128 matches found
CVE-2026-24950 WordPress Authorsy plugin <= 1.0.6 - Insecure Direct Object References (IDOR) vulnerability
Authorization Bypass Through User-Controlled Key vulnerability in themeplugs Authorsy authorsy allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Authorsy: from n/a through = 1.0.6...
CVE-2022-50686 Kentico Xperience <= 12.0 Portal Engine Form Control Information Disclosure
An information disclosure vulnerability in Kentico Xperience allows attackers to view sensitive stack trace details via Portal Engine form control error messages. Detailed error messages can expose internal system information and potentially reveal implementation details to unauthorized users...
PT-2025-52308
Name of the Vulnerable Software and Affected Versions Kentico Xperience affected versions not specified Description An information disclosure issue exists in Kentico Xperience. Attackers can view sensitive stack trace details through Portal Engine form control error messages. This disclosure of...
Unity Linux 20.1070e Security Update: kernel (UTSA-2025-986378)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-986378 advisory. In the Linux kernel, the following vulnerability has been resolved: dccp: fix dccpv4err/dccpv6err again dh-dccphx is the 9th byte offset 8 in struct dccphdr, not in...
EUVD-2025-24560
Malicious code in bioql PyPI...
CVE-2025-8671
A mismatch caused by client-triggered server-sent stream resets between HTTP/2 specifications and the internal architectures of some HTTP/2 implementations may result in excessive server resource consumption leading to denial-of-service DoS. By opening streams and then rapidly triggering the serv...
CVE-2025-8671
A mismatch caused by client-triggered server-sent stream resets between HTTP/2 specifications and the internal architectures of some HTTP/2 implementations may result in excessive server resource consumption leading to denial-of-service DoS. By opening streams and then rapidly triggering the serv...
UBUNTU-CVE-2025-8671
A mismatch caused by client-triggered server-sent stream resets between HTTP/2 specifications and the internal architectures of some HTTP/2 implementations may result in excessive server resource consumption leading to denial-of-service DoS. By opening streams and then rapidly triggering the serv...
Denial of Service (DoS)
Overview Affected versions of this package are vulnerable to Denial of Service DoS due to incorrect stream accounting in the handling of server-sent stream resets. An attacker can cause excessive server resource consumption by rapidly opening streams and triggering resets using malformed frames o...
CVE-2025-8671 CVE-2025-8671
A mismatch caused by client-triggered server-sent stream resets between HTTP/2 specifications and the internal architectures of some HTTP/2 implementations may result in excessive server resource consumption leading to denial-of-service DoS. By opening streams and then rapidly triggering the serv...
CVE-2025-8671
A mismatch caused by client-triggered server-sent stream resets between HTTP/2 specifications and the internal architectures of some HTTP/2 implementations may result in excessive server resource consumption leading to denial-of-service DoS. By opening streams and then rapidly triggering the serv...
CVE-2025-8671 CVE-2025-8671
A mismatch caused by client-triggered server-sent stream resets between HTTP/2 specifications and the internal architectures of some HTTP/2 implementations may result in excessive server resource consumption leading to denial-of-service DoS. By opening streams and then rapidly triggering the serv...
CVE-2025-8671
A mismatch caused by client-triggered server-sent stream resets between HTTP/2 specifications and the internal architectures of some HTTP/2 implementations may result in excessive server resource consumption leading to denial-of-service DoS. By opening streams and then rapidly triggering the serv...
ROS-20250729-04
A vulnerability in the JSSE component of the Oracle Java SE software platform, Oracle GraalVM for JDK and Oracle GraalVM Enterprise Edition virtual machines is associated with access control errors. JDK and Oracle GraalVM Enterprise Edition virtual machines is related to access control errors...
The vulnerability of the LeAudioService service in Android operating systems allows a hacker to gain access to read and modify data.
The vulnerability of the LeAudioService service on Android operating systems is related to access control errors. Exploiting this vulnerability can allow an attacker to gain access to read and modify data...
The vulnerability of Android operating systems’ isemtelephony services allows attackers to gain unauthorized access to protected information.
The vulnerability of IsemTelephony operating systems for Android is related to access control errors. Exploiting this vulnerability can allow an attacker to gain unauthorized access to protected information...
The vulnerability of the user interface of Juniper Networks Junos OS allows a attacker to trigger a service failure.
The vulnerability of the user interface of Juniper Networks Junos OS is related to access control errors. Exploiting this vulnerability can allow a perpetrator to cause service interruptions...
The vulnerability of the JDBC component of the Oracle Database Server database management system allows a perpetrator to gain unauthorized access to protected information.
The vulnerability of the JDBC component of the Oracle Database Server management database system is related to access control errors. Exploiting this vulnerability can allow an attacker to gain unauthorized access to protected information...
The vulnerability of the Windows Microsoft PC Manager software for maintenance, cleaning, and security operations is related to access control errors, which allow attackers to escalate their privileges.
The vulnerability of the Windows Microsoft PC Manager software for maintenance, cleaning, and security operations is related to access control errors. Exploiting this vulnerability can allow attackers to increase their privileges...
The vulnerability of the “Tekon” SCADA system, related to errors in access control, allows a intruder to gain unauthorized access to protected information.
The vulnerability of the “Tekon” SCADA system, related to access control errors. Exploiting this vulnerability could allow an intruder operating remotely to gain unauthorized access to protected information...