Lucene search
+L

16 matches found

Circl
Circl
added yesterday6 views

CVE-2026-13352

creationtimestamp| type| source ---|---|--- 2026-07-17 06:55:32+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mqt67iafs42k...

8.8CVSS4.8AI score0.00575EPSS
Exploits0References1
SUSE CVE
SUSE CVE
added 2026/01/06 12:28 a.m.23 views

SUSE CVE-2025-13352

Mattermost versions 10.11.x = 10.11.6 and Mattermost GitHub plugin versions =2.4.0 fail to validate plugin bot identity in reaction forwarding which allows attackers to hijack the GitHub reaction feature to make users add reactions to arbitrary GitHub objects via crafted notification posts...

3CVSS7.1AI score0.00148EPSS
Exploits0References2
Circl
Circl
added 2025/12/17 3:35 p.m.6 views

CVE-2025-13352

creationtimestamp| type| source ---|---|--- 2025-12-17 15:35:07+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3ma6yffup6b2x...

3CVSS5.8AI score0.00148EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 4:16 p.m.5 views

CVE-2020-13352

Private group info is leaked leaked in GitLab CE/EE version 10.2 and above, when the project is moved from private to public group. Affected versions are: =10.2, =13.4, =13.5, 13.5.2...

5.3CVSS6.5AI score0.0121EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2025/05/22 4:27 a.m.9 views

CVE-2019-13352

WolfVision Cynap before 1.30j uses a static, hard-coded cryptographic secret for generating support PINs for the 'forgot password' feature. By knowing this static secret and the corresponding algorithm for calculating support PINs, an attacker can reset the ADMIN password and thus gain remote...

10CVSS7.4AI score0.0288EPSS
Exploits1References1
Circl
Circl
added 2025/02/07 6:12 a.m.9 views

CVE-2024-13352

creationtimestamp| type| source ---|---|--- 2025-02-07 06:12:12+00:00| seen| https://infosec.exchange/users/cve/statuses/113961122645272686 2025-02-07 06:16:48+00:00| seen| https://bsky.app/profile/cve-notifications.bsky.social/post/3lhkxavpowy26 2025-02-07 07:57:37+00:00| seen|...

7.1CVSS7.7AI score0.00541EPSS
Exploits1References7
Vulnrichment
Vulnrichment
added 2025/02/07 6:0 a.m.6 views

CVE-2024-13352 Legull <= 1.2.2 - Reflected XSS

The Legull WordPress plugin through 1.2.2 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin...

6.1AI score0.00541EPSS
Exploits1References1
Cvelist
Cvelist
added 2025/02/07 6:0 a.m.18 views

CVE-2024-13352 Legull <= 1.2.2 - Reflected XSS

The Legull WordPress plugin through 1.2.2 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin...

0.00541EPSS
Exploits1References1
Tenable Nessus
Tenable Nessus
added 2024/05/17 12:0 a.m.24 views

GitLab 10.2 < 13.3.9 / 13.4 < 13.4.5 / 13.5 < 13.5.2 (CVE-2020-13352)

The version of GitLab installed on the remote host is affected by a vulnerability, as follows: - Private group info is leaked leaked in GitLab CE/EE version 10.2 and above, when the project is moved from private to public group. Affected versions are: =10.2, =13.4, =13.5, =10.2, =13.4, =13.5,...

5.3CVSS5.7AI score0.0121EPSS
Exploits0References4
NVD
NVD
added 2021/07/13 11:15 a.m.27 views

CVE-2021-34311

A vulnerability has been identified in JT2Go All versions V13.2, Teamcenter Visualization All versions V13.2. The Monoloader.dll library in affected applications lacks proper validation of user-supplied data when parsing J2K files. This could result in an out of bounds write past the end of an...

7.8CVSS0.01574EPSS
Exploits0References2
Circl
Circl
added 2020/11/17 7:38 a.m.7 views

CVE-2020-13352

creationtimestamp| type| source ---|---|--- 2020-11-17 07:38:27+00:00| seen| https://t.me/cibsecurity/16423...

5.3CVSS5.4AI score0.0121EPSS
Exploits0References1
CVE
CVE
added 2020/11/17 12:36 a.m.80 views

CVE-2020-13352

GitLab CVE-2020-13352 affects GitLab CE/EE versions 10.2 through 13.3.8, 13.4 through 13.4.4, and 13.5 through 13.5.1, where private group information is leaked when moving a project from a private to a public group. Root cause: information leakage in group visibility handling during transfers. R...

5.3CVSS5.2AI score0.0121EPSS
Exploits0References3Affected Software1
Circl
Circl
added 2019/07/05 11:0 p.m.12 views

CVE-2019-13352

creationtimestamp| type| source ---|---|--- 2019-07-05 23:00:01+00:00| seen| https://t.me/cveNotify/266...

10CVSS8.7AI score0.0288EPSS
Exploits1References1
CVE
CVE
added 2019/07/05 7:33 p.m.343 views

CVE-2019-13352

CVE-2019-13352 affects WolfVision Cynap prior to version 1.30j. The vulnerability arises from a static, hard-coded cryptographic secret used to generate support PINs for the forgotten-password feature, enabling an attacker who knows the secret and the calculation method to reset the ADMIN passwor...

10CVSS9.6AI score0.0288EPSS
Exploits1References3Affected Software1
Cvelist
Cvelist
added 2018/11/27 9:0 p.m.22 views

CVE-2018-13352

Session Exposure in the web application for TerraMaster TOS version 3.1.03 allows attackers to view active session tokens in a world-readable directory...

8AI score0.01935EPSS
Exploits1References1
CVE
CVE
added 2018/11/27 9:0 p.m.45 views

CVE-2018-13352

TerraMaster TOS (web app) version 3.1.03 is affected by CVE-2018-13352, enabling attackers to view active session tokens due to a session exposed in a world-readable directory. The issue is documented across multiple entries (NVD and CNVD) with a consistent description of session disclosure via i...

7.5CVSS7.9AI score0.01935EPSS
Exploits1References1Affected Software1
Rows per page
Query Builder