26 matches found
SUSE CVE-2026-10705
A flaw has been found in dask up to 3.0. Affected by this issue is the function nuniqueapprox of the file dask/dataframe/hyperloglog.py of the component HLL Handler. This manipulation causes resource consumption. The attack is possible to be carried out remotely. A high degree of complexity is...
CVE-2026-10705
creationtimestamp| type| source ---|---|--- 2026-06-03 03:24:39+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mne5vvlfz425...
UBUNTU-CVE-2026-10705
A flaw has been found in dask up to 3.0. Affected by this issue is the...
RHSA-2026:10705 Red Hat Security Advisory: rhc security update
Bulletin has no description...
CVE-2025-10705
creationtimestamp| type| source ---|---|--- 2025-10-23 14:51:45+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3m3umda5j2n2u...
CVE-2024-10705
The Multiple Page Generator Plugin – MPG plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 4.0.5 via the 'mpgdownloadfilebylink' function. This makes it possible for authenticated attackers, with editor-level access and above, to make web...
CVE-2024-10705
creationtimestamp| type| source ---|---|--- 2025-01-26 06:45:57+00:00| seen| https://infosec.exchange/users/cve/statuses/113893307619009077 2025-01-26 07:15:32+00:00| seen| https://bsky.app/profile/cve-notifications.bsky.social/post/3lgmuwubikn2c 2025-01-26 08:35:22+00:00| seen|...
CVE-2024-10705 Multiple Page Generator Plugin – MPG <= 4.0.5 - Authenticated (Editor+) Server-Side Request Forgery via fileUrl
The Multiple Page Generator Plugin – MPG plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 4.0.5 via the 'mpgdownloadfilebylink' function. This makes it possible for authenticated attackers, with editor-level access and above, to make web...
CVE-2024-10705
CVE-2024-10705 affects the WordPress plugin “Multiple Page Generator Plugin – MPG” with vulnerability in all versions up to 4.0.5. The flaw is Server-Side Request Forgery (SSRF) via the mpg_download_file_by_link function, allowing authenticated attackers with editor-level access or higher to trig...
CVE-2024-10705 Multiple Page Generator Plugin – MPG <= 4.0.5 - Authenticated (Editor+) Server-Side Request Forgery via fileUrl
The Multiple Page Generator Plugin – MPG plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 4.0.5 via the 'mpgdownloadfilebylink' function. This makes it possible for authenticated attackers, with editor-level access and above, to make web...
be.yildiz-games:module-webserver-undertow (>=1.0.0 <=1.1.1), br.eti.clairton:ds-test (>=0.4.0 <=1.2.1) +2345 more potentially affected by CVE-2020-10705 via io.undertow:undertow-core (>=1.0.0.Alpha1 <=2.1.0.Final)
io.undertow:undertow-core MAVEN version =1.0.0.Alpha1, =1.0.0, =0.4.0, =2.0.0, =1.0.2, =1.0.0, =1.0, =1.0, =0.1.0, =3.0.0.RELEASE, =20.5.0, =0.0.1-jdk1.8-RELEASES, =0.0.1-jdk1.8-RELEASES, =0.1.5-jdk1.8-RELEASES and more Source cves: CVE-2020-10705 Source advisory: OSV:GHSA-G4CP-H53P-V3V8...
Important: Red Hat Security Advisory: EAP Continuous Delivery Technical Preview Release 20 security update
This is a security update for JBoss EAP Continuous Delivery 20. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE...
CVE-2020-10705
A flaw was discovered in Undertow in versions before Undertow 2.1.1.Final where certain requests to the "Expect: 100-continue" header may cause an out of memory error. This flaw may potentially lead to a denial of service...
CVE-2020-10705
CVE-2020-10705 affects Undertow prior to 2.1.1.Final, where requests using the Expect: 100-continue header can trigger a memory exhaustion error, potentially causing a denial of service. The vulnerability is documented in the CVE page and appears in related advisories (e.g., Red Hat JBoss EAP 7.x...
CVE-2020-10705
A flaw was discovered in Undertow in versions before Undertow 2.1.1.Final where certain requests to the "Expect: 100-continue" header may cause an out of memory error. This flaw may potentially lead to a denial of service...
RHEL 8 : Red Hat JBoss Enterprise Application Platform 7.2.8 on RHEL 8 (RHSA-2020:2060)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2020:2060 advisory. This release of Red Hat JBoss Enterprise Application Platform 7.2.8 serves as a replacement for Red Hat JBoss Enterprise Application Platfor...
Important: Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 7.2.8 security update
An update is now available for Red Hat JBoss Enterprise Application Platform 7.2. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...
Important: Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 7.2.8 on RHEL 8 security update
An update is now available for Red Hat JBoss Enterprise Application Platform 7.2 for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, ...
Important: Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 7.2.8 on RHEL 7 security update
An update is now available for Red Hat JBoss Enterprise Application Platform 7.2 for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, ...
CVE-2019-10705
Western Digital SanDisk X600 devices in certain configurations, a vulnerability in the access control mechanism of the drive may allow data to be decrypted without knowledge of proper authentication credentials...