Pac4J JWT < 4.5.9 / 5.x < 5.7.9 / 6.x < 6.3.3 Authentication Bypass (CVE-2026-29000) (Direct Check)

Binary data pac4jjwtauthenticationbypasscve-2026-29000.nbin...

Vulnerability fixed in pac4j-jwt

Pac4j has fixed a vulnerability in the pac4j-jwt library specifically for versions before 4.5.9, 5.7.9 and 6.3.3. The vulnerability is located in the JwtAuthenticator module of the pac4j-jwt library. This vulnerability allows an attacker with access to the server's RSA public key to forge JWT...

Live Server 安全漏洞

Live Server is a local development server personally developed by Ritwick Dey. Version 5.7.9 of Live Server contains a security vulnerability, which stems from user interactions with specially crafted HTML pages, potentially leading to file leaks...

CVE-2025-65717

An issue in Visual Studio Code Extensions Live Server v5.7.9 allows attackers to exfiltrate files via user interaction with a crafted HTML page...

ProfileGrid <= 5.7.8 - SQL Injection

The ProfileGrid – User Profiles, Groups and Communities plugin for WordPress is vulnerable to SQL Injection in versions up to, and including, 5.7.8 due to insufficient escaping on the user supplied 'search' parameter and lack of sufficient preparation on the existing SQL query. id: CVE-2024-30490...

EUVD-2016-0634

Malware in sbrugna...

EUVD-2022-1799

Malicious code in bioql PyPI...

EUVD-2023-23644

Malicious code in bioql PyPI...

EUVD-2022-1619

Malicious code in bioql PyPI...

Linux Distros Unpatched Vulnerability : CVE-2016-0601

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Unspecified vulnerability in Oracle MySQL 5.7.9 allows remote authenticated users to affect availability via unknown vectors related to Partition. CVE-2016-0601...

Linux Distros Unpatched Vulnerability : CVE-2016-0503

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Unspecified vulnerability in Oracle MySQL 5.6.27 and earlier and 5.7.9 allows remote authenticated users to affect availability via vectors related to DML, a...

Linux Distros Unpatched Vulnerability : CVE-2016-0611

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Unspecified vulnerability in Oracle MySQL 5.6.27 and earlier and 5.7.9 allows remote authenticated users to affect availability via unknown vectors related to...

CVE-2024-32808

Authorization Bypass Through User-Controlled Key vulnerability in Metagauss ProfileGrid.This issue affects ProfileGrid : from n/a through 5.7.9...

CVE-2022-24892

Shopware is an open source e-commerce software platform. Starting with version 5.0.4 and before version 5.7.9, multiple tokens for password reset can be requested. All tokens can be used to change the password. This makes it possible for an attacker to take over the victim's account if they someh...

CVE-2022-24873

Shopware is an open source e-commerce software platform. Prior to version 5.7.9, Shopware is vulnerable to non-stored cross-site scripting in the storefront. This issue is fixed in version 5.7.9. Users of older versions may attempt to mitigate the vulnerability by using the Shopware security plug...

CVE-2024-32772 WordPress ProfileGrid plugin <= 5.7.9 - Insecure Direct Object References (IDOR) vulnerability

Authorization Bypass Through User-Controlled Key vulnerability in Metagauss ProfileGrid.This issue affects ProfileGrid : from n/a through 5.7.9...

WordPress plugin ProfileGrid 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

WordPress plugin ProfileGrid 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

PT-2024-24882 · Unknown · Metagauss Profilegrid

Name of the Vulnerable Software and Affected Versions: Metagauss ProfileGrid versions through 5.7.9 Description: The issue is related to an Authorization Bypass Through User-Controlled Key vulnerability. This allows for potential unauthorized access. Recommendations: For versions through 5.7.9,...

WordPress ProfileGrid plugin <= 5.7.9 - Insecure Direct Object References (IDOR) vulnerability

Insecure Direct Object References IDOR vulnerability discovered by Kyle Sanchez Patchstack Alliance in WordPress Plugin ProfileGrid versions = 5.7.9...