Lucene search
K

22 matches found

RedhatCVE
RedhatCVE
added 2025/04/13 8:56 a.m.5 views

CVE-2025-31041

Missing Authorization vulnerability in AnyTrack AnyTrack Affiliate Link Manager anytrack-affiliate-link-manager allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects AnyTrack Affiliate Link Manager: from n/a through = 1.0.4...

7.5CVSS7.2AI score0.00503EPSS
Exploits0References1
Circl
Circl
added 2025/04/11 2:51 p.m.6 views

CVE-2025-31041

creationtimestamp| type| source ---|---|--- 2025-04-11 14:51:14+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/11438...

7.5CVSS8.7AI score0.00503EPSS
Exploits0References1
NVD
NVD
added 2025/04/11 9:15 a.m.4 views

CVE-2025-31041

Missing Authorization vulnerability in AnyTrack AnyTrack Affiliate Link Manager anytrack-affiliate-link-manager allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects AnyTrack Affiliate Link Manager: from n/a through = 1.0.4...

7.5CVSS0.00503EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/04/11 8:42 a.m.3 views

CVE-2025-31041 WordPress AnyTrack Affiliate Link Manager <= 1.0.4 - Broken Access Control Vulnerability

Missing Authorization vulnerability in NotFound AnyTrack Affiliate Link Manager allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects AnyTrack Affiliate Link Manager: from n/a through 1.0.4...

7.5CVSS6.9AI score0.00503EPSS
Exploits0References1
CVE
CVE
added 2025/04/11 8:42 a.m.45 views

CVE-2025-31041

CVE-2025-31041 : The WordPress plugin AnyTrack Affiliate Link Manager is affected up to version 1.0.4 and suffers a Missing Authorization vulnerability. Public data shows a CVSSv3.1 base score of 7.5 (HIGH) with network attack vector, low attack complexity, no privileges required, and no confiden...

7.5CVSS7.2AI score0.00503EPSS
Exploits0References1
Patchstack
Patchstack
added 2025/04/09 5:45 p.m.5 views

WordPress AnyTrack Affiliate Link Manager plugin <= 1.0.4 - Broken Access Control Vulnerability

Broken Access Control Vulnerability discovered by timomangcut in WordPress Plugin AnyTrack Affiliate Link Manager versions = 1.0.4...

7.5CVSS8.3AI score0.00503EPSS
Exploits0Affected Software1
NVD
NVD
added 2024/04/17 7:15 p.m.11 views

CVE-2024-31041

Null Pointer Dereference vulnerability in topicfiltern function in mqttparser.c in NanoMQ 0.21.7 allows attackers to cause a denial of service...

7.5CVSS6.4AI score0.00556EPSS
Exploits1References1
OSV
OSV
added 2024/04/17 7:15 p.m.3 views

CVE-2024-31041

Null Pointer Dereference vulnerability in topicfiltern function in mqttparser.c in NanoMQ 0.21.7 allows attackers to cause a denial of service...

7.5CVSS7AI score
Exploits0References1
Cvelist
Cvelist
added 2024/04/17 12:0 a.m.26 views

CVE-2024-31041

Null Pointer Dereference vulnerability in topicfiltern function in mqttparser.c in NanoMQ 0.21.7 allows attackers to cause a denial of service...

6.7AI score0.00556EPSS
Exploits1References1
CVE
CVE
added 2024/04/17 12:0 a.m.70 views

CVE-2024-31041

CVE-2024-31041 is a null pointer dereference in NanoMQ 0.21.7, specifically in the topic_filtern function of mqtt_parser.c, which can be exploited to cause a denial of service. The description is consistently reported across NVD, Red Hat, OSV, CNNVD, and CVE listings. The connected sources confir...

7.5CVSS6.7AI score0.00556EPSS
Exploits1References1Affected Software1
Circl
Circl
added 2023/08/14 6:24 p.m.6 views

CVE-2023-31041

creationtimestamp| type| source ---|---|--- 2023-08-14 18:24:27+00:00| seen| https://t.me/cibsecurity/68443...

7.5CVSS7.3AI score0.00305EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2023/08/14 3:15 p.m.1 views

CVE-2023-31041

An issue was discovered in SysPasswordDxe in Insyde InsydeH2O with kernel 5.0 through 5.5. System password information could optionally be stored in cleartext, which might lead to possible information disclosure...

7.5CVSS5.9AI score0.00305EPSS
Exploits0References2
NVD
NVD
added 2023/08/14 3:15 p.m.27 views

CVE-2023-31041

An issue was discovered in SysPasswordDxe in Insyde InsydeH2O with kernel 5.0 through 5.5. System password information could optionally be stored in cleartext, which might lead to possible information disclosure...

7.5CVSS7.7AI score0.00305EPSS
Exploits0References1
Cvelist
Cvelist
added 2023/08/14 12:0 a.m.29 views

CVE-2023-31041

An issue was discovered in SysPasswordDxe in Insyde InsydeH2O with kernel 5.0 through 5.5. System password information could optionally be stored in cleartext, which might lead to possible information disclosure...

7.3AI score0.00305EPSS
Exploits0References1
CVE
CVE
added 2023/08/14 12:0 a.m.57 views

CVE-2023-31041

CVE-2023-31041 concerns InsydeH2O BIOS (SysPasswordDxe) where system password information may be stored in cleartext on kernel versions 5.0–5.5. The issue enables potential information disclosure due to plaintext password storage, as described across multiple sources (Red Hat, Red Hat RIS, NVD, T...

7.5CVSS7.1AI score0.00305EPSS
Exploits0References1Affected Software1
Circl
Circl
added 2022/06/13 4:22 p.m.5 views

CVE-2022-31041

creationtimestamp| type| source ---|---|--- 2022-06-13 16:22:56+00:00| seen| https://t.me/cibsecurity/44284...

7.6CVSS6.3AI score0.00748EPSS
Exploits0References1
Cvelist
Cvelist
added 2022/06/13 12:35 p.m.41 views

CVE-2022-31041 Insufficient content-type validation for uploaded files in open-forms

Open Forms is an application for creating and publishing smart forms. Open Forms supports file uploads as one of the form field types. These fields can be configured to allow only certain file extensions to be uploaded by end users e.g. only PDF / Excel / .... The input validation of uploaded fil...

7.6CVSS7.7AI score0.00748EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2022/06/13 12:35 p.m.9 views

CVE-2022-31041 Insufficient content-type validation for uploaded files in open-forms

Open Forms is an application for creating and publishing smart forms. Open Forms supports file uploads as one of the form field types. These fields can be configured to allow only certain file extensions to be uploaded by end users e.g. only PDF / Excel / .... The input validation of uploaded fil...

7.6CVSS7.5AI score0.00748EPSS
Exploits0References2
CVE
CVE
added 2022/06/13 12:35 p.m.442 views

CVE-2022-31041

Open Forms prior to versions 1.0.9 and 1.1.1 are affected by insufficient input validation for uploaded files, allowing end users to bypass extension-based checks by stripping or altering file extensions. This can lead to uploaded files being misrepresented as another type and potentially downloa...

7.6CVSS6.6AI score0.00748EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2021/08/24 6:52 p.m.8 views

CVE-2021-31041

...

Exploits0
Rows per page
Query Builder