15 matches found
CVE-2026-42648
Missing Authorization vulnerability in Brainstorm Force Spectra ultimate-addons-for-gutenberg allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Spectra: from n/a through = 2.19.22...
CVE-2026-42648
creationtimestamp| type| source ---|---|--- 2026-04-29 14:39:11+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mkndbszbdj2q...
CVE-2026-42648
CVE-2026-42648 describes a Missing Authorization vulnerability in the Brainstorm Force Spectra ultimate-addons-for-gutenberg for WordPress, affecting versions up to and including 2.19.22. The issue arises from misconfigured access control, enabling an attacker to exploit insufficient authorizatio...
CVE-2024-42648
NanoMQ v0.22.10 was discovered to contain a heap overflow which allows attackers to cause a Denial of Service DoS via a crafted CONNECT message...
CVE-2024-42648
NanoMQ v0.22.10 was discovered to contain a heap overflow which allows attackers to cause a Denial of Service DoS via a crafted CONNECT message...
CVE-2024-42648
NanoMQ v0.22.10 was discovered to contain a heap overflow which allows attackers to cause a Denial of Service DoS via a crafted CONNECT message...
CVE-2024-42648
NanoMQ v0.22.10 was discovered to contain a heap overflow which allows attackers to cause a Denial of Service DoS via a crafted CONNECT message...
CVE-2024-42648
NanoMQ v0.22.10 was discovered to contain a heap overflow which allows attackers to cause a Denial of Service DoS via a crafted CONNECT message...
CVE-2024-42648
NanoMQ v0.22.10 contains a heap overflow in the handling of MQTT CONNECT messages, leading to a Denial of Service. The issue is evidenced across multiple sources (CVE-2024-42648) and specifically affects v0.22.10; no fix/version remediation is confirmed in the provided documents. The vulnerabilit...
CVE-2023-42648
In engineermode, there is a possible missing permission check. This could lead to local information disclosure with no additional execution privileges needed...
CVE-2023-42648
creationtimestamp| type| source ---|---|--- 2023-11-01 13:22:02+00:00| seen| https://t.me/cibsecurity/73318...
CVE-2021-42648
creationtimestamp| type| source ---|---|--- 2022-05-11 22:34:25+00:00| seen| https://t.me/cibsecurity/42406...
CVE-2021-42648
Cross-site scripting XSS vulnerability exists in Coder Code-Server before 3.12.0, allows attackers to execute arbitrary code via crafted URL...
CVE-2021-42648
Cross-site scripting XSS vulnerability exists in Coder Code-Server before 3.12.0, allows attackers to execute arbitrary code via crafted URL...
CVE-2021-42648
Coder Code-Server is affected by a Cross-Site Scripting (XSS) vulnerability in versions before 3.12.0, exploitable via crafted URLs. Affected component: code-server frontend handling error messages; root cause: insufficient escaping of user-supplied input in error handling. Impact: arbitrary code...