Lucene search
+L

22 matches found

EUVD
EUVD
added yesterday6 views

EUVD-2026-45145

The PhonePe Payment Solutions WordPress plugin before 3.1.0 does not properly verify the authenticity of incoming payment callbacks: the secret used to validate the callback signature is empty on sites configured through the current setup flow, so the expected signature reduces to an unkeyed hash...

7.5CVSS5.4AI score0.00137EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added yesterday3 views

CVE-2026-11575

The PhonePe Payment Solutions WordPress plugin before 3.1.0 does not properly verify the authenticity of incoming payment callbacks: the secret used to validate the callback signature is empty on sites configured through the current setup flow, so the expected signature reduces to an unkeyed hash...

5.4AI score0.00137EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:29 p.m.11 views

CVE-2026-28735

Mattermost versions 11.6.x = 11.6.0, 11.5.x = 11.5.3, 11.4.x = 11.4.4, 10.11.x = 10.11.14 fail to validate the OAuth token scope on the callback which allows an authenticated Mattermost user to gain access to private repositories via modifying the scope parameter in the GitHub authorization URL...

5.4CVSS5.5AI score0.00138EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/02 3:29 p.m.43 views

CVE-2026-34460 NamelessMC: OAuth callback `state` is not validated, allowing login CSRF / session swapping

NamelessMC is website software for Minecraft servers. In versions 2.2.4 and prior, the OAuth callback handling does not validate the state parameter server-side before exchanging the authorization code. This allows an attacker to capture a valid OAuth callback URL for their own account and cause ...

5.4CVSS0.00114EPSS
Exploits0References1
NVD
NVD
added 2026/05/22 5:16 p.m.17 views

CVE-2026-28735

Mattermost versions 11.6.x = 11.6.0, 11.5.x = 11.5.3, 11.4.x = 11.4.4, 10.11.x = 10.11.14 fail to validate the OAuth token scope on the callback which allows an authenticated Mattermost user to gain access to private repositories via modifying the scope parameter in the GitHub authorization URL...

5.4CVSS0.00138EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/05/22 4:26 p.m.11 views

CVE-2026-28735 GitHub OAuth Scope Validation

Mattermost versions 11.6.x = 11.6.0, 11.5.x = 11.5.3, 11.4.x = 11.4.4, 10.11.x = 10.11.14 fail to validate the OAuth token scope on the callback which allows an authenticated Mattermost user to gain access to private repositories via modifying the scope parameter in the GitHub authorization URL...

5.4CVSS5.8AI score0.00138EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/05/22 12:0 a.m.14 views

PT-2026-42799

Name of the Vulnerable Software and Affected Versions Mattermost version 11.6.0 Mattermost version 11.5.3 Mattermost version 11.4.4 Mattermost version 10.11.14 Description An issue exists where the software fails to validate the OAuth token scope during the callback process. This allows an...

5.4CVSS5.8AI score0.00138EPSS
Exploits0References9
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.7 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Fixed a NULL pointer dereferencing in dcn401inithw. dcn401inithw assumes that updatebwboundingbox is valid when entering the update path. However, the current condition: !fams2enable && updatebwboundingbox ||...

5.5CVSS5.8AI score0.00112EPSS
Exploits0References1
OSV
OSV
added 2026/05/08 2:16 p.m.11 views

UBUNTU-CVE-2026-43337

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Fix NULL pointer dereference in dcn401inithw dcn401inithw assumes that updatebwboundingbox is valid when entering the update path. However, the existing condition: !fams2enable && updatebwboundingbox || freqchang...

5.5CVSS5.7AI score0.00112EPSS
Exploits0References6
ATTACKERKB
ATTACKERKB
added 2026/05/08 1:31 p.m.8 views

CVE-2026-43337

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Fix NULL pointer dereference in dcn401inithw dcn401inithw assumes that updatebwboundingbox is valid when entering the update path. However, the existing condition: !fams2enable && updatebwboundingbox || freqchang...

5.5CVSS5.7AI score0.00112EPSS
Exploits0References4Affected Software1
OSV
OSV
added 2026/05/08 1:31 p.m.4 views

CVE-2026-43337 drm/amd/display: Fix NULL pointer dereference in dcn401_init_hw()

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Fix NULL pointer dereference in dcn401inithw dcn401inithw assumes that updatebwboundingbox is valid when entering the update path. However, the existing condition: !fams2enable && updatebwboundingbox || freqchang...

5.5CVSS5.9AI score0.00112EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2026/05/08 12:0 a.m.19 views

PT-2026-38988

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Fix NULL pointer dereference in dcn401 init hw dcn401 init hw assumes that update bw bounding box is valid when entering the update path. However, the existing condition: !fams2 enable && update bw bounding box |...

5.7AI score0.00112EPSS
Exploits0References4
OSV
OSV
added 2026/05/06 9:34 p.m.9 views

GHSA-FCX8-PH5R-MXR4 Flight has reflected XSS through an unvalidated JSONP callback in Flight::jsonp()

Summary Flight::jsonp concatenates the ?jsonp= query parameter directly into an application/javascript response body without validating that the value is a legal JavaScript identifier. An attacker can inject arbitrary JavaScript that executes in the response origin, enabling reflected cross-site...

8.6CVSS5.9AI score0.00341EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/05/06 12:0 a.m.13 views

PT-2026-38270

Name of the Vulnerable Software and Affected Versions Flight versions prior to 3.18.1 Description The Flight::jsonp function concatenates the jsonp query parameter directly into an application/javascript response body without validating if the value is a legal JavaScript identifier. This allows a...

8.6CVSS5.8AI score0.00341EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2026/03/24 4:9 p.m.9 views

CVE-2026-29091

A flaw was found in Locutus, a project that brings standard libraries of other programming languages to JavaScript. A remote attacker could exploit an insecure implementation of the calluserfuncarray function, which fails to properly validate all components of a callback array before passing them...

8.1CVSS6AI score0.00786EPSS
Exploits1References5
Snyk
Snyk
added 2026/03/09 5:24 p.m.4 views

Open Redirect

Overview Affected versions of this package are vulnerable to Open Redirect via improper validation of the redirecturi parameter. An attacker can intercept authorization codes by crafting a malicious authorization link that leverages userinfo/host confusion, causing the code to be sent to an...

7.1CVSS5.8AI score0.00204EPSS
Exploits0References2
NVD
NVD
added 2026/02/17 5:16 a.m.8 views

CVE-2026-2592

The Zarinpal Gateway for WooCommerce plugin for WordPress is vulnerable to Improper Access Control to Payment Status Update in all versions up to and including 5.0.16. This is due to the payment callback handler 'ReturnfromZarinPalGateway' failing to validate that the authority token provided in...

7.7CVSS0.00296EPSS
Exploits0References7
Positive Technologies
Positive Technologies
added 2024/10/21 12:0 a.m.11 views

PT-2024-15967 · WordPress · Rover Idx Plugin

Name of the Vulnerable Software and Affected Versions: Rover IDX plugin for WordPress versions up to and including 3.0.0.2905 Description: The issue arises from insufficient validation and capability check on the rover idx refresh social callback function, allowing authenticated attackers with...

8.8CVSS6.7AI score0.00535EPSS
Exploits0References11
Github Security Blog
Github Security Blog
added 2024/05/15 9:41 p.m.16 views

FOSRestBundle issue with broken validation of JSONP callbacks

Starting with FOSRestBundle 1.2 we switched to using willdurand/jsonp-callback-validator for validation of JSONP callbacks. However the change was implemented incorrectly validating the callback query param name, rather than its value. Anyone using the JSONP handler which is off by default togeth...

7.2AI score
Exploits0References4Affected Software1
VulnCheck KEV
VulnCheck KEV
added 2024/01/21 12:0 a.m.3 views

VulnCheck KEV: CVE-2022-1020

The Product Table for WooCommerce wooproducttable WordPress plugin before 3.1.2 does not have authorisation and CSRF checks in the wptadminupdatenoticeoption AJAX action available to both unauthenticated and authenticated users, as well as does not validate the callback parameter,...

9.8CVSS7.3AI score0.26586EPSS
Exploits2References1
Rows per page
Query Builder