18 matches found
CVE-2026-31071
API endpoints in LalanaChami Pharmacy Management System commit 5c3d028 lack authentication middleware. Unauthenticated remote attackers can exploit this to dump all user records including bcrypt password hashes via /api/user/getUserData, modify drug inventory, and access private medical...
PT-2026-31071
Name of the Vulnerable Software and Affected Versions ASDA-Soft affected versions not specified Description ASDA-Soft contains a stack-based buffer overflow issue. Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability...
CVE-2025-31071
Missing Authorization vulnerability in themeton HotStar – Multi-Purpose Business Theme allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects HotStar – Multi-Purpose Business Theme: from n/a through 1.4...
CVE-2025-31071
Missing Authorization vulnerability in themeton HotStar – Multi-Purpose Business Theme allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects HotStar – Multi-Purpose Business Theme: from n/a through 1.4...
CVE-2025-31071 WordPress HotStar – Multi-Purpose Business Theme <= 1.4 - Broken Access Control Vulnerability
Missing Authorization vulnerability in themeton HotStar – Multi-Purpose Business Theme allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects HotStar – Multi-Purpose Business Theme: from n/a through 1.4...
WordPress HotStar – Multi-Purpose Business Theme Theme <= 1.4 is vulnerable to Broken Access Control
Software HotStar – Multi-Purpose Business Theme Type Theme Vulnerable versions = 1.4 Fixed in N/A OWASP Top 10 A5: Security Misconfiguration Classification Broken Access Control CVE CVE-2025-31071 Patch priority Low CVSS severity Low 5.3 Developer Claim ownership PSID bb3eaed13631 Credits Tran...
CVE-2024-31071
in OpenHarmony v4.0.0 and prior versions allow a local attacker cause apps crash through type confusion...
CVE-2024-31071 Arkcompiler Ets Runtime has a type confusion vulnerability
in OpenHarmony v4.0.0 and prior versions allow a local attacker cause apps crash through type confusion...
CVE-2024-31071 Arkcompiler Ets Runtime has a type confusion vulnerability
in OpenHarmony v4.0.0 and prior versions allow a local attacker cause apps crash through type confusion...
CVE-2024-31071
OpenHarmony is affected by CVE-2024-31071: prior to v4.0.0, a local attacker can trigger a type confusion vulnerability that causes applications to crash. The issue is described as a local, low-severity fault with availability impact (availability impact is noted as LOW; attack vector LOCAL; priv...
python-pillow security update
5.1.1-21 - Security fix for CVE-2024-28219 Resolves: RHEL-31071...
CVE-2023-31071
creationtimestamp| type| source ---|---|--- 2023-08-17 12:37:16+00:00| seen| https://t.me/cibsecurity/68730...
CVE-2023-31071
CVE-2023-31071 is an unauthenticated reflected XSS in the WordPress Modal Dialog plugin, affecting versions
WordPress Modal Dialog Plugin <= 3.5.14 is vulnerable to Cross Site Scripting (XSS)
Software Modal Dialog Type Plugin Vulnerable versions = 3.5.14 Fixed in 3.5.15 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-31071 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 29ef21377041 Credits LEE SE HYOUNG...
CVE-2022-31071 Octopoller gem published with world-writable files
Octopoller is a micro gem for polling and retrying. Version 0.2.0 of the octopoller gem was published containing world-writeable files. Specifically, the gem was packed with files having their permissions set to -rw-rw-rw- i.e. 0666 instead of rw-r--r-- i.e. 0644. This means everyone who is not t...
CVE-2022-31071
The CVE-2022-31071 affects the Ruby gem octopoller, specifically version 0.2.0, where world-writable files were included in the package (permissions 0666 instead of 0644). This permits modification of gem files by anyone on the host, potentially altering behavior at runtime. The issue was fixed i...
CVE-2021-31071
CVE-2021-31071 is rejected and not used; the entry does not represent an active vulnerability.
CVE-2021-31071
...