Lucene search
K

428 matches found

ATTACKERKB
ATTACKERKB
added 2026/04/30 9:29 a.m.4 views

CVE-2026-6498

The Five Star Restaurant Reservations plugin for WordPress is vulnerable to a payment bypass via PHP type juggling in versions up to, and including, 2.7.16 This is due to the validpayment function using a PHP loose comparison == between the attacker-controlled paymentid POST parameter and the...

5.3CVSS5.4AI score0.00185EPSS
Exploits0References8
CNNVD
CNNVD
added 2026/04/30 12:0 a.m.9 views

WordPress plugin Five Star Restaurant Reservations 数据伪造问题漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...

5.3CVSS5.7AI score0.00185EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/04/30 12:0 a.m.6 views

PT-2026-36086

Name of the Vulnerable Software and Affected Versions Five Star Restaurant Reservations versions prior to 2.7.17 Description A payment bypass exists due to PHP type juggling, which occurs when a loose comparison is used between different data types, potentially leading to unexpected true results...

5.3CVSS5.4AI score0.00185EPSS
Exploits0References10
Tenable Nessus
Tenable Nessus
added 2026/04/23 12:0 a.m.3 views

SUSE SLES15 Security Update : kea (SUSE-SU-2026:1548-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2026:1548-1 advisory. Update to release 2.6.5. Security issues fixed: - CVE-2026-3608: stack overflow error via specially crafted message to the kea-ctrl-agent,...

7.5CVSS5.8AI score0.01361EPSS
Exploits0References4
OSV
OSV
added 2026/04/22 9:40 a.m.4 views

SUSE-SU-2026:1548-1 Security update for kea

This update for kea fixes the following issues: Update to release 2.6.5. Security issues fixed: - CVE-2026-3608: stack overflow error via specially crafted message to the kea-ctrl-agent, kea-dhcp-ddns, kea-dhcp4, or kea-dhcp6 daemonsbsc1260380. Other updates and bugfixes: - A null dereference is...

7.5CVSS5.8AI score0.01361EPSS
Exploits0References3
SUSE Linux
SUSE Linux
added 2026/04/22 9:40 a.m.7 views

Security update for kea

This update for kea fixes the following issues: Update to release 2.6.5. Security issues fixed: CVE-2026-3608: stack overflow error via specially crafted message to the kea-ctrl-agent, kea-dhcp-ddns, kea-dhcp4, or kea-dhcp6 daemonsbsc1260380. Other updates and bugfixes: A null dereference is now ...

8.7CVSS5.8AI score0.01361EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/04/17 12:0 a.m.4 views

SUSE SLED15 / SLES15 Security Update : kea (SUSE-SU-2026:1378-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2026:1378-1 advisory. Update to release 2.6.5: A large number of bracket pairs in a JSON payload directed to any endpoint would result in a...

7.5CVSS5.8AI score0.01361EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2026/04/17 12:0 a.m.14 views

PT-2026-33462

Name of the Vulnerable Software and Affected Versions The product name cannot be determined affected versions not specified Description Improper handling of GPU memory reservation protections allows software installed and run as a non-privileged user to conduct improper GPU system calls. This can...

7.3CVSS5.7AI score0.00099EPSS
Exploits0References5
OSV
OSV
added 2026/04/16 7:19 a.m.3 views

SUSE-SU-2026:1378-1 Security update for kea

This update for kea fixes the following issues: Update to release 2.6.5: A large number of bracket pairs in a JSON payload directed to any endpoint would result in a stack overflow, due to recursive calls when parsing the JSON. This has been fixed. CVE-2026-3608 bsc1260380 A null dereference is n...

7.5CVSS5.7AI score0.01361EPSS
Exploits0References3
SUSE Linux
SUSE Linux
added 2026/04/16 7:19 a.m.8 views

Security update for kea

This update for kea fixes the following issues: Update to release 2.6.5: A large number of bracket pairs in a JSON payload directed to any endpoint would result in a stack overflow, due to recursive calls when parsing the JSON. This has been fixed. CVE-2026-3608 bsc1260380 A null dereference is n...

8.7CVSS7.3AI score0.01361EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/04/15 12:0 a.m.6 views

Atlassian Jira Service Management 5.15.2 < 10.3.18 / 10.4.0 < 11.3.3 (JSDSERVER-16530)

The version of Atlassian Jira Service Management Data Center and Server Jira Service Desk running on the remote host is affected by a vulnerability as referenced in the JSDSERVER-16530 advisory. - node-tar,a Tar for Node.js, has a race condition vulnerability in versions up to and including 7.5.3...

8.8CVSS6.3AI score0.00233EPSS
Exploits1References2
EUVD
EUVD
added 2026/04/13 6:30 p.m.3 views

EUVD-2026-22000

Sourcecodester Online Resort Management System v1.0 is vulnerable to SQL injection in /orms/admin/reservations/viewdetails.php...

2.7CVSS5.9AI score0.00186EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/04/13 12:0 a.m.24 views

CVE-2026-36937

Sourcecodester Online Resort Management System v1.0 is vulnerable to SQL injection in /orms/admin/reservations/viewdetails.php...

0.00186EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/04/13 12:0 a.m.2 views

CVE-2026-36937

Sourcecodester Online Resort Management System v1.0 is vulnerable to SQL injection in /orms/admin/reservations/viewdetails.php...

5.9AI score0.00186EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/04/13 12:0 a.m.1 views

CVE-2026-36937

Sourcecodester Online Resort Management System v1.0 is vulnerable to SQL injection in /orms/admin/reservations/viewdetails.php...

2.7CVSS5.9AI score0.00186EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/04/13 12:0 a.m.7 views

SourceCodester Online Resort Management System 安全漏洞

The SourceCodester Online Resort Management System is an open-source network-based application developed by SourceCodester. It provides online room reservations and can also be used as a simple website for resorts. Version 1.0 of the SourceCodester Online Resort Management System has a security...

2.7CVSS5.8AI score0.00186EPSS
Exploits0References1
IBM Security Bulletins
IBM Security Bulletins
added 2026/03/31 1:40 p.m.7 views

Security Bulletin: Maximo AI Service uses tar-7.4.3.tgz which is vulnerable to CVE-2026-23745 and CVE-2026-23950.

Summary Maximo AI Service uses tar-7.4.3.tgz which is vulnerable to CVE-2026-23745 and CVE-2026-23950. This bulletin contains information regarding the vulnerability and its fixture. Vulnerability Details CVEID:CVE-2026-23950 DESCRIPTION: node-tar,a Tar for Node.js, has a race condition...

8.8CVSS6.4AI score0.00334EPSS
Exploits3Affected Software1
RedhatCVE
RedhatCVE
added 2026/03/26 5:4 p.m.3 views

CVE-2026-25327

Missing Authorization vulnerability in Rustaurius Five Star Restaurant Reservations restaurant-reservations allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Five Star Restaurant Reservations: from n/a through = 2.7.9...

6.5CVSS5.8AI score0.00209EPSS
Exploits0References1
EUVD
EUVD
added 2026/03/25 6:31 p.m.4 views

EUVD-2026-15643

Missing Authorization vulnerability in Rustaurius Five Star Restaurant Reservations restaurant-reservations allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Five Star Restaurant Reservations: from n/a through = 2.7.9...

5.8AI score0.00209EPSS
Exploits0References2
NVD
NVD
added 2026/03/25 5:16 p.m.5 views

CVE-2026-25327

Missing Authorization vulnerability in Rustaurius Five Star Restaurant Reservations restaurant-reservations allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Five Star Restaurant Reservations: from n/a through = 2.7.9...

6.5CVSS0.00209EPSS
Exploits0References1
Rows per page
Query Builder