Lucene search
K

432 matches found

CBLMariner
CBLMariner
added 2026/06/18 10:27 p.m.10 views

CVE-2026-53492 affecting package containerd2 for versions less than 2.2.4-3

CVE-2026-53492 affecting package containerd2 for versions less than 2.2.4-3. A patched version of the package is available...

9.6CVSS5.8AI score0.00412EPSS
Exploits0
CBLMariner
CBLMariner
added 2026/06/18 10:27 p.m.8 views

CVE-2026-47262 affecting package containerd2 for versions less than 2.2.4-3

CVE-2026-47262 affecting package containerd2 for versions less than 2.2.4-3. A patched version of the package is available...

5.5CVSS5.8AI score0.00317EPSS
Exploits0
CBLMariner
CBLMariner
added 2026/06/18 10:27 p.m.8 views

CVE-2026-50195 affecting package containerd2 for versions less than 2.2.4-3

CVE-2026-50195 affecting package containerd2 for versions less than 2.2.4-3. A patched version of the package is available...

9.9CVSS5.8AI score0.00354EPSS
Exploits0
CBLMariner
CBLMariner
added 2026/06/18 10:27 p.m.7 views

CVE-2026-53489 affecting package containerd2 for versions less than 2.2.4-3

CVE-2026-53489 affecting package containerd2 for versions less than 2.2.4-3. A patched version of the package is available...

8.2CVSS5.8AI score0.00208EPSS
Exploits0
CBLMariner
CBLMariner
added 2026/06/18 10:27 p.m.14 views

CVE-2026-53488 affecting package containerd2 for versions less than 2.2.4-3

CVE-2026-53488 affecting package containerd2 for versions less than 2.2.4-3. A patched version of the package is available...

9.4CVSS5.8AI score0.00203EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2026/06/05 7:58 p.m.10 views

CVE-2023-52951

A cleartext transmission of sensitive information vulnerability in Synology Note Station Client before 2.2.4-703 allows man-in-the-middle attackers to obtain user credential...

5.9CVSS5.4AI score0.0013EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:35 p.m.11 views

CVE-2026-32250

NamelessMC is website software for Minecraft servers. A Reflected Cross-Site Scripting XSS vulnerability was discovered in version 2.2.4 in the id parameter of the endpoint /index.php?route=/queries/user/. The application reflects user-supplied input from the id parameter into the HTML response...

4.3CVSS5.8AI score0.00185EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:27 p.m.12 views

CVE-2026-40314

NamelessMC is website software for Minecraft servers. In version 2.2.4,core/classes/Misc/ProfilePostReactionContext.php only verifies that the wall post exists and does not enforce blocked/private-profile visibility. modules/Core/queries/reactions.php allows unauthenticated GET requests for...

6.9CVSS5.5AI score0.00272EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:17 p.m.11 views

CVE-2026-33398

NamelessMC is website software for Minecraft servers. In version 2.2.4, modules/Forum/pages/forum/getquotes.php only checks whether the caller is logged in, then reads a post by attacker-controlled post ID and returns its content. The backend helper in modules/Forum/classes/Forum.php does not...

7.1CVSS5.4AI score0.00225EPSS
Exploits0References1
CBLMariner
CBLMariner
added 2026/06/05 12:59 p.m.10 views

CVE-2026-39882 affecting package containerd2 for versions less than 2.2.4-2

CVE-2026-39882 affecting package containerd2 for versions less than 2.2.4-2. A patched version of the package is available...

5.3CVSS7.1AI score0.0019EPSS
Exploits0
CBLMariner
CBLMariner
added 2026/06/05 12:59 p.m.9 views

CVE-2026-33814 affecting package containerd2 for versions less than 2.2.4-2

CVE-2026-33814 affecting package containerd2 for versions less than 2.2.4-2. A patched version of the package is available...

7.5CVSS5.4AI score0.00781EPSS
Exploits0
EUVD
EUVD
added 2026/06/03 1:11 p.m.11 views

EUVD-2023-60579

A cleartext transmission of sensitive information vulnerability in Synology Note Station Client before 2.2.4-703 allows man-in-the-middle attackers to obtain user credential...

5.9CVSS5.8AI score0.0013EPSS
Exploits0References1
CVE
CVE
added 2026/06/03 1:11 p.m.21 views

CVE-2023-52951

CVE-2023-52951 affects the Synology Note Station Client prior to version 2.2.4-703, where sensitive data is transmitted in cleartext. This enables network-level (MITM) attackers to obtain user credentials. The CVE lists a CVSS v3.1 base score of 5.9 (MEDIUM) with high confidentiality impact and n...

5.9CVSS5.8AI score0.0013EPSS
Exploits0References1Affected Software1
Positive Technologies
Positive Technologies
added 2026/06/03 12:0 a.m.17 views

PT-2026-45929

A cleartext transmission of sensitive information vulnerability in Synology Note Station Client before 2.2.4-703 allows man-in-the-middle attackers to obtain user credential...

5.9CVSS5.8AI score0.0013EPSS
Exploits0References2
NVD
NVD
added 2026/06/02 5:16 p.m.19 views

CVE-2026-35443

NamelessMC is website software for Minecraft servers. In version 2.2.4, modules/Forum/classes/ForumPostReactionContext.php only verifies that the caller can view the forum, but it does not re-enforce topic-level viewothertopics authorization. As a result, in forums where users may enter the forum...

5.3CVSS0.00235EPSS
Exploits0References1
CVE
CVE
added 2026/06/02 4:44 p.m.22 views

CVE-2026-40571

CVE-2026-40571 (NamelessMC) affects NamelessMC website software for Minecraft servers. In version 2.2.4, the file core/classes/Misc/ProfilePostReactionContext.php only verifies that the wall post exists and does not enforce blocked/private-profile visibility. As a result, authenticated low-privil...

5.3CVSS5.8AI score0.00235EPSS
Exploits0References1
OSV
OSV
added 2026/06/02 4:44 p.m.3 views

CVE-2026-40571 NamelessMC: Reactions on private or blocking profile posts can be modified without proper authorization

NamelessMC is website software for Minecraft servers. In version 2.2.4, core/classes/Misc/ProfilePostReactionContext.php only verifies that the wall post exists and does not enforce blocked/private-profile visibility. This means that authenticated low-privileged users can add reactions to private...

5.3CVSS6AI score0.00235EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/06/02 4:41 p.m.33 views

CVE-2026-35447 NamelessMC: Private or blocking profile pages can be bypassed with direct POST requests, and reply handling allows cross-profile writes

NamelessMC is website software for Minecraft servers. In version 2.2.4, the profile page modules/Core/pages/profile.php processes wall post submissions and replies before verifying whether the viewer is authorized to access the profile. This allows any user with the profile.post permission to wri...

5.3CVSS0.00236EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/06/02 4:41 p.m.20 views

CVE-2026-35447

NamelessMC is website software for Minecraft servers. In version 2.2.4, the profile page modules/Core/pages/profile.php processes wall post submissions and replies before verifying whether the viewer is authorized to access the profile. This allows any user with the profile.post permission to wri...

5.3CVSS5.9AI score0.00236EPSS
Exploits0References2
EUVD
EUVD
added 2026/06/02 4:41 p.m.12 views

EUVD-2026-33982

NamelessMC is website software for Minecraft servers. In version 2.2.4, the profile page modules/Core/pages/profile.php processes wall post submissions and replies before verifying whether the viewer is authorized to access the profile. This allows any user with the profile.post permission to wri...

5.3CVSS5.9AI score0.00236EPSS
Exploits0References1
Rows per page
Query Builder