Lucene search
+L

28 matches found

EUVD
EUVD
added 4 days ago8 views

EUVD-2026-43288

The Tutor LMS WordPress plugin before 3.9.13 does not perform any authorization or post-target validation before creating a comment in one of its handlers, and stores the comment pre-approved, allowing authenticated users with subscriber-level access and above to post auto-approved comments...

4.3CVSS6.2AI score0.0017EPSS
Exploits0References2
OSV
OSV
added 2026/06/19 9:43 p.m.11 views

GHSA-X975-RGX4-5FH4 appium-mcp: Unescaped Locator Data XSS in MCP-UI Resource (createLocatorGeneratorUI)

Unescaped Locator Data XSS in MCP-UI Resource createLocatorGeneratorUI Summary appium-mcp's createLocatorGeneratorUI function interpolates attacker-controlled element attributes — text, content-desc, resource-id, and locator selector values — directly into an HTML template literal without any HTM...

8.2CVSS6.4AI score0.00276EPSS
Exploits0References4
Github Security Blog
Github Security Blog
added 2026/06/16 11:41 p.m.10 views

Gitea: Authorization Bypass via "Allow edits from maintainers" allows unauthorized commits to any readable repo

Summary Any authenticated low-privilege user with read access to a repository can push arbitrary commits directly to that repository, bypassing all write-access checks. Vulnerability Gitea's "Allow edits from maintainers" PR option can be abused via reverse-fork PRs: 1. The web UI PR-create...

8.5CVSS5.5AI score0.00291EPSS
Exploits0References2Affected Software1
EUVD
EUVD
added 2026/05/14 5:1 p.m.11 views

EUVD-2026-30345

etcd is a distributed key-value store for the data of a distributed system. Prior to 3.4.44, 3.5.30, and 3.6.11, a vulnerability in etcd allows read access via PrevKv, or lease attachment in Put requests within transaction operations, to bypass RBAC authorization checks. An authenticated user...

5.8AI score0.00225EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/05/13 7:28 p.m.11 views

CVE-2026-28380 BAC in Snapshot API allows deletion of unauthorized dashboard snapshots

Any Editor could delete any snapshot, even if they have no access to read or write them...

6.5CVSS5.8AI score0.00227EPSS
Exploits0References1
Github Security Blog
Github Security Blog
added 2026/05/12 3:9 p.m.14 views

Decimal: Unbounded exponent in `Decimal.new` enables unauthenticated DoS

Summary decimal doesn't bound the exponent on parsed input, so something like "1e10000000" is parsed fine but then explodes the memory to more than 7GB if you run e.g. Decimal.addDecimal.parse"1e10000000", 1 because for positive exp, the function tail-recurses with coef 10 and exp - 1 per...

6.9CVSS5.8AI score0.00321EPSS
Exploits0References7Affected Software1
OSV
OSV
added 2026/04/22 2:31 p.m.11 views

GHSA-9237-RG5P-RHFW @saltcorn/data: Tenant user role is used for tenant creation role check

Summary When a tenant admin is logged out of the root domain e.g., saltcorn.com but logged in to their own tenant space as admin, they can simply append /tenant/create to their tenant URL. The system reads the role from the tenant context admin, and a new tenant is created on the root domain in...

8.7CVSS5.8AI score
Exploits0References2
CNNVD
CNNVD
added 2026/04/01 12:0 a.m.9 views

Temporal Server 安全漏洞

Temporal Server is a microservices orchestration platform developed by Temporal Corporation. There is a security vulnerability in Temporal Server. This vulnerability stems from the fact that users with the “Writer” role in the namespaces controlled by attackers can send signals, delete, and reset...

2.3CVSS5.9AI score0.00248EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/03/13 12:0 a.m.13 views

PT-2026-25283

CVE-2026-32437 Missing Authorization vulnerability in vowelweb VW Portfolio vw-portfolio allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects V… https://t.co/9JFCItlzb8...

5.3CVSS5.8AI score0.00243EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2026/03/07 7:59 a.m.5 views

CVE-2026-29073

SiYuan is a personal knowledge management system. Prior to version 3.6.0, the /api/query/sql lets a user run sql directly, but it only checks basic auth, not admin rights, any logged-in user, even readers, can run any sql query on the database. This issue has been patched in version 3.6.0...

8.8CVSS5.8AI score0.00323EPSS
Exploits1References1
CNNVD
CNNVD
added 2026/03/06 12:0 a.m.6 views

Plane 代码问题漏洞

Plane is an open-source, self-hosted project planning tool developed by Plane OpenSource. Versions of Plane prior to 1.2.3 contained code vulnerabilities. These vulnerabilities stemmed from the Webhook URL validation only checking ip.isloopback, which could allow attackers with the ADMIN role to...

8.5CVSS5.9AI score0.00284EPSS
Exploits0References3
EUVD
EUVD
added 2025/12/09 6:30 p.m.5 views

EUVD-2025-202104

Missing Authorization vulnerability in Wealcoder Animation Addons for Elementor animation-addons-for-elementor allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Animation Addons for Elementor: from n/a through = 2.4.5...

6.5CVSS6.5AI score0.003EPSS
Exploits0References2
CNNVD
CNNVD
added 2025/12/04 12:0 a.m.5 views

Sunbird DCIM dcTrack 安全漏洞

Sunbird DCIM dcTrack is an asset monitoring management software from Sunbird DCIM. A security vulnerability exists in Sunbird DCIM dcTrack that stems from remote access feature abuse and could result in network traffic redirection...

7.4CVSS6.7AI score0.00299EPSS
Exploits0References2
Cvelist
Cvelist
added 2025/11/19 5:23 p.m.13 views

CVE-2025-65028 Rallly Has an IDOR Vulnerability in Vote Update Endpoint Allows Unauthorized Manipulation of Participant Votes

Rallly is an open-source scheduling and collaboration tool. Prior to version 4.5.4, an insecure direct object reference IDOR vulnerability allows any authenticated user to modify other participants’ votes in polls without authorization. The backend relies solely on the participantId parameter to...

6.5CVSS0.00229EPSS
Exploits1References2
Positive Technologies
Positive Technologies
added 2025/10/27 12:0 a.m.5 views

PT-2025-43805

Missing Authorization vulnerability in PickPlugins Testimonial Slider testimonial allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Testimonial Slider: from n/a through = 2.0.15...

8.8CVSS7AI score0.00301EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2025/09/19 12:0 a.m.5 views

PT-2025-38599

Name of the Vulnerable Software and Affected Versions Vasion Print formerly PrinterLogic Virtual Appliance Host and Application VA and SaaS deployments affected versions not specified Description The Vasion Print Virtual Appliance exposes network account credentials in clear-text within the...

8.6CVSS6.2AI score0.00319EPSS
Exploits1References9
RedhatCVE
RedhatCVE
added 2025/05/23 8:20 a.m.5 views

CVE-2024-6692

The Easy Digital Downloads – Sell Digital Files & Subscriptions eCommerce Store + Payments Made Easy plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Agreement Text value in all versions up to, and including, 3.3.2 due to insufficient input sanitization and output escapin...

3.3CVSS5AI score0.00356EPSS
Exploits0References1
SUSE CVE
SUSE CVE
added 2025/01/15 3:48 a.m.6 views

SUSE CVE-2025-23222

An issue was discovered in Deepin dde-api-proxy through 1.0.19 in which unprivileged users can access D-Bus services as root. Specifically, dde-api-proxy runs as root and forwards messages from arbitrary local users to legacy D-Bus methods in the actual D-Bus services, and the actual D-Bus servic...

8.4CVSS7.1AI score0.00237EPSS
Exploits0References3
OSV
OSV
added 2024/06/07 5:15 a.m.3 views

CVE-2024-4902

The Tutor LMS – eLearning and online course solution plugin for WordPress is vulnerable to time-based SQL Injection via the ‘courseid’ parameter in all versions up to, and including, 2.7.1 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existi...

7.2CVSS5.9AI score0.00495EPSS
Exploits0References3
OSV
OSV
added 2024/05/14 3:42 p.m.7 views

AZL-42327 CVE-2024-3727 affecting package skopeo for versions less than 1.14.4-1

A flaw was found in the github.com/containers/image library. This flaw allows attackers to trigger unexpected authenticated registry accesses on behalf of a victim user, causing resource exhaustion, local path traversal, and other attacks...

8.3CVSS6.6AI score0.01279EPSS
Exploits0References1
Rows per page
Query Builder