CVE-2026-33950

Signal K Server is a server application that runs on a central hub in a boat. Prior to version 2.24.0-beta.4, there is a privilege escalation vulnerability by Admin Role Injection via /enableSecurity. An unauthenticated attacker can gain full Administrator access to the SignalK server at any time...

CVE-2026-33950

creationtimestamp| type| source ---|---|--- 2026-04-02 19:26:18+00:00| seen| Telegram/zX6Kqs44rDek2r3jgp5vCS4jdZwe09icUbxsylGXOdI3O8 2026-04-03 06:01:25+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mil2a2kznk2d 2026-04-03 06:05:42+00:00| seen|...

CVE-2023-33950

Pattern Redirects in Liferay Portal 7.4.3.48 through 7.4.3.76, and Liferay DXP 7.4 update 48 through 76 allows regular expressions that are vulnerable to ReDoS attacks to be used as patterns, which allows remote attackers to consume an excessive amount of server resources via crafted request URLs...

CVE-2024-33950

Administrator Cross Site Scripting XSS in Archives Calendar Widget = 1.0.15 versions...

CVE-2024-33950 WordPress Archives Calendar Widget plugin <= 1.0.15 - Cross Site Scripting (XSS) vulnerability

Administrator Cross Site Scripting XSS in Archives Calendar Widget = 1.0.15 versions...

WordPress Archives Calendar Widget Plugin <= 1.0.15 is vulnerable to Cross Site Scripting (XSS)

Software Archives Calendar Widget Type Plugin Vulnerable versions = 1.0.15 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-33950 Patch priority Low CVSS severity Low 5.9 Developer Claim ownership PSID 5d201ab70e97 Credits Joshua Chan Required privilege...

CVE-2023-33950

creationtimestamp| type| source ---|---|--- 2023-05-24 20:27:29+00:00| seen| https://t.me/cibsecurity/64705...

CVE-2023-33950

Pattern Redirects in Liferay Portal 7.4.3.48 through 7.4.3.76, and Liferay DXP 7.4 update 48 through 76 allows regular expressions that are vulnerable to ReDoS attacks to be used as patterns, which allows remote attackers to consume an excessive amount of server resources via crafted request URLs...

CVE-2023-33950

Pattern Redirects in Liferay Portal 7.4.3.48 through 7.4.3.76, and Liferay DXP 7.4 update 48 through 76 allows regular expressions that are vulnerable to ReDoS attacks to be used as patterns, which allows remote attackers to consume an excessive amount of server resources via crafted request URLs...

CVE-2023-33950

Pattern Redirects in Liferay Portal 7.4.3.48 through 7.4.3.76, and Liferay DXP 7.4 update 48 through 76 allows regular expressions that are vulnerable to ReDoS attacks to be used as patterns, which allows remote attackers to consume an excessive amount of server resources via crafted request URLs...

CVE-2023-33950

CVE-2023-33950 affects Liferay Portal 7.4.3.48–7.4.3.76 and Liferay DXP 7.4 Update 48–76. The issue arises from using regular expressions as patterns, enabling ReDoS-style resource exhaustion via crafted request URLs. Connected sources confirm the affected product versions and the underlying caus...

CVE-2021-33950

creationtimestamp| type| source ---|---|--- 2023-02-17 20:19:28+00:00| seen| https://t.me/cibsecurity/58471 2025-03-18 19:03:04+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/7967...

CVE-2021-33950

CVE-2021-33950 affects OpenKM v6.3.10: the XMLTextExtractor function can disclose sensitive information. Root cause described as an information disclosure in XMLTextExtractor. The documented impact is high confidentiality (CVSS v3.1 score 7.5). The provided connected documents do not include expl...