4805 matches found
Employee Records System 1.0 - Unauthenticated File Upload RCE
Employee Records System version 1.0 contains an unrestricted file upload vulnerability in uploadID.php that allows remote unauthenticated attackers to upload arbitrary PHP files and achieve remote code execution. id: CVE-2021-4462 info: name: Employee Records System 1.0 - Unauthenticated File...
Malicious code in ipa-user-collector (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 f6740d6a9e24bf6219b8f1c07ef005df676552e1b9656d5e0b1c7b6cfc6f3086 During installation the obfuscated code downloads a malicious executable from a remote location. Code is designed to survive different blocks: first, there is ...
CVE-2026-58580
LobeChat through 2.2.9 server-database deployments are vulnerable to broken object-level authorization in MessageModel. The updateMessagePlugin, updatePluginState, updatePluginError, updateTTS and updateTranslate methods filter target rows by message id alone, omitting the userId scope that sibli...
netty-codec-haproxy: Netty HAProxy PROXY protocol v2 codec: Denial of Service via memory leak from crafted PROXY protocol headers
A flaw was found in the Netty HAProxy PROXY protocol v2 codec. A remote attacker can exploit this vulnerability by sending a specially crafted HAProxy PROXY protocol v2 header with nested PP2TYPESSL type-length-value TLV records. This can lead to a memory leak, causing the underlying cumulation...
Apache ZooKeeper: Apache ZooKeeper: Impersonation of servers or clients via reverse DNS spoofing
A flaw was found in Apache ZooKeeper. The ZKTrustManager component's hostname verification process can fall back to reverse DNS PTR lookup when IP Subject Alternative Name SAN validation fails. This vulnerability allows an attacker who can control or spoof PTR records to impersonate ZooKeeper...
io.netty/netty-resolver-dns: Netty has Insufficient Bailiwick Validation for NS Records
A flaw was found in Netty's DnsResolveContext. An attacker controlling an authoritative name server for a subdomain can exploit this vulnerability by providing crafted NS records that are insufficiently validated. This allows the attacker to poison the DNS cache for parent domains, bypassing...
CVE-2026-14440 Cloudflare Universal SSL automatically managed CAA RRset supersedes customer-configured CAA records
Description: To issue and renew TLS certificates on behalf of customers, Cloudflare's Universal SSL feature automatically manages the CAA RRset for the customer's zone. This auto-managed RRset is permissive by design e.g. 'issue "letsencrypt.org"' without parameters. On Universal SSL zones,...
CVE-2026-14440
Summary: CVE-2026-14440 concerns Cloudflare’s Universal SSL: automatic, permissive CAA RRset management on Universal SSL zones supersedes customer CAA records. When customers push stricter CAA via RFC 8657 accounturi or validationmethods, CAs do not observe those parameters during RFC 8659 evalua...
CVE-2026-12904
The Kadence Blocks – Gutenberg Blocks for Page Builder Features plugin for WordPress is vulnerable to Insecure Direct Object Reference in versions up to and including 3.7.7. This is due to a mismatch between the object used for authorization and the object actually accessed in the...
CVE-2026-12904 Kadence Blocks <= 3.7.7 - Insecure Direct Object Reference to Authenticated (Contributor+) Arbitrary Optimizer Data Deletion/Read/Modification via 'post_path' Parameter
The Kadence Blocks – Gutenberg Blocks for Page Builder Features plugin for WordPress is vulnerable to Insecure Direct Object Reference in versions up to and including 3.7.7. This is due to a mismatch between the object used for authorization and the object actually accessed in the...
EUVD-2026-40890
The Kadence Blocks – Gutenberg Blocks for Page Builder Features plugin for WordPress is vulnerable to Insecure Direct Object Reference in versions up to and including 3.7.7. This is due to a mismatch between the object used for authorization and the object actually accessed in the...
EUVD-2026-40417
An unauthenticated attacker can read worklist records from a directory outside the intended per-AE worklist storage area. In a multi-area deployment, this can cross departmental or clinic data separation...
CVE-2026-52868
An unauthenticated attacker can read worklist records from a directory outside the intended per-AE worklist storage area. In a multi-area deployment, this can cross departmental or clinic data separation...
CVE-2026-52868
The CVE-2026-52868 issue is a path traversal vulnerability in the OFFIS DCMTK Toolkit where an unauthenticated attacker can read worklist records stored outside the intended per-AE area, potentially crossing department/clinic data boundaries in multi-area deployments. Connected sources confirm th...
CVE-2026-52868 OFFIS DCMTK Toolkit Path Traversal
An unauthenticated attacker can read worklist records from a directory outside the intended per-AE worklist storage area. In a multi-area deployment, this can cross departmental or clinic data separation...
PT-2026-53994
Name of the Vulnerable Software and Affected Versions The product name cannot be determined affected versions not specified Description An unauthenticated attacker can perform a directory traversal to read worklist records from a directory outside the intended per-AE worklist storage area. In...
CVE-2026-57949
ruoyi-vue-pro through 2026.05, fixed in commit c779a47, contains a missing authorization vulnerability in the CRM module's GET /admin-api/crm/follow-up-record/get endpoint that allows authenticated users to read any follow-up record by iterating sequential numeric IDs. Attackers can exploit this ...
CVE-2026-57949 ruoyi-vue-pro - Missing Authorization in CRM Follow-up Record GET Endpoint
ruoyi-vue-pro through 2026.05, fixed in commit c779a47, contains a missing authorization vulnerability in the CRM module's GET /admin-api/crm/follow-up-record/get endpoint that allows authenticated users to read any follow-up record by iterating sequential numeric IDs. Attackers can exploit this ...
CVE-2026-56781 Teable - Unauthenticated Hidden Field Disclosure via Projection Parameter Override
Teable before 2026-06-15T04-43-24Z.1912 contains an improper access control vulnerability that allows anonymous attackers to access hidden field data by supplying arbitrary field IDs in the projection parameter of the share view records endpoint. Attackers can enumerate hidden field IDs from shar...
EUVD-2026-40157
Teable before 2026-06-15T04-43-24Z.1912 contains an improper access control vulnerability that allows anonymous attackers to access hidden field data by supplying arbitrary field IDs in the projection parameter of the share view records endpoint. Attackers can enumerate hidden field IDs from shar...