Lucene search
K

86 matches found

Tenable Nessus
Tenable Nessus
added 2026/05/06 12:0 a.m.19 views

RHCOS 4 : OpenShift Container Platform 4.1.20 golang (RHSA-2019:3131)

The remote Red Hat Enterprise Linux CoreOS 4 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2019:3131 advisory. - HTTP/2: flood using PING frames results in unbounded memory growth CVE-2019-9512 - HTTP/2: flood using HEADERS frames results in...

7.8CVSS7.3AI score0.83433EPSS
Exploits1References6
Circl
Circl
added 2026/02/24 9:51 p.m.6 views

CVE-2026-3131

creationtimestamp| type| source ---|---|--- 2026-02-24 21:51:58+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mfn5mri7pw2d...

6.5CVSS4.8AI score0.00301EPSS
Exploits0References1
OSV
OSV
added 2026/02/24 8:27 p.m.7 views

CVE-2026-3131

Improper access control in multiple DVLS REST API endpoints in Devolutions Server 2025.3.14.0 and earlier allows an authenticated user with view-only permission to access sensitive connection data...

6.5CVSS5.8AI score0.00301EPSS
Exploits0References1
NVD
NVD
added 2026/02/24 8:27 p.m.6 views

CVE-2026-3131

Improper access control in multiple DVLS REST API endpoints in Devolutions Server 2025.3.14.0 and earlier allows an authenticated user with view-only permission to access sensitive connection data...

6.5CVSS0.00301EPSS
Exploits0References1
OSV
OSV
added 2025/09/15 1:9 a.m.2 views

ECHO-C416-3131-D35B

Bulletin has no description...

7.8CVSS8.5AI score0.00406EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 3:21 a.m.11 views

CVE-2023-3131

The MStore API WordPress plugin before 3.9.7 does not secure most of its AJAX actions by implementing privilege checks, nonce checks, or a combination of both...

4.3CVSS6.8AI score0.00507EPSS
Exploits2References1
RedhatCVE
RedhatCVE
added 2025/05/22 10:50 p.m.5 views

CVE-2022-3131

The Search Logger WordPress plugin through 0.9 does not properly sanitise and escape a parameter before using it in a SQL statement, leading to a SQL injection exploitable by high privilege users...

7.2CVSS7.4AI score0.00921EPSS
Exploits2References1
RedhatCVE
RedhatCVE
added 2025/05/22 6:32 p.m.9 views

CVE-2021-3131

The Web server in 1C:Enterprise 8 before 8.3.17.1851 sends base64 encoded credentials in the creds URL parameter...

7.5CVSS7AI score0.00954EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 5:8 a.m.9 views

CVE-2016-3131

Cloudera CDH before 5.6.1 allows authorization bypass via direct internal API calls...

6.5CVSS7AI score0.00667EPSS
Exploits0References1
CVE
CVE
added 2025/04/09 5:47 p.m.61 views

CVE-2025-3131

The CVE-2025-3131 entry describes a Cross-Site Request Forgery (CSRF) vulnerability in the Drupal ECA: Event - Condition - Action module. Affected versions are ECA: Event - Condition - Action prior to 1.1.12 (0.0.0–1.1.11), 2.0.0 prior to 2.0.16, and 2.1.0 prior to 2.1.7 (also 0.0.0 prior to 1.2....

5.4CVSS6.7AI score0.00162EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2025/04/09 5:47 p.m.28 views

CVE-2025-3131 ECA: Event - Condition - Action - Critical - Cross site request forgery - SA-CONTRIB-2025-031

Cross-Site Request Forgery CSRF vulnerability in Drupal ECA: Event - Condition - Action allows Cross Site Request Forgery.This issue affects ECA: Event - Condition - Action: from 0.0.0 before 1.1.12, from 2.0.0 before 2.0.16, from 2.1.0 before 2.1.7, from 0.0.0 before 1.2...

0.00162EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/04/09 5:47 p.m.17 views

CVE-2025-3131 ECA: Event - Condition - Action - Critical - Cross site request forgery - SA-CONTRIB-2025-031

Cross-Site Request Forgery CSRF vulnerability in Drupal ECA: Event - Condition - Action allows Cross Site Request Forgery.This issue affects ECA: Event - Condition - Action: from 0.0.0 before 1.1.12, from 2.0.0 before 2.0.16, from 2.1.0 before 2.1.7, from 0.0.0 before 1.2...

6.7AI score0.00162EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/01/29 12:0 a.m.5 views

Snowflake Connector for Python 安全漏洞

Snowflake Connector for Python is an open source interface from Snowflake Computing. It is used to develop Python applications that can connect to Snowflake and perform all standard operations. A security vulnerability exists in Snowflake Connector for Python versions prior to 3.13.1, which stems...

5.5CVSS9.1AI score0.00137EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2024/04/01 4:31 p.m.12 views

CVE-2024-3131 SourceCodester Computer Laboratory Management System sql injection

A vulnerability was found in SourceCodester Computer Laboratory Management System 1.0. It has been declared as critical. This vulnerability affects unknown code of the file /classes/Master.php?f=savecategory. The manipulation of the argument id leads to sql injection. The attack can be initiated...

6.5CVSS7.5AI score0.00525EPSS
Exploits1References4
Circl
Circl
added 2024/02/28 10:41 a.m.8 views

CVE-2016-3131

creationtimestamp| type| source ---|---|--- 2024-02-28 10:41:10+00:00| seen| https://t.me/ctinow/195305...

6.5CVSS6.4AI score0.00667EPSS
Exploits0References1
OpenVAS
OpenVAS
added 2023/08/03 12:0 a.m.11 views

SUSE: Security Advisory (SUSE-SU-2023:3131-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

6.1CVSS6.7AI score0.01132EPSS
Exploits0References6
NVD
NVD
added 2023/07/10 4:15 p.m.16 views

CVE-2023-3131

The MStore API WordPress plugin before 3.9.7 does not secure most of its AJAX actions by implementing privilege checks, nonce checks, or a combination of both...

4.3CVSS4.8AI score0.00507EPSS
Exploits2References1
CVE
CVE
added 2023/07/10 12:41 p.m.2489 views

CVE-2023-3131

CVE-2023-3131 affects the MStore API WordPress plugin prior to version 3.9.7. The vulnerability arises because most AJAX actions are not protected by privilege checks or nonce validation, enabling unauthorized actions such as modifying settings. Public references describe practical proof-of-conce...

4.3CVSS4.6AI score0.00507EPSS
Exploits2References1Affected Software1
Vulnrichment
Vulnrichment
added 2023/07/10 12:41 p.m.13 views

CVE-2023-3131 MStore API < 3.9.7 - Subscriber+ Unauthorized Settings Update

The MStore API WordPress plugin before 3.9.7 does not secure most of its AJAX actions by implementing privilege checks, nonce checks, or a combination of both...

7.2AI score0.00507EPSS
Exploits2References1
Cvelist
Cvelist
added 2023/07/10 12:41 p.m.15 views

CVE-2023-3131 MStore API < 3.9.7 - Subscriber+ Unauthorized Settings Update

The MStore API WordPress plugin before 3.9.7 does not secure most of its AJAX actions by implementing privilege checks, nonce checks, or a combination of both...

5.1AI score0.00507EPSS
Exploits2References1
Rows per page
Query Builder