Lucene search
+L

25 matches found

OSV
OSV
added 2026/07/03 12:11 p.m.4 views

OPENSUSE-SU-2026:21231-1 Security update for python-pydata-sphinx-theme

This update for python-pydata-sphinx-theme fixes the following issues: Changes in python-pydata-sphinx-theme: - CVE-2026-13676: fast-uri: failure to canonicalize Unicode/IDN hostnames for HTTP-family URLs allows for bypass bsc1269597 revendor the vendored tarball with updated versions...

7.5CVSS5.9AI score0.00369EPSS
Exploits0References2
SUSE CVE
SUSE CVE
added 2026/06/30 1:49 a.m.8 views

SUSE CVE-2026-13676

fast-uri versions 2.3.1 through 3.1.2 and 4.0.0 fail to canonicalize Unicode IDN hostnames for HTTP-family URLs. The IDN conversion path calls a helper that does not exist on the global URL constructor, silently leaving the host in its original Unicode form while normalize and equal still return...

7.2CVSS5.8AI score0.00369EPSS
Exploits0References3
Circl
Circl
added 2026/06/29 1:33 p.m.11 views

CVE-2026-13676

creationtimestamp| type| source ---|---|--- 2026-06-29 13:33:30+00:00| seen| https://bsky.app/profile/ulisesgascon.com/post/3mpgm2jo5sk2k 2026-06-29 16:05:22+00:00| seen| https://bsky.app/profile/kriptabiz.bsky.social/post/3mpguk3mdpl2d 2026-07-10 16:44:21+00:00| seen|...

7.5CVSS6.1AI score0.00369EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/07 12:30 a.m.8 views

EUVD-2021-13676

Malware in sbrugna...

6.2CVSS6.8AI score0.01062EPSS
Exploits0References3
Cvelist
Cvelist
added 2025/02/19 7:32 a.m.14 views

CVE-2024-13676 Categorized Gallery Plugin <= 2.0 - Authenticated (Contributor+) SQL Injection

The Categorized Gallery Plugin plugin for WordPress is vulnerable to SQL Injection via the 'field' attribute of the 'imagegallery' shortcode in all versions up to, and including, 2.0 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL...

6.5CVSS0.00462EPSS
Exploits0References2
CVE
CVE
added 2025/02/19 7:32 a.m.35 views

CVE-2024-13676

CVE-2024-13676 affects the WordPress plugin Categorized Gallery Plugin (

6.5CVSS6.5AI score0.00462EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2025/02/19 7:32 a.m.7 views

CVE-2024-13676 Categorized Gallery Plugin <= 2.0 - Authenticated (Contributor+) SQL Injection

The Categorized Gallery Plugin plugin for WordPress is vulnerable to SQL Injection via the 'field' attribute of the 'imagegallery' shortcode in all versions up to, and including, 2.0 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL...

6.5CVSS6.5AI score0.00462EPSS
Exploits0References2
Circl
Circl
added 2024/02/27 9:46 a.m.7 views

CVE-2019-13676

creationtimestamp| type| source ---|---|--- 2024-02-27 09:46:10+00:00| seen| https://t.me/ctinow/194150...

4.3CVSS6.3AI score0.00623EPSS
Exploits0References1
OSV
OSV
added 2022/02/11 4:15 p.m.20 views

CVE-2020-13676

The QuickEdit module does not properly check access to fields in some circumstances, which can lead to unintended disclosure of field data. Sites are only affected if the QuickEdit module which comes with the Standard profile is installed...

6.5CVSS6.3AI score
Exploits0References1
UbuntuCve
UbuntuCve
added 2022/02/11 4:15 p.m.26 views

CVE-2020-13676

The QuickEdit module does not properly check access to fields in some circumstances, which can lead to unintended disclosure of field data. Sites are only affected if the QuickEdit module which comes with the Standard profile is installed...

6.5CVSS6.6AI score0.00805EPSS
Exploits0References2
Cvelist
Cvelist
added 2022/02/11 3:50 p.m.61 views

CVE-2020-13676

The QuickEdit module does not properly check access to fields in some circumstances, which can lead to unintended disclosure of field data. Sites are only affected if the QuickEdit module which comes with the Standard profile is installed...

7.7AI score0.00805EPSS
Exploits0References1
CVE
CVE
added 2022/02/11 3:50 p.m.138 views

CVE-2020-13676

CVE-2020-13676 involves the Drupal QuickEdit module (Standard profile) failing to properly enforce access to fields, potentially leading to unintended disclosure of field data. The issue affects sites where QuickEdit is installed; the vulerability description indicates a partial confidentiality i...

6.5CVSS6.1AI score0.00805EPSS
Exploits0References1Affected Software1
NVD
NVD
added 2021/06/29 3:15 p.m.29 views

CVE-2021-31511

This vulnerability allows remote attackers to execute arbitrary code on affected installations of OpenText Brava! Desktop Build 16.6.4.55. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists...

7.8CVSS0.01811EPSS
Exploits0References3
Prion
Prion
added 2021/06/29 3:15 p.m.14 views

Design/Logic Flaw

This vulnerability allows remote attackers to execute arbitrary code on affected installations of OpenText Brava! Desktop Build 16.6.4.55. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists...

6.8CVSS7.8AI score0.01811EPSS
Exploits0References3Affected Software1
CVE
CVE
added 2021/06/29 2:33 p.m.57 views

CVE-2021-31511

OpenText Brava! Desktop (Build 16.6.4.55) is affected. The vulnerability lies in PDF parsing where insufficient validation allows a write past the end of an allocated buffer, enabling remote code execution. Exploitation requires user interaction (visit a malicious page or open a malicious file). ...

7.8CVSS7.8AI score0.01811EPSS
Exploits0References3Affected Software1
OSV
OSV
added 2019/11/25 3:15 p.m.5 views

CVE-2019-13676

Insufficient policy enforcement in Chromium in Google Chrome prior to 77.0.3865.75 allowed a remote attacker to perform domain spoofing via a crafted HTML page...

4.3CVSS8.5AI score
Exploits0References2
OSV
OSV
added 2019/11/25 3:15 p.m.2 views

DEBIAN-CVE-2019-13676

Insufficient policy enforcement in Chromium in Google Chrome prior to 77.0.3865.75 allowed a remote attacker to perform domain spoofing via a crafted HTML page...

4.3CVSS6.4AI score0.00623EPSS
Exploits0References1
Debian CVE
Debian CVE
added 2019/11/25 2:22 p.m.38 views

CVE-2019-13676

Insufficient policy enforcement in Chromium in Google Chrome prior to 77.0.3865.75 allowed a remote attacker to perform domain spoofing via a crafted HTML page...

4.3CVSS6AI score0.00623EPSS
Exploits0
CVE
CVE
added 2019/11/25 2:22 p.m.285 views

CVE-2019-13676

CVE-2019-13676 affects Chromium/Google Chrome and is described as an error in a certificate warning, contributing to domain spoofing scenarios. Public sources in the connected docs tie this to the Chromium/Chrome 78 updates that fixed this issue (e.g., CVEs tracked in Fedora/Debian advisories). T...

4.3CVSS5.1AI score0.00623EPSS
Exploits0References2Affected Software1
Tenable Nessus
Tenable Nessus
added 2019/10/28 12:0 a.m.76 views

Fedora 31 : chromium (2019-9a5e81214f)

Chromium update to 77.0.3865.120. For the upstream announcement see https://chromereleases.googleblog.com/2019/10/stable-channel-update-fo r-desktop.html. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has...

9.6CVSS6.9AI score0.01443EPSS
Exploits0References39
Rows per page
Query Builder