Lucene search
K

48 matches found

RedhatCVE
RedhatCVE
added 2026/06/05 7:40 p.m.9 views

CVE-2025-66105

Missing Authorization vulnerability in Magepeople inc. Bus Ticket Booking with Seat Reservation allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Bus Ticket Booking with Seat Reservation: from n/a before 5.6.8...

5.3CVSS5.4AI score0.00171EPSS
Exploits0References1
NVD
NVD
added 2026/05/14 7:16 a.m.13 views

CVE-2026-3694

The Bold Page Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'text' attribute of the btbbbutton shortcode in all versions up to, and including, 5.6.8. This is due to insufficient input sanitization and output escaping on user supplied attributes. This makes it...

6.4CVSS0.00156EPSS
Exploits0References2
NVD
NVD
added 2026/05/07 9:16 a.m.20 views

CVE-2025-66105

Missing Authorization vulnerability in Magepeople inc. Bus Ticket Booking with Seat Reservation allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Bus Ticket Booking with Seat Reservation: from n/a before 5.6.8...

5.3CVSS0.00171EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/05/07 7:46 a.m.6 views

CVE-2025-66105

Missing Authorization vulnerability in Magepeople inc. Bus Ticket Booking with Seat Reservation allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Bus Ticket Booking with Seat Reservation: from n/a before 5.6.8...

5.3CVSS5.8AI score0.00171EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/05/07 7:46 a.m.35 views

CVE-2025-66105 WordPress Bus Ticket Booking with Seat Reservation plugin < 5.6.8 - Broken Access Control vulnerability

Missing Authorization vulnerability in Magepeople inc. Bus Ticket Booking with Seat Reservation allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Bus Ticket Booking with Seat Reservation: from n/a before 5.6.8...

5.3CVSS0.00171EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/07 12:0 a.m.12 views

WordPress plugin Bus Ticket Booking with Seat Reservation 安全漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. There wa...

5.3CVSS5.8AI score0.00171EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2026/01/07 12:0 a.m.2 views

Unity Linux 20.1070e Security Update: kernel (UTSA-2026-000411)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-000411 advisory. usbsgcancel in drivers/usb/core/message.c in the Linux kernel before 5.6.8 has a use-after-free because a transfer occurs without a reference, aka CID-056ad39ee925...

7.2CVSS6.5AI score0.00802EPSS
Exploits1References3
Tenable Nessus
Tenable Nessus
added 2025/08/30 12:0 a.m.3 views

Linux Distros Unpatched Vulnerability : CVE-2022-1382

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - NULL Pointer Dereference in GitHub repository radareorg/radare2 prior to 5.6.8. This vulnerability is capable of making the radare2 crash, thus affecting the...

7.1CVSS6.3AI score0.00659EPSS
Exploits1References2
NVD
NVD
added 2024/01/08 2:15 p.m.27 views

CVE-2024-21647

Puma is a web server for Ruby/Rack applications built for parallelism. Prior to version 6.4.2, puma exhibited incorrect behavior when parsing chunked transfer encoding bodies in a way that allowed HTTP request smuggling. Fixed versions limits the size of chunk extensions. Without this limit, an...

7.5CVSS6.5AI score0.00958EPSS
Exploits0References3
UbuntuCve
UbuntuCve
added 2024/01/08 2:15 p.m.38 views

CVE-2024-21647

Puma is a web server for Ruby/Rack applications built for parallelism. Prior to version 6.4.2, puma exhibited incorrect behavior when parsing chunked transfer encoding bodies in a way that allowed HTTP request smuggling. Fixed versions limits the size of chunk extensions. Without this limit, an...

7.5CVSS6.6AI score0.00958EPSS
Exploits0References4
Prion
Prion
added 2024/01/08 2:15 p.m.24 views

Design/Logic Flaw

Puma is a web server for Ruby/Rack applications built for parallelism. Prior to version 6.4.2, puma exhibited incorrect behavior when parsing chunked transfer encoding bodies in a way that allowed HTTP request smuggling. Fixed versions limits the size of chunk extensions. Without this limit, an...

5CVSS7.4AI score0.00958EPSS
Exploits0References2Affected Software1
OSSF Malicious Packages
OSSF Malicious Packages
added 2023/10/05 4:1 p.m.4 views

Malicious code in f0-fpti-tracking-manager (npm)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis e1d6cccf9ef65f34bdf293de4de123a77f8d39e6e7d1ec98fcaeb53ee57caedf The OpenSSF Package Analysis project identified 'f0-fpti-tracking-manager' @ 5.6.8 npm as malicious. It is considered malicious because: - The...

6.9AI score
Exploits0
SUSE CVE
SUSE CVE
added 2023/02/15 5:17 a.m.3 views

SUSE CVE-2015-4600

The SoapClient implementation in PHP before 5.4.40, 5.5.x before 5.5.24, and 5.6.x before 5.6.8 allows remote attackers to cause a denial of service application crash or possibly execute arbitrary code via an unexpected data type, related to "type confusion" issues in the 1...

9.8CVSS9.4AI score0.10724EPSS
Exploits5References10
SUSE CVE
SUSE CVE
added 2023/02/15 3:34 a.m.2 views

SUSE CVE-2022-1297

Out-of-bounds Read in rbinnegetentrypoints function in GitHub repository radareorg/radare2 prior to 5.6.8. This vulnerability may allow attackers to read sensitive information or cause a crash...

9.1CVSS7.7AI score0.00862EPSS
Exploits1References3
OSV
OSV
added 2023/02/03 5:15 a.m.3 views

CVE-2023-25135

vBulletin before 5.6.9 PL1 allows an unauthenticated remote attacker to execute arbitrary code via a crafted HTTP request that triggers deserialization. This occurs because verifyserialized checks that a value is serialized by calling unserialize and then checking for errors. The fixed versions a...

9.8CVSS7.6AI score0.23926EPSS
Exploits1References2
vulnersOsv
vulnersOsv
added 2022/11/01 12:0 p.m.9 views

ai.aitia:arrowhead-application-library-java-spring (>=4.4.0.2 <=4.6.0.0), ai.ylyue:yue-library-auth-client (>=j11.2.6.0 <=j11.2.6.1) +1921 more potentially affected by CVE-2022-31692 via org.springframework.security:spring-security-core (>=5.6.0 <=5.6.8)

org.springframework.security:spring-security-core MAVEN version =5.6.0, =4.4.0.2, =j11.2.6.0, =j11.2.6.0, =1.3.1.RELEASE, =0.2.0, =0.8.3, =2.1.0.M8, =1.0.0, =2.7.0.Beta3, =2.7.0.Beta4, =2.7.0.Beta3, =2.7.0.Beta3, =2.7.0.Beta3, =2.7.0.RC1 and more Source cves: CVE-2022-31692 Source advisory:...

9.8CVSS6.7AI score0.03425EPSS
Exploits3
Positive Technologies
Positive Technologies
added 2022/10/31 12:0 a.m.4 views

PT-2022-20890

Name of the Vulnerable Software and Affected Versions Spring Security versions 5.6 through 5.6.8 Spring Security versions 5.7 through 5.7.4 Description The issue allows a malicious user or attacker to modify a request initiated by the Client to the Authorization Server, potentially leading to a...

8.1CVSS7.2AI score0.01011EPSS
Exploits0References10
Spring Security Advisories
Spring Security Advisories
added 2022/10/24 7:0 a.m.85 views

This Week in Spring - October 25th, 2022

Hi, Spring fans! Welcome to another installment of This Week in Spring! When last we spoke, I was in Las Vegas, NV, for the JavaOne show. It was amazing! Im in sunny Singapore, then off to Malaysia and Thailand. Its the first time Ive been to any of these places since 2019! How good it is to be...

4.8AI score0.00604EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2022/05/20 11:55 p.m.45 views

CVE-2022-1061

Heap Buffer Overflow in parseDragons in GitHub repository radareorg/radare2 prior to 5.6.8...

7.5CVSS2.9AI score0.00944EPSS
Exploits1References1
vulnersOsv
vulnersOsv
added 2022/05/14 3:46 a.m.7 views

com.day.cq:cq-personalization (>=5.4.0 <=5.6.8), org.apache.sling:org.apache.sling.servlets.post (>=2.1.0 <=3.0.2) potentially affected by CVE-2012-3353 via org.apache.sling:org.apache.sling.jcr.contentloader (>=2.0.4-incubator <=2.1.4)

org.apache.sling:org.apache.sling.jcr.contentloader MAVEN version =2.0.4-incubator, =5.4.0, =2.1.0, =3.0.2 Source cves: CVE-2012-3353 Source advisory: OSV:GHSA-WJP3-4XCQ-598P...

7.5CVSS7.1AI score0.03143EPSS
Exploits0
Rows per page
Query Builder