Lucene search
K

385 matches found

ATTACKERKB
ATTACKERKB
added 2026/03/09 12:0 a.m.2 views

CVE-2025-70046

An issue pertaining to CWE-829: Inclusion of Functionality from Untrusted Control Sphere was discovered in Miazzy oa-front-service master...

5.8AI score0.00359EPSS
Exploits0References4
Cvelist
Cvelist
added 2026/03/09 12:0 a.m.30 views

CVE-2025-70046

An issue pertaining to CWE-829: Inclusion of Functionality from Untrusted Control Sphere was discovered in Miazzy oa-front-service master...

0.00359EPSS
Exploits0References3
CVE
CVE
added 2026/03/09 12:0 a.m.10 views

CVE-2025-70046

Technical details regarding CVE-2025-70046 are not publicly provided in the supplied connected documents. The records consistently reference CWE-829 and Miazzy oa-front-service master without specifics on affected components, versions, or mitigations.

9.8CVSS5.8AI score0.00359EPSS
Exploits0References3Affected Software1
RedhatCVE
RedhatCVE
added 2026/03/06 7:54 a.m.5 views

CVE-2026-28135

Inclusion of Functionality from Untrusted Control Sphere vulnerability in WP Royal Royal Elementor Addons royal-elementor-addons allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Royal Elementor Addons: from n/a through = 1.7.1052...

8.2CVSS5.9AI score0.00229EPSS
Exploits0References1
NVD
NVD
added 2026/03/05 6:16 a.m.17 views

CVE-2026-28135

Inclusion of Functionality from Untrusted Control Sphere vulnerability in WP Royal Royal Elementor Addons royal-elementor-addons allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Royal Elementor Addons: from n/a through = 1.7.1052...

8.2CVSS0.00229EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/03/05 5:54 a.m.4 views

CVE-2026-28135 WordPress Royal Elementor Addons plugin <= 1.7.1052 - Other vulnerability Type vulnerability

Inclusion of Functionality from Untrusted Control Sphere vulnerability in WP Royal Royal Elementor Addons royal-elementor-addons allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Royal Elementor Addons: from n/a through = 1.7.1052...

5.9AI score0.00229EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/03/05 5:54 a.m.5 views

CVE-2026-28135

Inclusion of Functionality from Untrusted Control Sphere vulnerability in WP Royal Royal Elementor Addons royal-elementor-addons allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Royal Elementor Addons: from n/a through = 1.7.1049...

5.9AI score0.00229EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/03/05 5:54 a.m.43 views

CVE-2026-28135 WordPress Royal Elementor Addons plugin <= 1.7.1052 - Other vulnerability Type vulnerability

Inclusion of Functionality from Untrusted Control Sphere vulnerability in WP Royal Royal Elementor Addons royal-elementor-addons allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Royal Elementor Addons: from n/a through = 1.7.1052...

8.2CVSS0.00229EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/03/05 12:0 a.m.9 views

PT-2026-23405

Name of the Vulnerable Software and Affected Versions WP Royal Royal Elementor Addons versions through 1.7.1049 Description The software contains a flaw related to the inclusion of functionality from an untrusted control sphere, potentially allowing access to functionality not properly constraine...

8.2CVSS5.9AI score0.00229EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2026/03/02 4:53 p.m.5 views

CVE-2025-47378 Exposure of Sensitive System Information to an Unauthorized Control Sphere in HLOS

Cryptographic Issue when a shared VM reference allows HLOS to boot loader and access cert chain...

7.1CVSS5.9AI score0.0007EPSS
Exploits0References1
CVE
CVE
added 2026/03/02 4:53 p.m.23 views

CVE-2025-47378

CVE-2025-47378 is described as a cryptographic issue where a shared VM reference allows HLOS to boot the loader and access the certificate chain. Connected sources corroborate a cryptographic exposure affecting HLOS/boot chain components and reference related advisories from Red Hat and NCSC; how...

7.1CVSS5.9AI score0.0007EPSS
Exploits0References1Affected Software1
RedhatCVE
RedhatCVE
added 2026/02/24 11:2 p.m.9 views

CVE-2026-3075

Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in Jeff Starr Simple Ajax Chat simple-ajax-chat allows Retrieve Embedded Sensitive Data.This issue affects Simple Ajax Chat: from n/a through = 20251121...

5.3CVSS5.4AI score0.00304EPSS
Exploits0References1
NVD
NVD
added 2026/02/23 9:19 p.m.8 views

CVE-2026-3075

Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in Jeff Starr Simple Ajax Chat simple-ajax-chat allows Retrieve Embedded Sensitive Data.This issue affects Simple Ajax Chat: from n/a through = 20251121...

5.3CVSS0.00304EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/02/23 12:0 a.m.9 views

PT-2026-21561

Name of the Vulnerable Software and Affected Versions Jeff Starr Simple Ajax Chat versions prior to 20251122 Description A flaw exists in Jeff Starr Simple Ajax Chat that allows retrieval of embedded sensitive data, potentially exposing sensitive system information to an unauthorized control...

5.2AI score0.00304EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2026/02/20 1:27 p.m.5 views

CVE-2026-25325

Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in rtCamp rtMedia for WordPress, BuddyPress and bbPress buddypress-media allows Retrieve Embedded Sensitive Data.This issue affects rtMedia for WordPress, BuddyPress and bbPress: from n/a through = 4.7.8...

5.3CVSS5.5AI score0.00316EPSS
Exploits0References1
NVD
NVD
added 2026/02/19 9:16 a.m.5 views

CVE-2026-25389

Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in Metagauss EventPrime eventprime-event-calendar-management allows Retrieve Embedded Sensitive Data.This issue affects EventPrime: from n/a through = 4.2.8.3...

5.3CVSS0.0024EPSS
Exploits0References1
Snyk
Snyk
added 2026/02/18 3:31 p.m.8 views

Exposure of Sensitive System Information to an Unauthorized Control Sphere

Overview org.jenkins-ci.main:jenkins-core is an open source automation server. Affected versions of this package are vulnerable to Exposure of Sensitive System Information to an Unauthorized Control Sphere via the Run Parameter values. An attacker can access information about the existence of job...

5.3CVSS5.7AI score0.00333EPSS
Exploits0References2
VulnCheck KEV
VulnCheck KEV
added 2026/02/14 12:0 a.m.12 views

VulnCheck KEV: CVE-2026-0770

Langflow execglobals Inclusion of Functionality from Untrusted Control Sphere Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Langflow. Authentication is not required to exploit this vulnerability. The specific...

9.8CVSS6.3AI score0.10371EPSS
In wildExploits8References3
RedhatCVE
RedhatCVE
added 2026/02/12 1:42 p.m.5 views

CVE-2025-9986

Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in Vadi Corporate Information Systems Ltd. Co. DIGIKENT allows Excavation.This issue affects DIGIKENT: through 13092025...

8.2CVSS5.5AI score0.00217EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/02/11 8:34 a.m.2 views

CVE-2025-9986

Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in Vadi Corporate Information Systems Ltd. Co. DIGIKENT allows Excavation. This issue affects DIGIKENT: through 13092025...

8.2CVSS5.5AI score0.00217EPSS
Exploits0References3
Rows per page
Query Builder