CVE-2026-0691

creationtimestamp| type| source ---|---|--- 2026-01-17 10:27:54+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mcmfolkril2i...

EUVD-2026-0691

A NULL pointer dereference vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains an administrator account, they can then exploit the vulnerability to launch a denial-of-service DoS attack. We have already fixed the vulnerability in the...

Photon OS 5.0: Cifs PHSA-2025-5.0-0691

An update of the cifs package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2025-5.0-0691. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...

CVE-2025-0691

Improper access control in permissions component in Devolutions Server 2025.1.10.0 and earlier allows an authenticated user to bypass the "Edit permission" permission by bypassing the client side validation...

CVE-2025-0691

CVE-2025-0691 concerns Devolutions Server versions 2025.1.10.0 and earlier, where improper access control in the permissions component lets an authenticated user bypass the "Edit permission" permission by bypassing client-side validation. The impact is limited to bypassing permission checks to ed...

CVE-2025-0691

Improper access control in permissions component in Devolutions Server 2025.1.10.0 and earlier allows an authenticated user to bypass the "Edit permission" permission by bypassing the client side validation...

SUSE: Security Advisory (SUSE-SU-2025:0691-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

PT-2024-21370 · Evertz Microsystems · Mvip-Ii +4

Name of the Vulnerable Software and Affected Versions: Evertz microsystems MViP-II Firmware version 8.6.5 Evertz microsystems XPS-EDGE- Build 1467 Evertz microsystems evEDGE-EO- Build 0029 Evertz microsystems MMA10G- Build 0498 Evertz microsystems 570IPG-X19-10G Build 0691 Description: The issue...

CVE-2024-0691

creationtimestamp| type| source ---|---|--- 2024-02-15 22:31:45+00:00| seen| https://t.me/ctinow/185931...

CVE-2024-0691 FileBird <= 5.6.0 - Authenticated(Administrator+) Stored Cross-Site Scripting via Folder Import

The FileBird plugin for WordPress is vulnerable to Stored Cross-Site Scripting via imported folder titles in all versions up to, and including, 5.5.8.1 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with administrator access, to...

WordPress Filebird Plugin <= 5.6.0 is vulnerable to Cross Site Scripting (XSS)

Software Filebird Type Plugin Vulnerable versions = 5.6.0 Fixed in 5.6.1 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-0691 Patch priority Low CVSS severity Low 5.9 Developer Claim ownership PSID 80c98e521f35 Credits Thomas Sanzey Required privileg...

WordPress Metform Elementor Contact Form Builder Plugin < 3.3.2 Multiple Information Disclosure Vulnerabilities

The WordPress plugin SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:wpmet:metformelementorcontactformbuilder"; if description...

fgyc.0691.org Cross Site Scripting vulnerability OBB-3430665

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

WordPress Metform Elementor Contact Form Builder Plugin <= 3.3.1 is vulnerable to Sensitive Data Exposure

Software Metform Elementor Contact Form Builder Type Plugin Vulnerable versions = 3.3.1 Fixed in 3.3.2 OWASP Top 10 A3: Sensitive Data Exposure Classification Sensitive Data Exposure CVE CVE-2023-0691 Patch priority Medium CVSS severity Medium 4.3 Developer Wpmet PSID 747e7584ba0a Credits Ramuel...

CVE-2023-0691

The Metform Elementor Contact Form Builder for WordPress is vulnerable to Information Disclosure via the 'mflastname' shortcode in versions up to, and including, 3.3.1. This allows authenticated attackers, with subscriber-level capabilities or above to obtain sensitive information about arbitrary...

CVE-2023-0691

CVE-2023-0691 affects the Metform Elementor Contact Form Builder plugin for WordPress. The vulnerability is an information disclosure via the mf_last_name shortcode, allowing authenticated attackers with subscriber-level capabilities or higher to access the submitter’s last name from arbitrary fo...

CVE-2023-0691 Metform Elementor Contact Form Builder <= 3.3.1 - Authenticated (Subscriber+) Information Disclosure via mf_last_name shortcode

The Metform Elementor Contact Form Builder for WordPress is vulnerable to Information Disclosure via the 'mflastname' shortcode in versions up to, and including, 3.3.1. This allows authenticated attackers, with subscriber-level capabilities or above to obtain sensitive information about arbitrary...

CVE-2023-0691 Metform Elementor Contact Form Builder <= 3.3.1 - Authenticated (Subscriber+) Information Disclosure via mf_last_name shortcode

The Metform Elementor Contact Form Builder for WordPress is vulnerable to Information Disclosure via the 'mflastname' shortcode in versions up to, and including, 3.3.1. This allows authenticated attackers, with subscriber-level capabilities or above to obtain sensitive information about arbitrary...

SUSE SLES12 Security Update : hdf5 (SUSE-SU-2023:0691-1)

The remote SUSE Linux SLES12 / SLESSAP12 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2023:0691-1 advisory. - Buffer Overflow vulnerability in HDFGroup hdf5-h5dump 1.12.0 through 1.13.0 allows attackers to cause a denial of service via...

[SECURITY] [DLA 3336-1] node-url-parse security update

Debian LTS Advisory DLA-3336-1 [email protected] https://www.debian.org/lts/security/ Guilhem Moulin February 23, 2023 https://wiki.debian.org/LTS Package : node-url-parse Version : 1.2.0-2+deb10u2 CVE ID : CVE-2021-3664 CVE-2021-27515 CVE-2022-0512 CVE-2022-0639 CVE-2022-0686...