Lucene search
K

15 matches found

RedhatCVE
RedhatCVE
added 2026/05/12 2:21 p.m.9 views

CVE-2026-42648

Missing Authorization vulnerability in Brainstorm Force Spectra ultimate-addons-for-gutenberg allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Spectra: from n/a through = 2.19.22...

4.3CVSS5.8AI score0.00165EPSS
Exploits0References1
Circl
Circl
added 2026/04/29 2:39 p.m.6 views

CVE-2026-42648

creationtimestamp| type| source ---|---|--- 2026-04-29 14:39:11+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mkndbszbdj2q...

4.3CVSS4.8AI score0.00165EPSS
Exploits0References1
CVE
CVE
added 2026/04/29 10:40 a.m.13 views

CVE-2026-42648

CVE-2026-42648 describes a Missing Authorization vulnerability in the Brainstorm Force Spectra ultimate-addons-for-gutenberg for WordPress, affecting versions up to and including 2.19.22. The issue arises from misconfigured access control, enabling an attacker to exploit insufficient authorizatio...

4.3CVSS5.1AI score0.00165EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/07/16 12:16 a.m.7 views

CVE-2024-42648

NanoMQ v0.22.10 was discovered to contain a heap overflow which allows attackers to cause a Denial of Service DoS via a crafted CONNECT message...

6.5CVSS7AI score0.00335EPSS
Exploits1References1
NVD
NVD
added 2025/07/14 5:15 p.m.6 views

CVE-2024-42648

NanoMQ v0.22.10 was discovered to contain a heap overflow which allows attackers to cause a Denial of Service DoS via a crafted CONNECT message...

6.5CVSS0.00335EPSS
Exploits1References2
OSV
OSV
added 2025/07/14 5:15 p.m.6 views

CVE-2024-42648

NanoMQ v0.22.10 was discovered to contain a heap overflow which allows attackers to cause a Denial of Service DoS via a crafted CONNECT message...

6.5CVSS6.9AI score0.00335EPSS
Exploits1References2
Cvelist
Cvelist
added 2025/07/14 12:0 a.m.8 views

CVE-2024-42648

NanoMQ v0.22.10 was discovered to contain a heap overflow which allows attackers to cause a Denial of Service DoS via a crafted CONNECT message...

0.00335EPSS
Exploits1References2
Vulnrichment
Vulnrichment
added 2025/07/14 12:0 a.m.3 views

CVE-2024-42648

NanoMQ v0.22.10 was discovered to contain a heap overflow which allows attackers to cause a Denial of Service DoS via a crafted CONNECT message...

7.1AI score0.00335EPSS
Exploits1References2
CVE
CVE
added 2025/07/14 12:0 a.m.19 views

CVE-2024-42648

NanoMQ v0.22.10 contains a heap overflow in the handling of MQTT CONNECT messages, leading to a Denial of Service. The issue is evidenced across multiple sources (CVE-2024-42648) and specifically affects v0.22.10; no fix/version remediation is confirmed in the provided documents. The vulnerabilit...

6.5CVSS7.6AI score0.00335EPSS
Exploits1References2Affected Software1
RedhatCVE
RedhatCVE
added 2025/05/23 2:1 a.m.6 views

CVE-2023-42648

In engineermode, there is a possible missing permission check. This could lead to local information disclosure with no additional execution privileges needed...

5.5CVSS6.3AI score0.0008EPSS
Exploits0References1
Circl
Circl
added 2023/11/01 1:22 p.m.6 views

CVE-2023-42648

creationtimestamp| type| source ---|---|--- 2023-11-01 13:22:02+00:00| seen| https://t.me/cibsecurity/73318...

5.5CVSS5.5AI score0.0008EPSS
Exploits0References1
Circl
Circl
added 2022/05/11 10:34 p.m.5 views

CVE-2021-42648

creationtimestamp| type| source ---|---|--- 2022-05-11 22:34:25+00:00| seen| https://t.me/cibsecurity/42406...

6.1CVSS6AI score0.00773EPSS
Exploits1References1
OSV
OSV
added 2022/05/11 6:15 p.m.11 views

CVE-2021-42648

Cross-site scripting XSS vulnerability exists in Coder Code-Server before 3.12.0, allows attackers to execute arbitrary code via crafted URL...

6.1CVSS6.2AI score
Exploits0References1
Cvelist
Cvelist
added 2022/05/11 5:34 p.m.18 views

CVE-2021-42648

Cross-site scripting XSS vulnerability exists in Coder Code-Server before 3.12.0, allows attackers to execute arbitrary code via crafted URL...

6.3AI score0.00773EPSS
Exploits1References1
CVE
CVE
added 2022/05/11 5:34 p.m.88 views

CVE-2021-42648

Coder Code-Server is affected by a Cross-Site Scripting (XSS) vulnerability in versions before 3.12.0, exploitable via crafted URLs. Affected component: code-server frontend handling error messages; root cause: insufficient escaping of user-supplied input in error handling. Impact: arbitrary code...

6.1CVSS6.1AI score0.00773EPSS
Exploits1References1Affected Software1
Rows per page
Query Builder