Lucene search
K

18 matches found

NVD
NVD
added 2026/05/19 4:16 p.m.18 views

CVE-2026-31071

API endpoints in LalanaChami Pharmacy Management System commit 5c3d028 lack authentication middleware. Unauthenticated remote attackers can exploit this to dump all user records including bcrypt password hashes via /api/user/getUserData, modify drug inventory, and access private medical...

9.1CVSS0.00545EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/04/08 12:0 a.m.2 views

PT-2026-31071

Name of the Vulnerable Software and Affected Versions ASDA-Soft affected versions not specified Description ASDA-Soft contains a stack-based buffer overflow issue. Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability...

8.4CVSS6.2AI score0.00339EPSS
Exploits0References10
RedhatCVE
RedhatCVE
added 2025/05/18 4:3 p.m.15 views

CVE-2025-31071

Missing Authorization vulnerability in themeton HotStar – Multi-Purpose Business Theme allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects HotStar – Multi-Purpose Business Theme: from n/a through 1.4...

5.3CVSS6.7AI score0.00265EPSS
Exploits0References1
NVD
NVD
added 2025/05/16 4:15 p.m.6 views

CVE-2025-31071

Missing Authorization vulnerability in themeton HotStar – Multi-Purpose Business Theme allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects HotStar – Multi-Purpose Business Theme: from n/a through 1.4...

5.3CVSS0.00265EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/05/16 3:45 p.m.16 views

CVE-2025-31071 WordPress HotStar – Multi-Purpose Business Theme <= 1.4 - Broken Access Control Vulnerability

Missing Authorization vulnerability in themeton HotStar – Multi-Purpose Business Theme allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects HotStar – Multi-Purpose Business Theme: from n/a through 1.4...

5.3CVSS0.00265EPSS
Exploits0References1
Patchstack
Patchstack
added 2025/05/16 12:0 a.m.7 views

WordPress HotStar – Multi-Purpose Business Theme Theme <= 1.4 is vulnerable to Broken Access Control

Software HotStar – Multi-Purpose Business Theme Type Theme Vulnerable versions = 1.4 Fixed in N/A OWASP Top 10 A5: Security Misconfiguration Classification Broken Access Control CVE CVE-2025-31071 Patch priority Low CVSS severity Low 5.3 Developer Claim ownership PSID bb3eaed13631 Credits Tran...

5.3CVSS6.5AI score0.00265EPSS
Exploits0References1Affected Software1
NVD
NVD
added 2024/07/02 9:15 a.m.24 views

CVE-2024-31071

in OpenHarmony v4.0.0 and prior versions allow a local attacker cause apps crash through type confusion...

3.3CVSS0.0014EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/07/02 8:13 a.m.25 views

CVE-2024-31071 Arkcompiler Ets Runtime has a type confusion vulnerability

in OpenHarmony v4.0.0 and prior versions allow a local attacker cause apps crash through type confusion...

3.3CVSS0.0014EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/07/02 8:13 a.m.16 views

CVE-2024-31071 Arkcompiler Ets Runtime has a type confusion vulnerability

in OpenHarmony v4.0.0 and prior versions allow a local attacker cause apps crash through type confusion...

3.3CVSS6.7AI score0.0014EPSS
Exploits0References1
CVE
CVE
added 2024/07/02 8:13 a.m.46 views

CVE-2024-31071

OpenHarmony is affected by CVE-2024-31071: prior to v4.0.0, a local attacker can trigger a type confusion vulnerability that causes applications to crash. The issue is described as a local, low-severity fault with availability impact (availability impact is noted as LOW; attack vector LOCAL; priv...

3.3CVSS3.9AI score0.0014EPSS
Exploits0References1Affected Software1
Oracle linux
Oracle linux
added 2024/07/02 12:0 a.m.29 views

python-pillow security update

5.1.1-21 - Security fix for CVE-2024-28219 Resolves: RHEL-31071...

6.7CVSS7.4AI score0.00989EPSS
Exploits0
Circl
Circl
added 2023/08/17 12:37 p.m.6 views

CVE-2023-31071

creationtimestamp| type| source ---|---|--- 2023-08-17 12:37:16+00:00| seen| https://t.me/cibsecurity/68730...

7.1CVSS7.1AI score0.00379EPSS
Exploits0References1
CVE
CVE
added 2023/08/17 8:41 a.m.42 views

CVE-2023-31071

CVE-2023-31071 is an unauthenticated reflected XSS in the WordPress Modal Dialog plugin, affecting versions

7.1CVSS6AI score0.00379EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2023/04/24 12:0 a.m.12 views

WordPress Modal Dialog Plugin <= 3.5.14 is vulnerable to Cross Site Scripting (XSS)

Software Modal Dialog Type Plugin Vulnerable versions = 3.5.14 Fixed in 3.5.15 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-31071 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 29ef21377041 Credits LEE SE HYOUNG...

7.1CVSS5.9AI score0.00379EPSS
Exploits0References2Affected Software1
Vulnrichment
Vulnrichment
added 2022/06/15 10:35 p.m.5 views

CVE-2022-31071 Octopoller gem published with world-writable files

Octopoller is a micro gem for polling and retrying. Version 0.2.0 of the octopoller gem was published containing world-writeable files. Specifically, the gem was packed with files having their permissions set to -rw-rw-rw- i.e. 0666 instead of rw-r--r-- i.e. 0644. This means everyone who is not t...

2.5CVSS3.7AI score0.00214EPSS
Exploits0References2
CVE
CVE
added 2022/06/15 10:35 p.m.78 views

CVE-2022-31071

The CVE-2022-31071 affects the Ruby gem octopoller, specifically version 0.2.0, where world-writable files were included in the package (permissions 0666 instead of 0644). This permits modification of gem files by anyone on the host, potentially altering behavior at runtime. The issue was fixed i...

3.3CVSS3.5AI score0.00214EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2021/08/24 6:52 p.m.29 views

CVE-2021-31071

CVE-2021-31071 is rejected and not used; the entry does not represent an active vulnerability.

7.4AI score
Exploits0
Cvelist
Cvelist
added 2021/08/24 6:52 p.m.8 views

CVE-2021-31071

...

Exploits0
Rows per page
Query Builder