8 matches found
CVE-2026-22390
Improper Control of Generation of Code 'Code Injection' vulnerability in Builderall Builderall Builder for WordPress builderall-cheetah-for-wp allows Code Injection.This issue affects Builderall Builder for WordPress: from n/a through = 3.0.1...
EUVD-2025-36693
To trigger the issue, three configuration parameters must have specific settings: "hostname-char-set" must be left at the default setting, which is "^A-Za-z0-9.-"; "hostname-char-replacement" must be empty the default; and "ddns-qualifying-suffix" must NOT be empty the default is empty. DDNS...
PT-2024-25343 · Vitepos · Vitepos
Name of the Vulnerable Software and Affected Versions: Vitepos versions 3.0.1 and earlier Description: A Missing Authorization issue affects the software, allowing potential unauthorized access. The estimated number of potentially affected devices worldwide is not specified. There is no informati...
@anothersoftware/lotion-connect (>=0.1.23 <=0.1.24), @beaker/core (>=1.0.0 <=3.0.2) +371 more potentially affected by CVE-2021-23386 via dns-packet (>=3.0.1 <=5.2.1)
dns-packet NPM version =3.0.1, =0.1.23, =1.0.0, =1.0.0, =1.2.2, =2.0.6, =2.0.2, =0.0.1, =1.0.0, =1.0.1, =1.0.0, =0.0.1, =1.0.1, =1.0.1, =2.0.0, =2.2.0 and more Source cves: CVE-2021-23386 Source advisory: OSV:GHSA-3WCQ-X3MQ-6R9P...
PT-2021-14888 · Gitlab · Gitlab
Name of the Vulnerable Software and Affected Versions: GitLab versions 3.0.1 and later Description: An issue has been discovered in GitLab where improper access control allows demoted project members to access details on authored merge requests. Recommendations: For GitLab versions 3.0.1 and late...
UBUNTU-CVE-2018-6556
lxc-user-nic when asked to delete a network interface will unconditionally open a user provided path. This code path may be used by an unprivileged user to check for the existence of a path which they wouldn't otherwise be able to reach. It may also be used to trigger side effects by causing a...
CVE-2017-10391
Vulnerability in the Oracle GlassFish Server component of Oracle Fusion Middleware subcomponent: Administration. Supported versions that are affected are 3.0.1 and 3.1.2. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle GlassFish...
Oracle GlassFish Server Remote Security Vulnerability (CNVD-2017-00928)
Oracle GlassFish Server is the United States Oracle Oracle company's set of Java Platform, Java EE 6 specification can be realized solution. The program provides flexible, lightweight and ready to use for the development of applications Java EE 6 application server. A remote security vulnerabilit...