CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

11 matches found

OSV•added 2026/03/23 11:58 p.m.•5 views

CVE-2026-33290 WPGraphQL Repo's updateComment allows low-privileged authenticated users to change comment moderation status (comment_approved) without moderate_comments permission

WPGraphQL provides a GraphQL API for WordPress sites. Prior to version 2.10.0, an authorization flaw in updateComment allows an authenticated low-privileged user including a custom role with zero capabilities to change moderation status of their own comment for example to APPROVE without the...

4.3CVSS5.9AI score0.00039EPSS

Exploits0References4

RedhatCVE•added 2025/05/23 3:52 a.m.•9 views

CVE-2023-33290

The git-url-parse crate through 0.4.4 for Rust allows Regular Expression Denial of Service ReDos via a crafted URL to normalizeurl in lib.rs, a similar issue to CVE-2023-32758 Python...

7.5CVSS6.7AI score0.00233EPSS

Exploits1References1

RedhatCVE•added 2025/02/05 10:23 p.m.•5 views

CVE-2022-33290

Transient DOS in Bluetooth HOST due to null pointer dereference when a mismatched argument is passed...

7.5CVSS6.8AI score0.00261EPSS

Exploits0References1

vulnersOsv•added 2023/06/12 3:30 p.m.•1 views

cranko (>=0.0.21 <=0.16.0), diener (>=0.1.0 <=0.4.2) +9 more potentially affected by CVE-2023-33290 via git-url-parse (>=0.2.0 <=0.3.1)

git-url-parse CARGO version =0.2.0, =0.0.21, =0.1.0, =0.0.1, =0.0.1, =2.3.0, =0.1.0, =0.3.1, =0.1.1, =0.1.0, =0.2.1 Source cves: CVE-2023-33290 Source advisory: OSV:GHSA-QFH9-8P57-MJJJ...

7.5CVSS7.1AI score0.00085EPSS

Exploits1

ATTACKERKB•added 2023/06/12 1:15 p.m.•1 views

CVE-2023-33290

The git-url-parse crate through 0.4.4 for Rust allows Regular Expression Denial of Service ReDos via a crafted URL to normalizeurl in lib.rs, a similar issue to CVE-2023-32758 Python...

7.5CVSS5.8AI score0.00233EPSS

Exploits1References3

Vulnrichment•added 2023/06/12 12:0 a.m.•10 views

CVE-2023-33290

The git-url-parse crate through 0.4.4 for Rust allows Regular Expression Denial of Service ReDos via a crafted URL to normalizeurl in lib.rs, a similar issue to CVE-2023-32758 Python...

7.1AI score0.00085EPSS

Exploits1References2

CVE•added 2023/06/12 12:0 a.m.•48 views

CVE-2023-33290

CVE-2023-33290 affects the Rust crate for parsing Git URLs, specifically the git-url-parse crate up to version 0.4.4. The vulnerability is a Regular Expression Denial of Service (ReDoS) via a crafted URL to the normalize_url function in lib.rs. This can lead to high impact on availability (Denial...

7.5CVSS7.3AI score0.00085EPSS

Exploits1References2Affected Software1

Cvelist•added 2023/06/12 12:0 a.m.•14 views

CVE-2023-33290

The git-url-parse crate through 0.4.4 for Rust allows Regular Expression Denial of Service ReDos via a crafted URL to normalizeurl in lib.rs, a similar issue to CVE-2023-32758 Python...

7.6AI score0.00085EPSS

Exploits1References2

NVD•added 2023/01/09 8:15 a.m.•11 views

CVE-2022-33290

Transient DOS in Bluetooth HOST due to null pointer dereference when a mismatched argument is passed...

7.5CVSS7.5AI score0.00261EPSS

Exploits0References1

CVE•added 2023/01/06 5:2 a.m.•46 views

CVE-2022-33290

CVE-2022-33290 describes a transient Denial of Service in the Bluetooth HOST caused by a null pointer dereference when a mismatched argument is passed. Multiple connected documents tie the issue to Qualcomm chipsets/Bluetooth HOST, confirming the vulnerability is a null pointer dereference leadin...

7.5CVSS7.5AI score0.00261EPSS

Exploits0References1Affected Software1

Vulnrichment•added 2023/01/06 5:2 a.m.•4 views

CVE-2022-33290 Null pointer dereference in Bluetooth HOST

Transient DOS in Bluetooth HOST due to null pointer dereference when a mismatched argument is passed...

7.5CVSS7.5AI score0.00261EPSS

Exploits0References1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by