28 matches found
CVE-2026-32695 vulnerabilities
Vulnerabilities for packages: traefik...
CVE-2026-32695 vulnerabilities
Vulnerabilities for packages: traefik-fips, traefik...
CVE-2026-32695
Summary: CVE-2026-32695 affects Traefik with Knative provider. Prior to versions 3.6.11 and 3.7.0-ea.2, routers were built by interpolating user-controlled values into backtick-delimited rule expressions without escaping, enabling rule-syntax injection and host/header manipulation. In live multi-...
CVE-2026-32695
creationtimestamp| type| source ---|---|--- 2026-03-27 09:47:29+00:00| published-proof-of-concept| https://github.com/traefik/traefik/security/advisories/GHSA-67jx-r9pv-98rj 2026-03-27 15:20:18+00:00| seen| https://bsky.app/profile/o2cloud.bsky.social/post/3mi2g6xmnl22z 2026-03-27 16:47:48+00:00|...
traefik -- Multiple vulnerabilities
The traefik project releases a new version addressing multiple CVEs: CVE-2026-32595 BasicAuth Middleware Timing Attack CVE-2026-32305 Potential mTLS Bypass via Fragmented TLS ClientHello CVE-2026-32695 Details not yet available...
CVE-2021-32695
Nextcloud Android app is the Android client for Nextcloud. In versions prior to 3.16.1, a malicious app on the same device could have gotten access to the shared preferences of the Nextcloud Android application. This required user-interaction as a victim had to initiate the sharing flow and choos...
CVE-2025-32695
Incorrect Privilege Assignment vulnerability in Mestres do WP Checkout Mestres WP checkout-mestres-wp allows Privilege Escalation.This issue affects Checkout Mestres WP: from n/a through = 8.7.5...
WordPress Checkout Mestres WP plugin <= 8.7.5 - Privilege Escalation Vulnerability
Privilege Escalation Vulnerability discovered by LVT-tholv2k in WordPress Plugin Checkout Mestres WP versions = 8.7.5...
CVE-2025-32695
Incorrect Privilege Assignment vulnerability in Mestres do WP Checkout Mestres WP checkout-mestres-wp allows Privilege Escalation.This issue affects Checkout Mestres WP: from n/a through = 8.7.5...
CVE-2025-32695 WordPress Checkout Mestres WP plugin <= 8.7.5 - Privilege Escalation Vulnerability
Incorrect Privilege Assignment vulnerability in Mestres do WP Checkout Mestres WP checkout-mestres-wp allows Privilege Escalation.This issue affects Checkout Mestres WP: from n/a through = 8.7.5...
CVE-2024-32695
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Marco Gasi Language Switcher for Transposh allows Reflected XSS.This issue affects Language Switcher for Transposh: from n/a through 1.5.9...
CVE-2024-32695 WordPress Language Switcher for Transposh plugin <= 1.5.9 - Reflected Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Marco Gasi Language Switcher for Transposh allows Reflected XSS.This issue affects Language Switcher for Transposh: from n/a through 1.5.9...
WordPress Language Switcher for Transposh Plugin <= 1.5.9 is vulnerable to Cross Site Scripting (XSS)
Software Language Switcher for Transposh Type Plugin Vulnerable versions = 1.5.9 Fixed in 1.6.0 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-32695 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID b9e7fdf4a085 Credits Majed Refaea...
Security Bulletin: IBM App Connect Enterprise Certified Container DesignerAuthoring operands are vulnerable to denial of service due to [CVE-2023-32695]
Summary Node.js module Socket.IO is used by IBM App Connect Enterprise Certified Container for updating a DesignerAuthoring webconsole. IBM App Connect Enterprise Certified Container DesignerAuthoring operands are vulnerable to denial of service. This bulletin provides patch information to addres...
CVE-2023-32695
creationtimestamp| type| source ---|---|--- 2023-05-27 22:17:55+00:00| seen| https://t.me/cibsecurity/64741...
CVE-2023-32695
socket.io parser is a socket.io encoder and decoder written in JavaScript complying with version 5 of socket.io-protocol. A specially crafted Socket.IO packet can trigger an uncaught exception on the Socket.IO server, thus killing the Node.js process. A patch has been released in version 4.2.3...
CVE-2023-32695
CVE-2023-32695 affects the socket.io-parser component (a Socket.IO encoder/decoder) used with Node.js services. A specially crafted Socket.IO packet can trigger an uncaught exception on the Socket.IO server, causing the Node.js process to crash. A fix has been released in version 4.2.3 of socket....
CVE-2023-32695 Insufficient validation when decoding a Socket.IO packet
socket.io parser is a socket.io encoder and decoder written in JavaScript complying with version 5 of socket.io-protocol. A specially crafted Socket.IO packet can trigger an uncaught exception on the Socket.IO server, thus killing the Node.js process. A patch has been released in version 4.2.3...
CVE-2023-32695 Insufficient validation when decoding a Socket.IO packet
socket.io parser is a socket.io encoder and decoder written in JavaScript complying with version 5 of socket.io-protocol. A specially crafted Socket.IO packet can trigger an uncaught exception on the Socket.IO server, thus killing the Node.js process. A patch has been released in version 4.2.3...
CVE-2023-32695
socket.io parser is a socket.io encoder and decoder written in JavaScript complying with version 5 of socket.io-protocol. A specially crafted Socket.IO packet can trigger an uncaught exception on the Socket.IO server, thus killing the Node.js process. A patch has been released in version 4.2.3...