15 matches found
Linux Distros Unpatched Vulnerability : CVE-2026-31544
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - firmware: armscmi: Fix NULL dereference on notify error path Since commit b5daf93b809d1 firmware: armscmi: Avoid notifier registration for unsupported events th...
CVE-2022-31544
The meerstein/rbtm repository through 1.5 on GitHub allows absolute path traversal because the Flask sendfile function is used unsafely...
CVE-2025-31544
Missing Authorization vulnerability in WP Messiah Swiss Toolkit For WP swiss-toolkit-for-wp allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Swiss Toolkit For WP: from n/a through = 1.4.6...
CVE-2025-31544
creationtimestamp| type| source ---|---|--- 2025-03-31 14:32:02+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/9655...
CVE-2025-31544
Missing Authorization vulnerability in WP Messiah Swiss Toolkit For WP swiss-toolkit-for-wp allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Swiss Toolkit For WP: from n/a through = 1.4.5...
CVE-2025-31544 WordPress Swiss Toolkit For WP plugin <= 1.4.5 - Broken Access Control vulnerability
Missing Authorization vulnerability in WP Messiah Swiss Toolkit For WP swiss-toolkit-for-wp allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Swiss Toolkit For WP: from n/a through = 1.4.5...
CVE-2025-31544
Technical details about CVE-2025-31544 are not provided in the supplied documents. Connected sources do not disclose affected versions, root cause, or remediation; monitor for updates.
CVE-2024-31544
A stored cross-site scripting XSS vulnerability in Computer Laboratory Management System v1.0 allows attackers to execute arbitrary JavaScript code by including malicious payloads into “remarks”, “borrowername”, “facultydepartment” parameters in /classes/Master.php?f=saverecord...
CVE-2024-31544
CVE-2024-31544 applies to the Computer Laboratory Management System v1.0. The vulnerability is a stored cross-site scripting (XSS) flaw that allows an attacker to inject arbitrary JavaScript through the fields “remarks”, “borrower_name” and “faculty_department” in the API endpoint /classes/Master...
CVE-2023-31544
creationtimestamp| type| source ---|---|--- 2023-05-17 00:32:36+00:00| seen| https://t.me/cibsecurity/64269 2025-01-23 18:03:34+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/2795...
CVE-2023-31544
A stored cross-site scripting XSS vulnerability in alkacon-OpenCMS v11.0.0.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Title field under the Upload Image module...
CVE-2023-31544
CVE-2023-31544 describes a stored Cross-site Scripting (XSS) vulnerability in alkacon-OpenCMS v11.0.0.0 . The issue arises when a crafted payload is injected into the Title field in the Upload Image module , allowing an attacker to execute arbitrary web scripts or HTML in affected contexts. The C...
CVE-2023-31544
A stored cross-site scripting XSS vulnerability in alkacon-OpenCMS v11.0.0.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Title field under the Upload Image module...
CVE-2022-31544
The meerstein/rbtm repository through 1.5 on GitHub allows absolute path traversal because the Flask sendfile function is used unsafely...
CVE-2022-31544
The CVE-2022-31544 entry concerns the meerstein/rbtm repository (up to version 1.5) where an unsafe use of Flask’s send_file enables absolute path traversal. The vulnerability is triggered by improper handling of file paths in the server’s response logic, exposing potential access to sensitive fi...