Lucene search
+L

28 matches found

Wolfi
Wolfi
added 2026/04/12 2:46 a.m.4 views

CVE-2026-32695 vulnerabilities

Vulnerabilities for packages: traefik...

7.7CVSS5.8AI score0.00463EPSS
Exploits1
Chainguard
Chainguard
added 2026/04/11 2:18 p.m.7 views

CVE-2026-32695 vulnerabilities

Vulnerabilities for packages: traefik-fips, traefik...

7.7CVSS6.1AI score0.00463EPSS
Exploits1
CVE
CVE
added 2026/03/27 1:47 p.m.21 views

CVE-2026-32695

Summary: CVE-2026-32695 affects Traefik with Knative provider. Prior to versions 3.6.11 and 3.7.0-ea.2, routers were built by interpolating user-controlled values into backtick-delimited rule expressions without escaping, enabling rule-syntax injection and host/header manipulation. In live multi-...

7.7CVSS5.9AI score0.00463EPSS
Exploits1References7Affected Software1
Circl
Circl
added 2026/03/27 9:47 a.m.4 views

CVE-2026-32695

creationtimestamp| type| source ---|---|--- 2026-03-27 09:47:29+00:00| published-proof-of-concept| https://github.com/traefik/traefik/security/advisories/GHSA-67jx-r9pv-98rj 2026-03-27 15:20:18+00:00| seen| https://bsky.app/profile/o2cloud.bsky.social/post/3mi2g6xmnl22z 2026-03-27 16:47:48+00:00|...

7.7CVSS5.7AI score0.00463EPSS
Exploits1References3
FreeBSD
FreeBSD
added 2026/03/19 12:0 a.m.9 views

traefik -- Multiple vulnerabilities

The traefik project releases a new version addressing multiple CVEs: CVE-2026-32595 BasicAuth Middleware Timing Attack CVE-2026-32305 Potential mTLS Bypass via Fragmented TLS ClientHello CVE-2026-32695 Details not yet available...

8.3CVSS5.8AI score0.00463EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/22 9:18 p.m.10 views

CVE-2021-32695

Nextcloud Android app is the Android client for Nextcloud. In versions prior to 3.16.1, a malicious app on the same device could have gotten access to the shared preferences of the Nextcloud Android application. This required user-interaction as a victim had to initiate the sharing flow and choos...

4.3CVSS6.7AI score0.00881EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/04/11 5:21 p.m.5 views

CVE-2025-32695

Incorrect Privilege Assignment vulnerability in Mestres do WP Checkout Mestres WP checkout-mestres-wp allows Privilege Escalation.This issue affects Checkout Mestres WP: from n/a through = 8.7.5...

9.8CVSS5.9AI score0.00545EPSS
Exploits0References1
Patchstack
Patchstack
added 2025/04/09 6:14 p.m.7 views

WordPress Checkout Mestres WP plugin <= 8.7.5 - Privilege Escalation Vulnerability

Privilege Escalation Vulnerability discovered by LVT-tholv2k in WordPress Plugin Checkout Mestres WP versions = 8.7.5...

9.8CVSS6.8AI score0.00545EPSS
Exploits0Affected Software1
NVD
NVD
added 2025/04/09 5:15 p.m.17 views

CVE-2025-32695

Incorrect Privilege Assignment vulnerability in Mestres do WP Checkout Mestres WP checkout-mestres-wp allows Privilege Escalation.This issue affects Checkout Mestres WP: from n/a through = 8.7.5...

9.8CVSS0.00545EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/04/09 4:13 p.m.24 views

CVE-2025-32695 WordPress Checkout Mestres WP plugin <= 8.7.5 - Privilege Escalation Vulnerability

Incorrect Privilege Assignment vulnerability in Mestres do WP Checkout Mestres WP checkout-mestres-wp allows Privilege Escalation.This issue affects Checkout Mestres WP: from n/a through = 8.7.5...

9.8CVSS0.00545EPSS
Exploits0References1
NVD
NVD
added 2024/04/22 8:15 a.m.14 views

CVE-2024-32695

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Marco Gasi Language Switcher for Transposh allows Reflected XSS.This issue affects Language Switcher for Transposh: from n/a through 1.5.9...

7.1CVSS7AI score0.00354EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/04/22 7:49 a.m.20 views

CVE-2024-32695 WordPress Language Switcher for Transposh plugin <= 1.5.9 - Reflected Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Marco Gasi Language Switcher for Transposh allows Reflected XSS.This issue affects Language Switcher for Transposh: from n/a through 1.5.9...

7.1CVSS7.1AI score0.00354EPSS
Exploits0References1
Patchstack
Patchstack
added 2024/04/19 12:0 a.m.12 views

WordPress Language Switcher for Transposh Plugin <= 1.5.9 is vulnerable to Cross Site Scripting (XSS)

Software Language Switcher for Transposh Type Plugin Vulnerable versions = 1.5.9 Fixed in 1.6.0 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-32695 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID b9e7fdf4a085 Credits Majed Refaea...

7.1CVSS6.6AI score0.00354EPSS
Exploits0References2Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2023/06/27 11:19 a.m.27 views

Security Bulletin: IBM App Connect Enterprise Certified Container DesignerAuthoring operands are vulnerable to denial of service due to [CVE-2023-32695]

Summary Node.js module Socket.IO is used by IBM App Connect Enterprise Certified Container for updating a DesignerAuthoring webconsole. IBM App Connect Enterprise Certified Container DesignerAuthoring operands are vulnerable to denial of service. This bulletin provides patch information to addres...

7.5CVSS7.2AI score0.01059EPSS
Exploits0Affected Software1
Circl
Circl
added 2023/05/27 10:17 p.m.6 views

CVE-2023-32695

creationtimestamp| type| source ---|---|--- 2023-05-27 22:17:55+00:00| seen| https://t.me/cibsecurity/64741...

7.5CVSS7.7AI score0.01059EPSS
Exploits0References1
NVD
NVD
added 2023/05/27 4:15 p.m.23 views

CVE-2023-32695

socket.io parser is a socket.io encoder and decoder written in JavaScript complying with version 5 of socket.io-protocol. A specially crafted Socket.IO packet can trigger an uncaught exception on the Socket.IO server, thus killing the Node.js process. A patch has been released in version 4.2.3...

7.5CVSS7.3AI score0.01059EPSS
Exploits0References4
CVE
CVE
added 2023/05/27 3:44 p.m.186 views

CVE-2023-32695

CVE-2023-32695 affects the socket.io-parser component (a Socket.IO encoder/decoder) used with Node.js services. A specially crafted Socket.IO packet can trigger an uncaught exception on the Socket.IO server, causing the Node.js process to crash. A fix has been released in version 4.2.3 of socket....

7.5CVSS7.2AI score0.01059EPSS
Exploits0References4Affected Software1
Vulnrichment
Vulnrichment
added 2023/05/27 3:44 p.m.13 views

CVE-2023-32695 Insufficient validation when decoding a Socket.IO packet

socket.io parser is a socket.io encoder and decoder written in JavaScript complying with version 5 of socket.io-protocol. A specially crafted Socket.IO packet can trigger an uncaught exception on the Socket.IO server, thus killing the Node.js process. A patch has been released in version 4.2.3...

7.3CVSS7.5AI score0.01059EPSS
Exploits0References4
Cvelist
Cvelist
added 2023/05/27 3:44 p.m.41 views

CVE-2023-32695 Insufficient validation when decoding a Socket.IO packet

socket.io parser is a socket.io encoder and decoder written in JavaScript complying with version 5 of socket.io-protocol. A specially crafted Socket.IO packet can trigger an uncaught exception on the Socket.IO server, thus killing the Node.js process. A patch has been released in version 4.2.3...

7.3CVSS7.7AI score0.01059EPSS
Exploits0References4
Debian CVE
Debian CVE
added 2023/05/27 3:44 p.m.44 views

CVE-2023-32695

socket.io parser is a socket.io encoder and decoder written in JavaScript complying with version 5 of socket.io-protocol. A specially crafted Socket.IO packet can trigger an uncaught exception on the Socket.IO server, thus killing the Node.js process. A patch has been released in version 4.2.3...

7.5CVSS7.6AI score0.01059EPSS
Exploits0
Rows per page
Query Builder