108224+ vulnerabilities with CVSS scores, EPSS exploit predictions, and CISA KEV status. Updated daily.
K2 ≤ 2.24 contains a mass-assignment defect in the K2 system user plugin `plg_user_k2`. A Registered Joomla user, by including the field `K2UserForm=1` in a …
K2 ≤ 2.26 renders the `#__k2_users.image` column directly into HTML `src` attributes via two distinct templates, in both cases without HTML escaping.
The K2 frontend `item.checkin` task accepts an unauthenticated `sigProFolder` query parameter and uses it directly to address a `JFolder::delete()` call under `/media/k2/galleries/`
A Joomla user with K2 "create item" rights (Author tier by default) can submit an article whose `embedVideo` POST field contains a raw `<script>` tag; …
List::SomeUtils::XS versions before 0.59 for Perl have a heap buffer overflow in the pairwise function. pairwise() collects the values returned by the block into a …
Improper bounds validation in EmberZNet SDK versions 9.0.2 and earlier may result in crashes or dynamic memory leakage.
A SQL injection vulnerability in Nessus allows an attacker to craft a malicious scan result file that, when imported by a privileged user, injects malicious …
A SQL injection vulnerability in Nessus allows a remote, unauthenticated attacker who controls reverse DNS records for a scanned host to inject malicious SQL into …
Our payment integration with Mollie did not properly validate payment status responses. An attacker could use a successful payment status response from one payment and …
Content injected to PDF rendering contexts could, in many places, include HTML content including <img> tags. If the src attribute of these images pointed to …
Malicious HTML content could be injected into the content of a page in the pretix-pages plugin.
Malicious HTML content could be injected into the page pretix shows when redirection to an untrusted page occurs. Since this page has a Content-Security-Policy, this …
Malicious HTML content contained in the layout specification of a PDF ticket or badge layout was executed when the PDF editor is opened in the …
Nokogiri is an open source XML and HTML library for the Ruby programming language. Prior to 1.19.4, Nokogiri::XML::XPathContext did not keep its source document alive …
Nokogiri is an open source XML and HTML library for the Ruby programming language. Prior to 1.19.4, Nokogiri::XML::Document#root= validated only that the new root was …
Nokogiri is an open source XML and HTML library for the Ruby programming language. Prior to 1.19.4, Nokogiri’s CRuby native extension could leave a Ruby …
Nokogiri is an open source XML and HTML library for the Ruby programming language. Prior to 1.19.4, Nokogiri contains a bug when calling certain methods …
Nokogiri is an open source XML and HTML library for the Ruby programming language. Prior to 1.19.4, calling Document#encoding= with an invalid encoding (e.g., a …
Nokogiri is an open source XML and HTML library for the Ruby programming language. Prior to 1.19.4, Nokogiri::XML::NodeSet#[] (and its alias #slice) checked the requested …
Nokogiri is an open source XML and HTML library for the Ruby programming language. Prior to 1.19.4, the NONET parse option, which Nokogiri turns on …
Remote Keyless Entry System (RKES), using the 433 MHz key fob bearing FCC ID CWTR53R0 manufactured by ALPS ALPINE CO., LTD., is vulnerable to a …
Dell Display and Peripheral Manager (DDPM Mac), versions prior to 2.3, contain an Improper Neutralization of Special Elements used in an OS Command ('OS Command …
Malicious HTML content could be injected into the content rendered by the pretix-digital plugin.
Malicious HTML content could be injected into the email address of an order, which pretix showed without sanitization on the confirmation page for individual tickets …
Our payment integration with Computop-based payment methods did not properly validate payment status responses. An attacker could use a successful payment status response from one …
Our payment integration with Oppwa-based payment methods did not properly validate payment status responses. An attacker could use a successful payment status response from one …
Contributor Sensitive Data Exposure in Elementor Website Builder <= 4.1.3 versions.
Contributor Broken Access Control in Slim SEO <= 4.6.2 versions.
Winstone Servlet Engine through 0.9.10 contains a path traversal vulnerability that allows unauthenticated attackers to read arbitrary files by sending HTTP GET requests with dot-dot-slash …
Unauthenticated Cross Site Scripting (XSS) in Forminator <= 1.53.1 versions.
Subscriber Arbitrary File Deletion in JS Help Desk <= 3.1.1 versions.
Subscriber PHP Object Injection in EventPrime <= 4.3.4.1 versions.
Unauthenticated Cross Site Scripting (XSS) in TablePress <= 3.3.1 versions.
Improper Access Control vulnerability in Themeisle PPOM for WooCommerce allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects PPOM for WooCommerce: from n/a …
Contributor Remote Code Execution (RCE) in Post Snippets <= 4.0.19 versions.
Customer Cross Site Scripting (XSS) in Advanced Order Export For WooCommerce <= 4.0.9 versions.
Customer Broken Access Control in UPI QR Code Payment Gateway for WooCommerce <= 1.6.2 versions.
Unauthenticated Cross Site Scripting (XSS) in Master Slider <= 3.11.2 versions.
Unauthenticated Insecure Direct Object References (IDOR) in License Manager for WooCommerce <= 3.0.15 versions.
Unauthenticated Cross Site Scripting (XSS) in H5P <= 1.17.6 versions.
Subscriber Cross Site Scripting (XSS) in WP Activity Log <= 5.6.3.1 versions.
Unauthenticated SQL Injection in Premmerce Wishlist for WooCommerce <= 1.1.11 versions.
Insertion of Sensitive Information Into Sent Data vulnerability in Saad Iqbal APIExperts Square for WooCommerce allows Retrieve Embedded Sensitive Data. This issue affects APIExperts Square …
Unauthenticated Local File Inclusion in MDTF <= 1.3.8 versions.
Unauthenticated Broken Access Control in CheckView Automated Testing <= 2.1.0 versions.
Unauthenticated SQL Injection in MDTF <= 1.3.7 versions.
Missing Authorization vulnerability in Royal Plugins Royal MCP allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Royal MCP: from n/a through 1.4.25.
Unauthenticated Sensitive Data Exposure in Vitepos <= 3.4.2 versions.
Subscriber SQL Injection in WC Vendors Marketplace <= 2.6.8 versions.
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in YMC Filter allows SQL Injection. This issue affects YMC Filter: from …
Free website and port scanning — find vulnerabilities before attackers do.