Lucene search
K

7 matches found

ATTACKERKB
ATTACKERKB
added 2026/03/08 11:32 p.m.6 views

CVE-2026-3788

A security vulnerability has been detected in Bytedesk up to 1.3.9. This impacts the function getModels of the file source-code/src/main/java/com/bytedesk/ai/springai/providers/openrouter/SpringAIOpenrouterRestService.java of the component SpringAIOpenrouterRestController. Such manipulation of th...

6.5CVSS6.1AI score0.0042EPSS
Exploits1References9
NVD
NVD
added 2026/03/08 4:16 p.m.12 views

CVE-2026-3748

A security flaw has been discovered in Bytedesk up to 1.3.9. This affects the function uploadFile of the file source-code/src/main/java/com/bytedesk/core/upload/UploadRestController.java of the component SVG File Handler. Performing a manipulation results in unrestricted upload. Remote exploitati...

8.8CVSS0.00482EPSS
Exploits1References9
CVE
CVE
added 2025/02/24 2:49 p.m.62 views

CVE-2025-27340

CVE-2025-27340 describes a CSRF vulnerability in the WordPress plugin F12-Profiler (versions up to 1.3.9). The issue allows unauthorized cross-site requests due to CSRF weaknesses in the plugin. Public references in the connected docs consistently identify the affected software as the F12-Profile...

5.4CVSS7.2AI score0.0014EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/02/24 12:0 a.m.4 views

PT-2025-7757 · Unknown · F12-Profiler

Name of the Vulnerable Software and Affected Versions: F12-Profiler versions 1.3.9 and earlier Description: A Cross-Site Request Forgery CSRF issue affects the software, allowing unauthorized requests. Recommendations: For versions 1.3.9 and earlier, update to a version that contains a fix for th...

5.4CVSS9.4AI score0.0014EPSS
Exploits0References5
Vulnrichment
Vulnrichment
added 2023/12/23 1:59 a.m.1 views

CVE-2023-7002 Backup Migration <= 1.3.9 - Authenticated (Admin+) OS Command Injection via url

The Backup Migration plugin for WordPress is vulnerable to OS Command Injection in all versions up to, and including, 1.3.9 via the 'url' parameter. This vulnerability allows authenticated attackers, with administrator-level permissions and above, to execute arbitrary commands on the host operati...

7.2CVSS7.4AI score0.45898EPSS
Exploits1References6
vulnersOsv
vulnersOsv
added 2023/11/27 12:30 p.m.5 views

com.webank.wedatasphere.dss:dolphinscheduler-prod-metrics (>=1.1.0 <=1.2.2), org.apache.dolphinscheduler:dolphinscheduler-dist (>=2.0.0 <=2.0.9) +2 more potentially affected by CVE-2023-49068 via org.apache.dolphinscheduler:dolphinscheduler-api (>=1.3.9 <=3.0.6)

org.apache.dolphinscheduler:dolphinscheduler-api MAVEN version =1.3.9, =1.1.0, =2.0.0, =2.0.2, =1.3.9, =3.0.6 Source cves: CVE-2023-49068 Source advisory: OSV:GHSA-C6CG-73P3-973H...

7.5CVSS7.1AI score0.01052EPSS
Exploits0
Positive Technologies
Positive Technologies
added 2020/11/19 12:0 a.m.5 views

PT-2020-5862 · Containerd +5 · Kubernetes Containerd +4

Name of the Vulnerable Software and Affected Versions: containerd versions prior to 1.3.9 and 1.4.3 Description: The issue is related to the improper exposure of the containerd-shim API to host network containers. Access controls for the shim's API socket verified that the connecting process had ...

9.8CVSS6.3AI score0.9857EPSS
Exploits40References116
Rows per page
Query Builder