Lucene search
K

18 matches found

NVD
NVD
added 2026/04/30 7:16 p.m.7 views

CVE-2026-40600

Chartbrew is an open-source web application that can connect directly to databases and APIs and use the data to create charts. In version 4.9.0, Chartbrew allows authenticated users with access to one project to update or delete a SharePolicy record that belongs to a different project. The affect...

8.1CVSS0.00232EPSS
Exploits0References2
CVE
CVE
added 2026/04/30 6:22 p.m.9 views

CVE-2026-40600

Chartbrew prior to 5.0.0 allowed cross-project modification of SharePolicy because policy_id was not verified against the target project. Authenticated users with access to one project could update/delete sharing rules (visibility, password requirements, allowed parameters, expiration). Patch rel...

8.1CVSS5.3AI score0.00232EPSS
Exploits0References2
Nuclei
Nuclei
added 2026/04/03 7:34 a.m.15 views

EWWW Image Optimizer <= 7.2.0 - Unauthenticated Information Disclosure

The EWWW Image Optimizer plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 7.2.0 via the debuglog function. This makes it possible for unauthenticated attackers to extract sensitive debug data when debug logging is enabled. id: CVE-2023-406...

7.5CVSS7.1AI score0.02036EPSS
Exploits1References3
RedhatCVE
RedhatCVE
added 2026/01/09 12:30 p.m.7 views

CVE-2023-40600

Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Exactly WWW EWWW Image Optimizer. It works only when debug.log is turned on.This issue affects EWWW Image Optimizer: from n/a through 7.2.0...

7.5CVSS7.8AI score0.02036EPSS
Exploits1References1
EUVD
EUVD
added 2025/11/10 4:5 a.m.0 views

EUVD-2025-40600

Malicious code in bambang-botok90-breki npm...

6.6AI score
Exploits0
RedhatCVE
RedhatCVE
added 2025/07/31 9:12 p.m.8 views

CVE-2025-40600

Use of Externally-Controlled Format String vulnerability in the SonicOS SSL VPN interface allows a remote unauthenticated attacker to cause service disruption...

9.8CVSS7.3AI score0.00875EPSS
Exploits0References1
CVE
CVE
added 2025/07/29 9:11 p.m.37 views

CVE-2025-40600

The CVE-2025-40600 affects SonicWall SonicOS SSL VPN interface, where an externally-controlled format string error allows remote, unauthenticated attackers to cause service disruption (DoS). The issue is tied to handling of format strings in SSL VPN, with a critical CVSS base score (9.8) and netw...

9.8CVSS7.3AI score0.00875EPSS
In wildExploits0References1Affected Software1
SonicWall
SonicWall
added 2025/07/29 3:46 p.m.8 views

SonicOS Use of Externally-Controlled Format String Vulnerability

Use of Externally-Controlled Format String vulnerability in the SonicOS SSL VPN interface allows a remote unauthenticated attacker to cause service disruption.SonicWall strongly advises users of the SonicWall firewall products to upgrade to the mentioned fixed release version to address this...

5.9CVSS6.3AI score0.00875EPSS
Exploits0
Circl
Circl
added 2024/07/07 2:57 a.m.4 views

CVE-2024-40600

creationtimestamp| type| source ---|---|--- 2024-07-07 02:57:34+00:00| seen| https://t.me/cvedetector/162...

6.1CVSS4.8AI score0.00302EPSS
Exploits1References1
NVD
NVD
added 2024/07/07 12:15 a.m.31 views

CVE-2024-40600

An issue was discovered in the Metrolook skin for MediaWiki through 1.42.1. There is stored XSS via MediaWiki:Sidebar top-level menu entries...

6.1CVSS0.00302EPSS
Exploits1References1
Cvelist
Cvelist
added 2024/07/06 12:0 a.m.29 views

CVE-2024-40600

An issue was discovered in the Metrolook skin for MediaWiki through 1.42.1. There is stored XSS via MediaWiki:Sidebar top-level menu entries...

0.00302EPSS
Exploits1References1
OSV
OSV
added 2023/11/30 3:15 p.m.32 views

CVE-2023-40600

Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Exactly WWW EWWW Image Optimizer. It works only when debug.log is turned on.This issue affects EWWW Image Optimizer: from n/a through 7.2.0...

7.5CVSS6.8AI score
Exploits0References1
Cvelist
Cvelist
added 2023/11/30 3:0 p.m.32 views

CVE-2023-40600 WordPress EWWW Image Optimizer Plugin <= 7.2.0 is vulnerable to Sensitive Data Exposure

Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Exactly WWW EWWW Image Optimizer. It works only when debug.log is turned on.This issue affects EWWW Image Optimizer: from n/a through 7.2.0...

5.3CVSS7.7AI score0.02036EPSS
Exploits1References1
CVE
CVE
added 2023/11/30 3:0 p.m.100 views

CVE-2023-40600

Affected software: WordPress EWWW Image Optimizer plugin ≤ 7.2.0. Vulnerability: Sensitive information exposure via the debug_log function, allowing unauthenticated access to sensitive debug data when debug logging is enabled. Root cause/vector: debug_log writes internal data to logs accessible t...

7.5CVSS7.8AI score0.02036EPSS
In wildExploits1References1Affected Software1
GithubExploit
GithubExploit
added 2023/11/20 7:5 p.m.43 views

Exploit for Exposure of Sensitive Information to an Unauthorized Actor in Ewww Image_Optimizer

CVE-2023-40600 EWWW Image Optimizer = 7.2.0 - Unauthentica...

7.5CVSS8.5AI score0.02036EPSS
Exploits1
Patchstack
Patchstack
added 2023/11/14 12:0 a.m.23 views

WordPress EWWW Image Optimizer Plugin <= 7.2.0 is vulnerable to Sensitive Data Exposure

Software EWWW Image Optimizer Type Plugin Vulnerable versions = 7.2.0 Fixed in 7.2.1 OWASP Top 10 A1: Broken Access Control Classification Sensitive Data Exposure CVE CVE-2023-40600 Patch priority Medium CVSS severity Medium 5.3 Developer Exactly WWW LLC PSID e83c448240a2 Credits Mika Required...

7.5CVSS6.4AI score0.02036EPSS
Exploits1References2Affected Software1
NVD
NVD
added 2023/03/27 10:15 p.m.6 views

CVE-2022-40600

Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2022. Notes: none...

6.5AI score
Exploits0
CVE
CVE
added 1976/01/01 12:0 a.m.24 views

CVE-2022-40600

CVE-2022-40600 entry is rejected/not used and does not represent an active vulnerability.

7.3AI score
Exploits0
Rows per page
Query Builder