Lucene search
K

10 matches found

CVE
CVE
added 13 hours ago7 views

CVE-2026-24013

Authentication Bypass by Spoofing vulnerability in Apache IoTDB. Certain Thrift RPC query handlers lack strict validation of the sessionId parameter. An attacker can construct requests with a forged sessionId and, without performing openSession authentication, receive valid query results. This...

9.1CVSS6AI score
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.5 views

Astra Linux – Vulnerability in libqb

In logblackbox.c in libqb before version 2.0.8, a buffer overflow can occur due to the use of long log messages, as the size of the log headers is not taken into consideration...

9.8CVSS8.2AI score0.00984EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2025/09/12 1:20 p.m.7 views

CVE-2025-10227

Missing Encryption of Sensitive Data CWE-311 in the Object Archive component in AxxonSoft Axxon One C-Werk before 2.0.8 on Windows and Linux allows a local attacker with access to exported storage or stolen physical drives to extract sensitive archive data in plaintext via lack of encryption at...

5.1CVSS6.3AI score0.00071EPSS
Exploits0References1
NVD
NVD
added 2025/09/10 1:15 p.m.5 views

CVE-2025-10227

Missing Encryption of Sensitive Data CWE-311 in the Object Archive component in AxxonSoft Axxon One C-Werk before 2.0.8 on Windows and Linux allows a local attacker with access to exported storage or stolen physical drives to extract sensitive archive data in plaintext via lack of encryption at...

5.1CVSS0.00071EPSS
Exploits0References1
CNNVD
CNNVD
added 2024/06/09 12:0 a.m.4 views

WordPress plugin Products, Order & Customers Export for WooCommerce Security Vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed in the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A security vulnerability exists in the WordPre...

9.8CVSS6.7AI score0.00402EPSS
Exploits0References2
OSV
OSV
added 2023/11/20 7:15 p.m.2 views

CVE-2023-5799

The WP Hotel Booking WordPress plugin before 2.0.8 does not have proper authorisation when deleting a package, allowing Contributor and above roles to delete posts that do no belong to them...

5.4CVSS5.8AI score
Exploits0References1
OSV
OSV
added 2023/08/08 6:15 a.m.1 views

UBUNTU-CVE-2023-39976

logblackbox.c in libqb before 2.0.8 allows a buffer overflow via long log messages because the header size is not considered...

9.8CVSS7.5AI score0.00984EPSS
Exploits0References6
CNNVD
CNNVD
added 2023/01/23 12:0 a.m.3 views

WordPress plugin Optimize images ALT Text & names for SEO using AI 跨站请求伪造漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. WordPress plugin Optimize...

6.5CVSS6.3AI score0.00332EPSS
Exploits2References2
OSV
OSV
added 2022/03/14 3:15 p.m.6 views

CVE-2022-0147

The Cookie Information | Free GDPR Consent Solution WordPress plugin before 2.0.8 does not escape user data before outputting it back in attributes in the admin dashboard, leading to a Reflected Cross-Site Scripting issue...

6.1CVSS6.4AI score0.01601EPSS
Exploits2References2
OSV
OSV
added 2019/09/03 10:15 p.m.0 views

CVE-2019-15898

Nagios Log Server before 2.0.8 allows Reflected XSS via the username on the Login page...

6.1CVSS6.4AI score0.016EPSS
Exploits1References2
Rows per page
Query Builder