Lucene search
K

1833 matches found

Positive Technologies
Positive Technologies
added 2026/04/03 12:0 a.m.7 views

PT-2026-30198

Name of the Vulnerable Software and Affected Versions mlflow/mlflow affected versions not specified Description The FastAPI job endpoints under /ajax-api/3.0/jobs/ in mlflow/mlflow are not protected by authentication or authorization when the basic-auth app is enabled. If job execution is enabled...

9.8CVSS7.8AI score0.04392EPSS
Exploits1References13
CNNVD
CNNVD
added 2026/04/03 12:0 a.m.9 views

OpenPrinting CUPS 输入验证错误漏洞

OpenPrinting CUPS is an open-source printing system developed by OpenPrinting Corporation, suitable for Linux® and other Unix®-based operating systems. Versions of OpenPrinting CUPS prior to 2.4.16 contained a vulnerability related to input validation. This vulnerability occurred in network-expos...

7.5CVSS6.1AI score0.00502EPSS
Exploits1References1
Snyk
Snyk
added 2026/04/01 11:37 p.m.5 views

Directory Traversal

Overview Affected versions of this package are vulnerable to Directory Traversal via the IO::FS::WRITE function. An attacker can write arbitrary files to unintended locations on the filesystem with attacker-controlled content by supplying crafted filenames containing traversal sequences, which ar...

8.8CVSS6.3AI score0.00514EPSS
Exploits1References2
Positive Technologies
Positive Technologies
added 2026/04/01 12:0 a.m.4 views

PT-2026-30238

Name of the Vulnerable Software and Affected Versions CUPS versions 2.4.16 and prior Description A flaw exists in the CUPS printing system's cupsd daemon due to insufficient input validation when processing the textWithoutLanguage parameter. Successful exploitation allows a remote attacker to...

7.8CVSS6.4AI score0.00502EPSS
Exploits5References83
Positive Technologies
Positive Technologies
added 2026/04/01 12:0 a.m.6 views

PT-2026-29811

Summary A path traversal vulnerability in Ferret's IO::FS::WRITE standard library function allows a malicious website to write arbitrary files to the filesystem of the machine running Ferret. When an operator scrapes a website that returns filenames containing ../ sequences, and uses those...

8.1CVSS6.5AI score0.00514EPSS
Exploits1References5
RedhatCVE
RedhatCVE
added 2026/03/26 5:3 p.m.3 views

CVE-2026-23806

Missing Authorization vulnerability in BlueGlass Interactive AG Jobs for WordPress job-postings allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Jobs for WordPress: from n/a through = 2.8...

7.5CVSS5.8AI score0.00353EPSS
Exploits0References1
EUVD
EUVD
added 2026/03/25 6:31 p.m.4 views

EUVD-2026-15542

Missing Authorization vulnerability in BlueGlass Interactive AG Jobs for WordPress job-postings allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Jobs for WordPress: from n/a through = 2.8...

5.8AI score0.00353EPSS
Exploits0References2
NVD
NVD
added 2026/03/25 5:16 p.m.4 views

CVE-2026-23806

Missing Authorization vulnerability in BlueGlass Interactive AG Jobs for WordPress job-postings allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Jobs for WordPress: from n/a through = 2.8...

7.5CVSS0.00353EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/03/25 4:14 p.m.2 views

CVE-2026-23806 WordPress Jobs for WordPress plugin <= 2.8 - Broken Access Control vulnerability

Missing Authorization vulnerability in BlueGlass Interactive AG Jobs for WordPress job-postings allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Jobs for WordPress: from n/a through = 2.8...

7.5CVSS5.9AI score0.00353EPSS
Exploits0References1
CVE
CVE
added 2026/03/25 4:14 p.m.10 views

CVE-2026-23806

CVE-2026-23806 corresponds to a Missing Authorization / Broken Access Control vulnerability in the WordPress plugin Jobs for WordPress, affecting versions through 2.8. The issue arises from incorrectly configured access control security levels, potentially enabling unauthorized access or actions ...

7.5CVSS5.8AI score0.00353EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/03/25 4:14 p.m.26 views

CVE-2026-23806 WordPress Jobs for WordPress plugin <= 2.8 - Broken Access Control vulnerability

Missing Authorization vulnerability in BlueGlass Interactive AG Jobs for WordPress job-postings allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Jobs for WordPress: from n/a through = 2.8...

7.5CVSS0.00353EPSS
Exploits0References1
EUVD
EUVD
added 2026/03/24 12:30 p.m.5 views

EUVD-2019-20013

Zeeways Jobsite CMS contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the 'id' GET parameter. Attackers can send crafted requests to newsdetails.php, jobsdetails.php, or jobcmpdetails.php with malicious 'id'...

8.8CVSS5.9AI score0.00327EPSS
Exploits1References4
NVD
NVD
added 2026/03/24 12:16 p.m.6 views

CVE-2019-25636

Zeeways Jobsite CMS contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the 'id' GET parameter. Attackers can send crafted requests to newsdetails.php, jobsdetails.php, or jobcmpdetails.php with malicious 'id'...

8.8CVSS0.00327EPSS
Exploits1References3
ATTACKERKB
ATTACKERKB
added 2026/03/24 11:27 a.m.2 views

CVE-2019-25636

Zeeways Jobsite CMS contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the 'id' GET parameter. Attackers can send crafted requests to newsdetails.php, jobsdetails.php, or jobcmpdetails.php with malicious 'id'...

8.8CVSS5.9AI score0.00327EPSS
Exploits1References3
Vulnrichment
Vulnrichment
added 2026/03/24 11:27 a.m.2 views

CVE-2019-25636 Zeeways Jobsite CMS Lastest SQL Injection via id Parameter

Zeeways Jobsite CMS contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the 'id' GET parameter. Attackers can send crafted requests to newsdetails.php, jobsdetails.php, or jobcmpdetails.php with malicious 'id'...

8.8CVSS5.9AI score0.00327EPSS
Exploits1References3
Cvelist
Cvelist
added 2026/03/24 11:27 a.m.22 views

CVE-2019-25636 Zeeways Jobsite CMS Lastest SQL Injection via id Parameter

Zeeways Jobsite CMS contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the 'id' GET parameter. Attackers can send crafted requests to newsdetails.php, jobsdetails.php, or jobcmpdetails.php with malicious 'id'...

8.8CVSS0.00327EPSS
Exploits1References3
CVE
CVE
added 2026/03/24 11:27 a.m.8 views

CVE-2019-25636

Zeeways Jobsite CMS (CVE-2019-25636) contains an SQL injection vulnerability in the id parameter of the news_details.php, jobs_details.php, and job_cmp_details.php endpoints. The flaw allows unauthenticated attackers to manipulate database queries by injecting SQL code (including GROUP BY and CAS...

8.8CVSS5.9AI score0.00327EPSS
Exploits1References3Affected Software1
CNNVD
CNNVD
added 2026/03/24 12:0 a.m.17 views

Wallos 代码问题漏洞

Wallos is an open-source personal subscription tracker developed by Miguel Ribeiro. Versions of Wallos prior to 4.7.0 had code vulnerabilities. These vulnerabilities stemmed from incomplete SSRF protections, and the save endpoint did not apply the validatewebhookurlforssrf protection. This allowe...

7.7CVSS7.4AI score0.00282EPSS
Exploits3References2
Positive Technologies
Positive Technologies
added 2026/03/24 12:0 a.m.4 views

PT-2026-27370

Zeeways Jobsite CMS contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the 'id' GET parameter. Attackers can send crafted requests to news details.php, jobs details.php, or job cmp details.php with malicious...

8.8CVSS5.9AI score0.00327EPSS
Exploits1References4
Veeam
Veeam
added 2026/03/24 12:0 a.m.6 views

How to Safely Perform Snapshot Rollback of Veeam Backup for Microsoft 365

Purpose This article provides step-by-step guidance for performing a snapshot rollback of a Veeam Backup for Microsoft 365 deployment in the event of a disaster. Critical Warning Rolling back to a snapshot is a complex and highly risky process that should only be performed in rare disaster...

5.9AI score
Exploits0Affected Software1
Rows per page
Query Builder