CVE-2022-0679

The Narnoo Distributor WordPress plugin through 2.5.1 fails to validate and sanitize the libpath parameter before it is passed into a call to require via the narnoodistributorlibrequest AJAX action available to both unauthenticated and authenticated users which results in the disclosure of...

EUVD-2026-0679

An allocation of resources without limits or throttling vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains an administrator account, they can then exploit the vulnerability to prevent other systems, applications, or processes from accessin...

CVE-2020-0680

An elevation of privilege vulnerability exists in the way that the Windows Function Discovery Service handles objects in memory, aka 'Windows Function Discovery Service Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-0679, CVE-2020-0682...

CVE-2020-0679

An elevation of privilege vulnerability exists in the way that the Windows Function Discovery Service handles objects in memory, aka 'Windows Function Discovery Service Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-0680, CVE-2020-0682...

CVE-2025-0679

An issue has been discovered in GitLab CE/EE affecting all versions from 17.1 before 17.10.7, 17.11 before 17.11.3, and 18.0 before 18.0.1. Under certain conditions un-authorised users can view full email addresses that should be partially obscured...

CVE-2025-0679

creationtimestamp| type| source ---|---|--- 2025-05-22 14:43:33+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/17278...

CVE-2025-0679

CVE-2025-0679 affects GitLab CE/EE (versions 17.1–before 17.10.7, 17.11–before 17.11.3, and 18.0–before 18.0.1). The issue permits unauthorised users to view full email addresses that should be partially obscured under specific conditions. Root cause described as disclosure of private PII via UI/...

CVE-2025-0679 Exposure of Private Personal Information to an Unauthorized Actor in GitLab

An issue has been discovered in GitLab CE/EE affecting all versions from 17.1 before 17.10.7, 17.11 before 17.11.3, and 18.0 before 18.0.1. Under certain conditions un-authorised users can view full email addresses that should be partially obscured...

CVE-2025-0679 Exposure of Private Personal Information to an Unauthorized Actor in GitLab

An issue has been discovered in GitLab CE/EE affecting all versions from 17.1 before 17.10.7, 17.11 before 17.11.3, and 18.0 before 18.0.1. Under certain conditions un-authorised users can view full email addresses that should be partially obscured...

CVE-2012-0679

Apple Safari before 6.0 allows remote attackers to read arbitrary files via a feed:// URL...

GitLab 17.1 < 17.10.7 / 17.11 < 17.11.3 / 18.0 < 18.0.1 (CVE-2025-0679)

The version of GitLab installed on the remote host is affected by a vulnerability, as follows: - An issue has been discovered in GitLab CE/EE affecting all versions from 17.1 before 17.10.7, 17.11 before 17.11.3, and 18.0 before 18.0.1. Under certain conditions un-authorised users can view full...

Backdoor.Win32.Dumador.c MVID-2024-0679 Buffer Overflow

Discovery / credits: Malvuln John Page aka hyp3rlinx c 2024 Original source: https://malvuln.com/advisory/6cc630843cabf23621375830df474bc5.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Backdoor.Win32.Dumador.c Vulnerability: Remote Stack Buffer Overflow SEH Description: The...

WordPress ColorMag Theme <= 3.1.2 is vulnerable to Broken Access Control

Software ColorMag Type Theme Vulnerable versions = 3.1.2 Fixed in 3.1.3 OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2024-0679 Patch priority Medium CVSS severity Medium 6.5 Developer Claim ownership PSID a03b90ac4c61 Credits Sean Murphy Required privilege...

CVE-2024-0679

creationtimestamp| type| source ---|---|--- 2024-01-20 07:31:54+00:00| seen| https://t.me/ctinow/170546 2024-01-22 01:16:11+00:00| published-proof-of-concept| https://t.me/CNArsenal/1884 2024-02-15 15:22:01+00:00| seen| https://t.me/ctinow/185603 2024-08-16 09:02:39+00:00|...

CVE-2024-0679

The ColorMag theme for WordPress is vulnerable to unauthorized access due to a missing capability check on the pluginactioncallback function in all versions up to, and including, 3.1.2. This makes it possible for authenticated attackers, with subscriber-level access and above, to install and...

CVE-2024-0679

CVE-2024-0679 affects ColorMag Theme for WordPress: a missing capability check in plugin_action_callback() in all versions up to 3.1.2 enables authenticated users with subscriber-level access or higher to install and activate arbitrary plugins. A fix is available in ColorMag 3.1.3 (patched). CVSS...

Exploit for Missing Authorization in Themegrill Colormag

CVE-2024-0679 ColorMag = 3.1.2 - Missing Authorization to...

CVE-2023-0679

creationtimestamp| type| source ---|---|--- 2023-02-06 16:22:56+00:00| seen| https://t.me/cibsecurity/57548...

CVE-2023-0679

SourceCodester Canteen Management System 1.0 is affected by a SQL injection in removeUser.php via the id parameter. The issue, described across multiple sources (e.g., PT-2023-16449), allows remote exploitation with high attack complexity and is publicly disclosed. Root cause: improper handling/v...

CVE-2022-0679

creationtimestamp| type| source ---|---|--- 2022-03-28 22:41:49+00:00| seen| https://t.me/cibsecurity/39663 2024-12-21 00:00:00+00:00| exploited| The Shadowserver honeypot/exploited-vulnerabilities - 2024-12-21 2024-12-24 00:00:00+00:00| seen| The Shadowserver honeypot/common-vulnerabilities -...