21946 matches found
CVE-2024-43820
creationtimestamp| type| source ---|---|--- 2026-04-02 17:00:00+00:00| seen| https://www.cert.ssi.gouv.fr/avis/CERTFR-2026-AVI-0395/...
CVE-2025-40290
creationtimestamp| type| source ---|---|--- 2026-04-02 17:00:00+00:00| seen| https://www.cert.ssi.gouv.fr/avis/CERTFR-2026-AVI-0397/ 2026-04-07 18:00:00+00:00| seen| https://www.hkcert.org/security-bulletin/ubuntu-linux-kernel-multiple-vulnerabilities20260408...
CVE-2026-5333
creationtimestamp| type| source ---|---|--- 2026-04-02 14:04:12+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mijeqgfei427 2026-04-02 15:21:36+00:00| seen| Telegram/c85hrsWNyFYwFes4s7T57trjOQm7U5y5MEbFlOtoT8A7NA 2026-04-08 05:40:09+00:00| seen|...
mariadb: MariaDB Server Crash via Item_direct_view_ref
A flaw was found in MariaDB Server. This vulnerability may allow an attacker to crash the database via Itemdirectviewref::derivedfieldtransformerforwhere...
BELL-CVE-2026-23410
Bulletin has no description...
CVE-2026-4947
Addressed a potential insecure direct object reference IDOR vulnerability in the signing invitation acceptance process. Under certain conditions, this issue could have allowed an attacker to access or modify unauthorized resources by manipulating user-supplied object identifiers, potentially...
RHEL 8 : mariadb:10.11 (RHSA-2026:6435)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:6435 advisory. MariaDB is a multi-user, multi-threaded SQL database server that is binary compatible with MySQL. Security Fixes: mysql: High Privilege Deni...
acetone-nnet (>=0.1.0 <=0.4.0.dev1), acuity (=6.18.0) +370 more potentially affected by unknown CVE via onnx (>=0.2.0 <=1.20.1)
onnx PYPI version =0.2.0, =0.1.0, =0.1.0, =0.0.0, =0.0.157, =0.1.0, =0.1.8, =1.7.0, =1.3.0, =0.10.0, =0.3.1, =1.0.2 and more Source cves: unknown CVE Source advisory: OSV:GHSA-Q56X-G2FJ-4RJ6...
CVE-2026-2287
creationtimestamp| type| source ---|---|--- 2026-04-01 23:26:42+00:00| seen| Telegram/jbWMrWY3kup1vLwq2L3T9QUurzdP-pS58MJjOuG7oT4-o...
CVE-2026-34567
creationtimestamp| type| source ---|---|--- 2026-04-01 22:05:33+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mihp67z6nt2s 2026-04-01 22:06:50+00:00| published-proof-of-concept| https://github.com/advisories/GHSA-r33w-c82v-x5v7 2026-04-01 23:27:52+00:00| seen|...
@01.software/cli (>=0.1.1 <=0.2.0-dev.260310.cf511cb), @01.software/sdk (>=0.0.1-251008.90016 <=0.3.0) +77 more potentially affected by CVE-2026-34749 via payload (>=0.12.3 <=3.79.0)
payload NPM version =0.12.3, =0.1.1, =0.0.1-251008.90016, =0.0.6, =0.0.1, =1.0.1-beta.0, =1.0.1, =1.0.0, =1.0.6, =1.0.0, =0.1.0, =1.0.0, =1.1.29 - @linkshop/ui-components =1.0.1 and more Source cves: CVE-2026-34749 Source advisory: OSV:GHSA-P6MR-XF3R-GHQ4...
CVE-2026-34455
creationtimestamp| type| source ---|---|--- 2026-04-01 20:50:51+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mihkynlnrb2n 2026-04-01 23:26:58+00:00| seen| Telegram/lZIbbZM6hBayBvqPlVKcR-m9kDIyKTvGCXDWINXAPChKhQ...
CVE-2026-3139
The User Profile Builder – Beautiful User Registration Forms, User Profiles & User Role Editor plugin for WordPress is vulnerable to Insecure Direct Object Reference in versions up to, and including, 3.15.5 via the wppbsaveavatarvalue function due to missing validation on a user controlled key...
CVE-2026-4400
Insecure Direct Object Reference IDOR vulnerability in 1millionbot Millie chat that allows private conversations of other users being viewed by simply changing the conversation ID. The vulnerability is present in the endpoint 'api.1millionbot.com/api/public/conversations/' and, if exploited, coul...
UBUNTU-CVE-2026-23410
In the Linux kernel, the following vulnerability has been resolved: apparmor: fix race on rawdata dereference There is a race condition that leads to a use-after-free situation: because the rawdata inodes are not refcounted, an attacker can start opening one of the rawdata files, and at the same...
EUVD-2026-17767
Addressed a potential insecure direct object reference IDOR vulnerability in the signing invitation acceptance process. Under certain conditions, this issue could have allowed an attacker to access or modify unauthorized resources by manipulating user-supplied object identifiers, potentially...
MINI-RQR5-C946-PGPC
Bulletin has no description...
MINI-M56J-WXF2-RCPM
Bulletin has no description...
CVE-2026-4947
Addressed a potential insecure direct object reference IDOR vulnerability in the signing invitation acceptance process. Under certain conditions, this issue could have allowed an attacker to access or modify unauthorized resources by manipulating user-supplied object identifiers, potentially...
CVE-2026-4947
Foxit eSign was affected by an insecure direct object reference (IDOR) in the signing invitation acceptance flow. The root cause was insufficient authorization validation on referenced resources during request processing, potentially allowing an attacker to access or modify unauthorized resources...