
CNVD
CNVD
•added 2025/01/10 12:0 a.m.•5 views

WordPress Plugin GDY Modular Content Cross-Site Scripting Vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. WordPress plugin GDY Modula...

6.1CVSS6.8AI score0.00427EPSS
Exploits0References1
CNVD
CNVD
•added 2025/01/10 12:0 a.m.•6 views

WordPress Plugin Google Adwords Information Disclosure Vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. WordPress plugin Google...

5.3CVSS6.2AI score0.00353EPSS
Exploits0References1
CNVD
CNVD
•added 2025/01/10 12:0 a.m.•6 views

WordPress plugin Gutentor cross-site scripting vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. WordPress plugin Gutentor...

6.5CVSS6.8AI score0.00276EPSS
Exploits0References1
CNVD
CNVD
•added 2025/01/10 12:0 a.m.•7 views

WordPress Plugin WPMU Prefill Post SQL Injection Vulnerability

WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A SQL injection vulnerability exists in WordPress plugin WPMU Prefill Post version 1.02 and earlier...

7.6CVSS7.8AI score0.00564EPSS
Exploits0References1
CNVD
CNVD
•added 2025/01/10 12:0 a.m.•4 views

Unspecified Vulnerability in SonicWall SonicOS (CNVD-2025-01663)

SonicWALL SonicOS is a set of operating systems designed for SonicWall firewall appliances from SonicWALL, Inc. A security vulnerability exists in SonicWALL SonicOS, which stems from a post-authentication absolute path traversal vulnerability that can be exploited by an authenticated remote...

4.9CVSS6.8AI score0.00617EPSS
Exploits0References1
CNVD
CNVD
•added 2025/01/10 12:0 a.m.•7 views

Google Android has an unspecified vulnerability (CNVD-2025-01664)

Google Android is a Linux-based open source operating system from Google. Google Android has a security vulnerability that stems from a possible biometric bypass. No details of the vulnerability are provided at this time...

7.8CVSS6.8AI score0.00076EPSS
Exploits0References1
CNVD
CNVD
•added 2025/01/10 12:0 a.m.•4 views

Google Android lwis_ioctl.c Heap Buffer Overflow Vulnerability

Google Android is a Linux-based open source operating system developed by Google Inc. in the United States. Google Android suffers from a security vulnerability that originates from a heap buffer overflow in the constructtransactionfromcmd function of the lwisioctl.c file, which may have...

7.8CVSS7.4AI score0.00082EPSS
Exploits0References1
CNVD
CNVD
•added 2025/01/10 12:0 a.m.•13 views

Google Android elevation of privilege vulnerability (CNVD-2025-01825)

Google Android is a Linux-based open source operating system developed by Google Inc. in the United States. Google Android suffers from a security vulnerability, no details of the vulnerability are provided at this time...

7.8CVSS6.8AI score0.0009EPSS
Exploits0References1
CNVD
CNVD
•added 2025/01/10 12:0 a.m.•13 views

IBM Engineering Lifecycle Optimization Publishing SQL Injection Vulnerability

IBM Engineering Lifecycle Optimization - Publishing 7.0.2 and 7.0.3 is IBM's software for engineering lifecycle management optimization. A SQL injection vulnerability exists in IBM Engineering Lifecycle Optimization - Publishing. A remote attacker could exploit this vulnerability by sending...

7.3CVSS7.3AI score0.00303EPSS
Exploits0References1
CNVD
CNVD
•added 2025/01/10 12:0 a.m.•5 views

Unspecified Vulnerability in SonicWall SonicOS (CNVD-2025-01661)

SonicWALL SonicOS is a set of operating systems designed for SonicWall firewall appliances from SonicWALL, Inc. A security vulnerability exists in SonicWALL SonicOS, which stems from a format string issue that can be exploited by an authenticated, remote attacker to crash the firewall and...

7.2CVSS7.3AI score0.00697EPSS
Exploits0References1
CNVD
CNVD
•added 2025/01/10 12:0 a.m.•6 views

Logic flaw vulnerability in SAG security gateway of Beijing Shenzhou Green Alliance Technology Co.

SAG Security Gateway is an intelligent access gateway service. A logic flaw vulnerability exists in the SAG Security Gateway of Beijing Shenzhou Green Alliance Technology Co. Ltd, which can be exploited by attackers to obtain sensitive information...

6.7AI score
Exploits0
CNVD
CNVD
•added 2025/01/10 12:0 a.m.•1 views

Online Shoe Store details.php File SQL Injection Vulnerability

Online Shoe Store is an online shoe store system. Online Shoe Store suffers from a SQL injection vulnerability that originates from the id parameter in the /details.php page that lacks validation of externally entered SQL statements. An attacker can exploit this vulnerability to execute illegal S...

9.8CVSS8.3AI score0.00584EPSS
Exploits1References1
CNVD
CNVD
•added 2025/01/10 12:0 a.m.•1 views

Online Shoe Store details2.php file SQL Injection Vulnerability

Online Shoe Store is an online shoe store system. Online Shoe Store suffers from a SQL injection vulnerability that originates from the id parameter in the /details2.php page that lacks validation of externally-entered SQL statements. An attacker can exploit this vulnerability to execute illegal...

9.8CVSS8.3AI score0.00509EPSS
Exploits1References1
CNVD
CNVD
•added 2025/01/10 12:0 a.m.•0 views

Online Shoe Store /login.php File SQL Injection Vulnerability

Online Shoe Store is an online shoe store system. Online Shoe Store suffers from a SQL injection vulnerability that originates from the lack of validation of the password parameter in the /function/login.php page against externally entered SQL statements. An attacker can exploit this vulnerabilit...

9.8CVSS8.4AI score0.00673EPSS
Exploits1References1
CNVD
CNVD
•added 2025/01/10 12:0 a.m.•2 views

Online Shoe Store summary.php File SQL Injection Vulnerability

Online Shoe Store is an online shoe store system. Online Shoe Store suffers from a SQL injection vulnerability that originates from the lack of validation of the tid parameter in the /summary.php page against externally entered SQL statements. The vulnerability can be exploited by an attacker to...

9.8CVSS8.3AI score0.00489EPSS
Exploits1References1
CNVD
CNVD
•added 2025/01/10 12:0 a.m.•2 views

Google Android lwis_periodic_io.c out-of-bounds write vulnerability

Google Android is an open source cell phone operating system developed by Google. Google Android suffers from an out-of-bounds write vulnerability that originates from an integer overflow in the prepareresponse function of the lwisperiodicio.c file, which can be exploited by an attacker to achiev...

7.8CVSS7.2AI score0.0008EPSS
Exploits0References1
CNVD
CNVD
•added 2025/01/10 12:0 a.m.•1 views

Google Android sms_Utilities.c Out-of-Bounds Read Vulnerability

Google Android is an open source cell phone operating system developed by Google. Google Android suffers from an out-of-bounds read vulnerability that stems from incorrect boundary checking of the smsDisplayHexDumpOfPrivacyBuffer function in the smsUtilities.c file. An attacker can exploit the...

7.5CVSS6.6AI score0.00277EPSS
Exploits0References1
CNVD
CNVD
•added 2025/01/10 12:0 a.m.•1 views

Google Android app bypasses VPN elevation of privilege vulnerability

Google Android is an open source cell phone operating system developed by Google. Google Android suffers from an elevation of privilege vulnerability that stems from an undeclared permission to add an application to bypass a VPN.An attacker can exploit this vulnerability to achieve a local...

7.8CVSS6.9AI score0.00076EPSS
Exploits0References1
CNVD
CNVD
•added 2025/01/10 12:0 a.m.•8 views

WordPress plugin Hash Elements cross-site scripting vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. WordPress plugin Hash...

6.5CVSS6.8AI score0.00237EPSS
Exploits0References1
CNVD
CNVD
•added 2025/01/10 12:0 a.m.•6 views

WordPress Plugin Form Maker by 10Web Cross-Site Scripting Vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. WordPress plugin Form Maker...

2.7CVSS6.8AI score0.00401EPSS
Exploits1References1
CNVD
CNVD
•added 2025/01/10 12:0 a.m.•5 views

Unspecified Vulnerability in SonicWall SonicOS (CNVD-2025-01662)

SonicWALL SonicOS is a set of operating systems designed for SonicWall firewall appliances from SonicWALL, Inc. A security vulnerability exists in SonicWALL SonicOS that stems from an integer buffer overflow vulnerability via IPSec, which can be exploited by remote attackers to cause a denial of...

9.8CVSS8.4AI score0.00786EPSS
Exploits0References1
CNVD
CNVD
•added 2025/01/10 12:0 a.m.•13 views

Emlog Pro Cross-Site Scripting Vulnerability (CNVD-2025-01706)

Emlog Pro is a lightweight blogging system that provides easy-to-use blog management features. A cross-site scripting vulnerability exists in Emlog Pro 2.4.3. The vulnerability originates from unknown functionality in the file /admin/twitter.php of the Subpage Handler component. An attacker can...

5.4CVSS6.1AI score0.0029EPSS
Exploits1References1
CNVD
CNVD
•added 2025/01/10 12:0 a.m.•2 views

Responsive Hotel Site print.php Page SQL Injection Vulnerability

Responsive Hotel Site is a responsive hotel website. Responsive Hotel Site suffers from a SQL injection vulnerability that originates from a lack of validation of externally entered SQL statements in the pid parameter of the /admin/print.php page. The vulnerability can be exploited by an attacker...

9.8CVSS8.2AI score0.00655EPSS
Exploits1References1
CNVD
CNVD
•added 2025/01/10 12:0 a.m.•8 views

Unspecified vulnerability in Linux kernel (CNVD-2025-01666)

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel. The vulnerability originates from the fact that when the "kernel IBT no ENDBR" self-test is triggered in the x86/fred modul...

5.5CVSS6.8AI score0.00219EPSS
Exploits0References1
CNVD
CNVD
•added 2025/01/10 12:0 a.m.•12 views

Apache OpenMeetings Code Issue Vulnerability

Apache OpenMeetings is an open source audio and video conferencing software widely used for enterprise-class online collaboration and meeting management. A security vulnerability exists in Apache OpenMeetings. An attacker could exploit the vulnerability to cause untrusted data to be deserialized...

9.8CVSS9.3AI score0.65176EPSS
Exploits0References1
CNVD
CNVD
•added 2025/01/10 12:0 a.m.•5 views

SonicWall SonicOS Stack Overflow Vulnerability

SonicWALL SonicOS is a set of operating systems designed for SonicWall firewall appliances from SonicWALL, Inc. A security vulnerability exists in SonicWALL SonicOS that stems from the presence of a stack-based buffer overflow, which can be exploited by an authenticated, remote attacker to crash...

7.2CVSS7.5AI score0.00792EPSS
Exploits0References1
CNVD
CNVD
•added 2025/01/10 12:0 a.m.•9 views

Unspecified vulnerability in Linux kernel (CNVD-2025-01665)

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a special USB interrupt interface for MediaTek in the btusb driver for Bluetooth modules that needs to be...

5.5CVSS6.5AI score0.00213EPSS
Exploits0References1
CNVD
CNVD
•added 2025/01/10 12:0 a.m.•8 views

Unspecified Vulnerability in Ffmpeg (CNVD-2025-01669)

FFmpeg is a complete solution for recording, converting and streaming audio and video from the FFmpeg team. A security vulnerability exists in FFmpeg. An attacker can exploit this vulnerability to commit a denial of service by triggering a null pointer dereference during initialization of a...

7.5CVSS6.7AI score0.00534EPSS
Exploits1References1
CNVD
CNVD
•added 2025/01/10 12:0 a.m.•11 views

Ffmpeg Information Disclosure Vulnerability

FFmpeg is a complete solution for recording, converting and streaming audio and video from the FFmpeg team. An information disclosure vulnerability exists in FFmpeg, which stems from incorrect parsing of non-TTY-compliant input files in HLS playlists, and can be exploited by an attacker to cause ...

5.3CVSS6.2AI score0.00412EPSS
Exploits1References1
CNVD
CNVD
•added 2025/01/10 12:0 a.m.•9 views

WordPress Plugin Education LMS Cross-Site Scripting Vulnerability

WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. WordPress plugin Education LMS version 0.0.7 and previous versions exist cross-site scripting...

6.5CVSS6.6AI score0.00287EPSS
Exploits0References1
CNVD
CNVD
•added 2025/01/10 12:0 a.m.•7 views

WordPress Plugin DynamicTags SQL Injection Vulnerability

WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A SQL injection vulnerability exists in WordPress plugin DynamicTags version 1.4.0 and earlier versions,...

8.5CVSS7.8AI score0.00353EPSS
Exploits0References1
CNVD
CNVD
•added 2025/01/10 12:0 a.m.•8 views

WordPress Plugin ElementsCSS Addons for Elementor Cross-Site Scripting Vulnerability

WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. Cross-site scripting vulnerability exists in WordPress plugin ElementsCSS Addons for Elementor version...

6.5CVSS6.6AI score0.00206EPSS
Exploits0References1
CNVD
CNVD
•added 2025/01/10 12:0 a.m.•2 views

Online Shoe Store Improper Access Control Vulnerability

Online Shoe Store is an online shoe store system. Online Shoe Store has an Improper Access Control vulnerability that stems from multiple parameters in the /admin/index.php page containing an improper access control vulnerability. No details of the vulnerability are available at this time...

8.8CVSS7AI score0.00608EPSS
Exploits1References1
CNVD
CNVD
•added 2025/01/10 12:0 a.m.•7 views

WordPress Plugin Groundhogg Cross-Site Scripting Vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting...

7.1CVSS6.2AI score0.00669EPSS
Exploits0References1
CNVD
CNVD
•added 2025/01/08 12:0 a.m.•2 views

Information Leakage Vulnerability in Education Cloud Application Center of Beijing Software Branch of KDDI (Beijing) Co.

Ltd. has been engaged in the research of core artificial intelligence technologies such as intelligent speech, computer vision, natural language processing, cognitive intelligence and other core technologies and maintains the international cutting-edge level. There is an information leakage...

6.7AI score
Exploits0
CNVD
CNVD
•added 2025/01/08 12:0 a.m.•6 views

Command Execution Vulnerability in Operation and Maintenance Management Audit System of Shanghai Shangxun Information Technology Co.

hereinafter referred to as "SinoCom-ArtM" is one of the leading providers of data, intelligent security operation and maintenance, mobile security, security services and other fields in China. A command execution vulnerability exists in the Operations and Maintenance Management and Audit System o...

8AI score
Exploits0
CNVD
CNVD
•added 2025/01/08 12:0 a.m.•22 views

Linux Kernel Memory Misreference Vulnerability (CNVD-2025-02555)

Linux Kernel is an open source operating system kernel, which is one of the core components of the operating system. A memory misreference vulnerability exists in the Linux Kernel. The vulnerability arises because the VAS window saves VMA addresses in the VAS window structure when mapping paste...

7.8CVSS7.2AI score0.00204EPSS
Exploits0References1
CNVD
CNVD
•added 2025/01/08 12:0 a.m.•8 views

Linux kernel use-after-release vulnerability

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A use-after-release vulnerability exists in the Linux kernel. An attacker could exploit this vulnerability to cause a use-after-release issue on the system, which could result ...

7.8CVSS7.1AI score0.00197EPSS
Exploits0References1
CNVD
CNVD
•added 2025/01/07 12:0 a.m.•6 views

Binary Vulnerability in Longxin Browser of Longxin Zhongke Technology Co.

Longxin Browser is a browser developed by Longxin Zhongke Longxin Zhongke Technology Co., Ltd.. A binary vulnerability exists in Longxin Browser, which can be exploited by attackers to cause a denial of service...

6.9AI score
Exploits0
Total number of security vulnerabilities130931