11 matches found
CVE-2025-11991
The JetFormBuilder — Dynamic Blocks Form Builder plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the runcallback function in all versions up to, and including, 3.5.3. This makes it possible for unauthenticated attackers to generate form...
CVE-2025-11991
creationtimestamp| type| source ---|---|--- 2025-12-16 09:03:34+00:00| seen| https://gist.github.com/Darkcrai86/516936ce67f3e2406946ebee6af13d04 2025-12-16 09:56:35+00:00| seen| https://gist.github.com/Darkcrai86/91a9a9d45e11042971b3dd7d20557ebf...
CVE-2024-11991
creationtimestamp| type| source ---|---|--- 2024-12-09 17:12:45+00:00| seen| https://t.me/cvedetector/12409...
CVE-2024-11991
Motoko's incremental garbage collector is impacted by an uninitialized memory access bug, caused by incorrect use of write barriers in a few locations. This vulnerability could potentially allow unauthorized read or write access to a Canister's memory. However, exploiting this bug requires the...
CVE-2024-11991 Uninitialized memory access in Motoko incremental garbage collector
Motoko's incremental garbage collector is impacted by an uninitialized memory access bug, caused by incorrect use of write barriers in a few locations. This vulnerability could potentially allow unauthorized read or write access to a Canister's memory. However, exploiting this bug requires the...
CVE-2020-11991
creationtimestamp| type| source ---|---|--- 2024-12-09 00:00:00+00:00| exploited| The Shadowserver honeypot/exploited-vulnerabilities - 2024-12-09 2024-12-29 00:00:00+00:00| exploited| The Shadowserver honeypot/exploited-vulnerabilities - 2024-12-29 2025-01-26 00:00:00+00:00| seen| The Shadowserv...
VulnCheck KEV: CVE-2020-11991
When using the StreamGenerator, the code parse a user-provided XML. A specially crafted XML, including external system entities, could be used to access any file on the server system...
CVE-2020-11991
When using the StreamGenerator, the code parse a user-provided XML. A specially crafted XML, including external system entities, could be used to access any file on the server system...
CVE-2020-11991
Apache Cocoon 2.1.12 is vulnerable to XML injection via the StreamGenerator when parsing user-supplied XML containing external entities. This can allow reading arbitrary files on the server. The connected template explicitly notes the issue and recommends upgrading to Apache Cocoon 2.1.13 or late...
CVE-2019-11991
HPE has identified a vulnerability in HPE 3PAR Service Processor SP version 4.1 through 4.4. HPE 3PAR Service Processor SP version 4.1 through 4.4 has a remote information disclosure vulnerability which can allow for the disruption of the confidentiality, integrity and availability of the Service...
CVE-2019-11991
CVE-2019-11991 concerns a remote information-disclosure vulnerability in HPE 3PAR Service Processor (SP) versions 4.1 through 4.4. The flaw affects the SP itself and any managed 3PAR arrays, potentially compromising confidentiality, integrity, and availability. The supplied connected documents co...