Lucene search
K

2981 matches found

Chainguard
Chainguard
added 2026/04/10 2:13 a.m.4 views

GHSA-P5VH-P63C-CG4V vulnerabilities

Vulnerabilities for packages: linux-qemu, linux-azure, linux-gcp, linux-vmware, linux-aws...

5.9AI score
Exploits0
Chainguard
Chainguard
added 2026/04/10 2:13 a.m.5 views

CVE-2026-23138 vulnerabilities

Vulnerabilities for packages: linux-qemu, linux-azure, linux-gcp, linux-vmware, linux-aws...

5.5CVSS5.9AI score0.00122EPSS
Exploits0
UbuntuCve
UbuntuCve
added 2026/04/10 12:0 a.m.3 views

CVE-2026-33455

Livestatus injection in the monitoring quicksearch in Checkmk 2.5.0b4 allows an authenticated attacker to inject livestatus commands via the search query due to insufficient input sanitization in search filter plugins...

6.3CVSS5.8AI score0.00175EPSS
Exploits0References2
EUVD
EUVD
added 2026/04/09 6:30 a.m.5 views

EUVD-2026-20843

The Quick Playground plugin for WordPress is vulnerable to Remote Code Execution in all versions up to, and including, 1.3.1. This is due to insufficient authorization checks on REST API endpoints that expose a sync code and allow arbitrary file uploads. This makes it possible for unauthenticated...

9.8CVSS6.7AI score0.03092EPSS
Exploits3References5
NVD
NVD
added 2026/04/09 5:16 a.m.4 views

CVE-2026-1830

The Quick Playground plugin for WordPress is vulnerable to Remote Code Execution in all versions up to, and including, 1.3.1. This is due to insufficient authorization checks on REST API endpoints that expose a sync code and allow arbitrary file uploads. This makes it possible for unauthenticated...

9.8CVSS0.03092EPSS
Exploits3References4
CVE
CVE
added 2026/04/09 3:25 a.m.18 views

CVE-2026-1830

The CVE concerns the WordPress plugin Quick Playground (version range: all up to 1.3.1). The vulnerability arises from insufficient authorization checks on REST API endpoints that expose a sync code and permit arbitrary file uploads, enabling unauthenticated Remote Code Execution . Attackers coul...

9.8CVSS6.7AI score0.03092EPSS
Exploits3References4
Vulnrichment
Vulnrichment
added 2026/04/09 3:25 a.m.3 views

CVE-2026-1830 Quick Playground <= 1.3.1 - Missing Authorization to Unauthenticated Arbitrary File Upload

The Quick Playground plugin for WordPress is vulnerable to Remote Code Execution in all versions up to, and including, 1.3.1. This is due to insufficient authorization checks on REST API endpoints that expose a sync code and allow arbitrary file uploads. This makes it possible for unauthenticated...

9.8CVSS6.7AI score0.03092EPSS
Exploits3References4
ATTACKERKB
ATTACKERKB
added 2026/04/09 3:25 a.m.7 views

CVE-2026-1830

The Quick Playground plugin for WordPress is vulnerable to Remote Code Execution in all versions up to, and including, 1.3.1. This is due to insufficient authorization checks on REST API endpoints that expose a sync code and allow arbitrary file uploads. This makes it possible for unauthenticated...

9.8CVSS6.7AI score0.03092EPSS
Exploits3References5
Cvelist
Cvelist
added 2026/04/09 3:25 a.m.41 views

CVE-2026-1830 Quick Playground <= 1.3.1 - Missing Authorization to Unauthenticated Arbitrary File Upload

The Quick Playground plugin for WordPress is vulnerable to Remote Code Execution in all versions up to, and including, 1.3.1. This is due to insufficient authorization checks on REST API endpoints that expose a sync code and allow arbitrary file uploads. This makes it possible for unauthenticated...

9.8CVSS0.03092EPSS
Exploits3References4
CNNVD
CNNVD
added 2026/04/09 12:0 a.m.9 views

WordPress plugin Quick Playground 安全漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. WordPres...

9.8CVSS6.2AI score0.03092EPSS
Exploits3References4
Positive Technologies
Positive Technologies
added 2026/04/09 12:0 a.m.4 views

PT-2026-31577

Name of the Vulnerable Software and Affected Versions The Quick Playground plugin for WordPress versions up to and including 1.3.1 Description The Quick Playground plugin for WordPress is susceptible to Remote Code Execution due to inadequate authorization checks on REST API endpoints. These...

9.8CVSS6.6AI score0.03092EPSS
Exploits3References14
RedHat Linux
RedHat Linux
added 2026/04/07 4:8 p.m.3 views

Intel (R): From CVEorg collector

Missing protection mechanism for alternate hardware interface in the Intel® Quick Assist Technology for some Intel® Platforms within Ring 0: Kernel may allow an escalation of privilege. System software adversary with a privileged user combined with a low complexity attack may enable escalation of...

7.9CVSS5.8AI score0.00151EPSS
Exploits0References5
Malwarebytes
Malwarebytes
added 2026/04/07 11:57 a.m.6 views

Traffic violation scams swap links for QR codes to steal your card details

As soon as people start to get to grips with a certain type of scam, criminals deploy new tactics to keep stealing money. Now people have learned to distrust links in text messages, scammers have changed the bait, and in 2026 the “new link” is often a QR code tucked inside a fake notice. The late...

5.9AI score
Exploits0
RedhatCVE
RedhatCVE
added 2026/04/02 10:53 a.m.3 views

CVE-2026-24096

Insufficient permission validation on multiple REST API Quick Setup endpoints in Checkmk 2.5.0 beta before version 2.5.0b2 and 2.4.0 before version 2.4.0p25 allows low-privileged users to perform unauthorized actions or obtain sensitive information...

8.8CVSS5.9AI score0.00236EPSS
Exploits0References1
EUVD
EUVD
added 2026/04/01 12:31 p.m.3 views

EUVD-2026-17867

Insufficient permission validation on multiple REST API Quick Setup endpoints in Checkmk 2.5.0 beta before version 2.5.0b2 and 2.4.0 before version 2.4.0p25 allows low-privileged users to perform unauthorized actions or obtain sensitive information...

5.3CVSS5.9AI score0.00236EPSS
Exploits0References2
NVD
NVD
added 2026/04/01 11:15 a.m.6 views

CVE-2026-24096

Insufficient permission validation on multiple REST API Quick Setup endpoints in Checkmk 2.5.0 beta before version 2.5.0b2 and 2.4.0 before version 2.4.0p25 allows low-privileged users to perform unauthorized actions or obtain sensitive information...

8.8CVSS0.00236EPSS
Exploits0References1
OSV
OSV
added 2026/04/01 11:15 a.m.3 views

UBUNTU-CVE-2026-24096

Insufficient permission validation on multiple REST API Quick Setup endpoints in Checkmk 2.5.0 beta before version 2.5.0b2 and 2.4.0 before version 2.4.0p25 allows low-privileged users to perform unauthorized actions or obtain sensitive information...

8.8CVSS5.8AI score0.00236EPSS
Exploits0References3
UbuntuCve
UbuntuCve
added 2026/04/01 11:15 a.m.5 views

CVE-2026-24096

Insufficient permission validation on multiple REST API Quick Setup endpoints in Checkmk 2.5.0 beta before version 2.5.0b2 and 2.4.0 before version 2.4.0p25 allows low-privileged users to perform unauthorized actions or obtain sensitive information...

8.8CVSS5.9AI score0.00236EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/04/01 10:7 a.m.2 views

CVE-2026-24096 Insufficient permission validation on multiple REST API Quick Setup endpoints

Insufficient permission validation on multiple REST API Quick Setup endpoints in Checkmk 2.5.0 beta before version 2.5.0b2 and 2.4.0 before version 2.4.0p25 allows low-privileged users to perform unauthorized actions or obtain sensitive information...

5.3CVSS5.9AI score0.00236EPSS
Exploits0References1
CVE
CVE
added 2026/04/01 10:7 a.m.14 views

CVE-2026-24096

CVE-2026-24096 affects Checkmk and stems from insufficient permission validation on multiple REST API Quick Setup endpoints. The vulnerability allows low-privileged users to perform unauthorized actions or obtain sensitive information in Checkmk 2.5.0 (beta) before 2.5.0b2 and 2.4.0 before 2.4.0p...

8.8CVSS5.9AI score0.00236EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder