Lucene search
K

12 matches found

CVE
CVE
added 2026/05/17 12:11 p.m.19 views

CVE-2018-25327

Joomla! Component Js Jobs 1.2.0 is affected by a Cross-Site Request Forgery vulnerability that allows attackers to perform state-changing actions without token validation. By tricking an administrator into visiting a malicious page, an attacker can target endpoints such as job.jobenforcedelete to...

6.9CVSS5.7AI score0.00143EPSS
Exploits0References4
OSV
OSV
added 2026/02/21 9:18 a.m.7 views

CVE-2026-27482 Ray: Dashboard DELETE endpoints allow unauthenticated browser-triggered DoS (Serve shutdown / job deletion)

Ray is an AI compute engine. In versions 2.53.0 and below, thedashboard HTTP server blocks browser-origin POST/PUT but does not cover DELETE, and key DELETE endpoints are unauthenticated by default. If the dashboard/agent is reachable e.g., --dashboard-host=0.0.0.0, a web page via DNS rebinding o...

5.9CVSS5.6AI score0.00256EPSS
Exploits1References6
Positive Technologies
Positive Technologies
added 2026/02/20 12:0 a.m.6 views

PT-2026-21334

Name of the Vulnerable Software and Affected Versions Ray versions 2.53.0 and below Description Ray’s dashboard HTTP server does not adequately protect DELETE requests, and key DELETE endpoints are unauthenticated by default. If the dashboard/agent is reachable, a web page using DNS rebinding or...

6.5CVSS5.5AI score0.00256EPSS
Exploits1References18
GitLab Advisory Database
GitLab Advisory Database
added 2026/01/22 12:0 a.m.9 views

Duplicate

This advisory duplicates another...

5.9AI score
Exploits0References3Affected Software1
Patchstack
Patchstack
added 2025/12/31 12:0 a.m.10 views

WordPress WP Job Portal plugin <= 2.2.6 - Insecure Direct Object Reference to Authenticated (Employer+) Arbitrary Job Deletion vulnerability

Insecure Direct Object Reference to Authenticated Employer+ Arbitrary Job Deletion vulnerability discovered by thevietronin - GalaxyOne in WordPress Plugin WP Job Portal versions = 2.2.6...

4.3CVSS5.4AI score0.00342EPSS
Exploits0References1Affected Software1
EUVD
EUVD
added 2025/10/03 8:7 p.m.20 views

EUVD-2022-6405

Malicious code in bioql PyPI...

4.3CVSS4.8AI score0.00454EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2024-51596

Malicious code in bioql PyPI...

4.3CVSS9.2AI score0.00342EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2025/09/17 12:0 a.m.3 views

PT-2025-38253

Name of the Vulnerable Software and Affected Versions Dragonfly versions prior to 2.1.0 Description The /api/v1/jobs and /preheats endpoints in the Manager web UI are accessible without authentication. An unauthenticated adversary with network access to a Manager web UI can create, delete, and...

9.9CVSS6.6AI score0.02829EPSS
Exploits11References46
RedhatCVE
RedhatCVE
added 2025/05/22 11:6 p.m.7 views

CVE-2022-34815

A cross-site request forgery CSRF vulnerability in Jenkins Request Rename Or Delete Plugin 1.1.0 and earlier allows attackers to accept pending requests, thereby renaming or deleting jobs...

4.3CVSS6.8AI score0.00454EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/02/01 7:21 a.m.8 views

CVE-2024-13429 WP Job Portal <= 2.2.6 - Insecure Direct Object Reference to Authenticated (Employer+) Arbitrary Job Deletion

The WP Job Portal – A Complete Recruitment System for Company or Job Board website plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 2.2.6 via the 'jobenforcedelete' due to missing validation on a user controlled key. This makes it possib...

4.3CVSS4.5AI score0.00342EPSS
Exploits0References2
Cvelist
Cvelist
added 2025/02/01 7:21 a.m.18 views

CVE-2024-13429 WP Job Portal <= 2.2.6 - Insecure Direct Object Reference to Authenticated (Employer+) Arbitrary Job Deletion

The WP Job Portal – A Complete Recruitment System for Company or Job Board website plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 2.2.6 via the 'jobenforcedelete' due to missing validation on a user controlled key. This makes it possib...

4.3CVSS0.00342EPSS
Exploits0References2
OSV
OSV
added 2014/05/14 12:0 a.m.4 views

UBUNTU-CVE-2014-1740

Multiple use-after-free vulnerabilities in net/websockets/websocketjob.cc in the WebSockets implementation in Google Chrome before 34.0.1847.137 allow remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to WebSocketJob deletion...

7.5CVSS7.4AI score0.01648EPSS
Exploits0References6
Rows per page
Query Builder