Lucene search
K

343 matches found

Patchstack
Patchstack
added 2026/05/15 11:56 p.m.12 views

WordPress WP Document Revisions plugin <= 3.8.1 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Jakub Herman in WordPress Plugin WP Document Revisions versions = 3.8.1...

7.5CVSS5.8AI score0.00232EPSS
Exploits0Affected Software1
RedhatCVE
RedhatCVE
added 2026/05/14 7:58 p.m.11 views

CVE-2026-44197

Wagtail is an open source content management system built on Django. Prior to 7.0.7, 7.3.2, and 7.4, a CMS user without the ability to edit a page could access revisions of the page through the revision compare view if they knew the primary key of two revisions. This could potentially result in...

6.5CVSS5.8AI score0.00204EPSS
Exploits0References1
Amd
Amd
added 2026/05/12 12:0 a.m.16 views

Quality-of-Service Feature Side Channels

Revisions Revision Date| Description ---|--- 2026-05-12| Initial publication...

5.8AI score
Exploits0
OSV
OSV
added 2026/05/11 7:33 p.m.13 views

GHSA-CRMX-4P49-46M2 MantisBT: Bugnote Revision Page Leaks Private Issue Metadata After Issue Access Is Revoked

MantisBT allows a bugnote author to access the note's Revisions page after losing access to the parent private issue. Impact Disclosure of the private Issue's Id and Summary. The bugnote full revision body remains secure. Patches - 71df1f67e05b2050cd4bd87839e6cc13747cf03f Workarounds None Credits...

5.3CVSS5.8AI score0.00372EPSS
Exploits0References5
Snyk
Snyk
added 2026/05/11 7:33 p.m.7 views

Information Exposure

Overview mantisbt/mantisbt is a mantis bug tracker. Affected versions of this package are vulnerable to Information Exposure in the Revisions page for bugnotes after access to the parent private issue has been revoked. An attacker can obtain the private issue's ID and summary by accessing the...

5.3CVSS5.7AI score0.00372EPSS
Exploits0References2
NVD
NVD
added 2026/05/11 4:17 p.m.42 views

CVE-2026-44197

Wagtail is an open source content management system built on Django. Prior to 7.0.7, 7.3.2, and 7.4, a CMS user without the ability to edit a page could access revisions of the page through the revision compare view if they knew the primary key of two revisions. This could potentially result in...

6.5CVSS0.00204EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/05/11 2:39 p.m.56 views

CVE-2026-44197 Wagtail: Improper permission handling when comparing revisions

Wagtail is an open source content management system built on Django. Prior to 7.0.7, 7.3.2, and 7.4, a CMS user without the ability to edit a page could access revisions of the page through the revision compare view if they knew the primary key of two revisions. This could potentially result in...

6.5CVSS0.00204EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/05/11 2:39 p.m.12 views

CVE-2026-44197 Wagtail: Improper permission handling when comparing revisions

Wagtail is an open source content management system built on Django. Prior to 7.0.7, 7.3.2, and 7.4, a CMS user without the ability to edit a page could access revisions of the page through the revision compare view if they knew the primary key of two revisions. This could potentially result in...

6.5CVSS5.8AI score0.00204EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/05/11 12:0 a.m.10 views

PT-2026-39879

Name of the Vulnerable Software and Affected Versions Mantis Bug Tracker MantisBT versions prior to 2.28.2 Description A bugnote author can access the Revisions page of a note even after losing access to the parent private issue. This leads to the disclosure of the private issue's ID and summary,...

5.3CVSS5.8AI score0.00372EPSS
Exploits0References6
EUVD
EUVD
added 2026/05/06 12:30 p.m.7 views

EUVD-2026-27709

In the Linux kernel, the following vulnerability has been resolved: perf/arm-cmn: Reject unsupported hardware configurations So far we've been fairly lax about accepting both unknown CMN models at least with a warning, and unknown revisions of those which we do know, as although things do...

5.7AI score0.00139EPSS
Exploits0References7
CVE
CVE
added 2026/05/06 11:27 a.m.26 views

CVE-2026-43150

The CVE-2026-43150 issue affects the Linux kernel’s perf/arm-cmn component, where the kernel now rejects unsupported CMN hardware configurations. The root cause is the kernel’s prior assumptions about maximum sizes and counts for CMN models and revisions, which could allow larger or unknown confi...

7.8CVSS5.7AI score0.00139EPSS
Exploits0References6Affected Software1
Cvelist
Cvelist
added 2026/05/06 11:27 a.m.31 views

CVE-2026-43150 perf/arm-cmn: Reject unsupported hardware configurations

In the Linux kernel, the following vulnerability has been resolved: perf/arm-cmn: Reject unsupported hardware configurations So far we've been fairly lax about accepting both unknown CMN models at least with a warning, and unknown revisions of those which we do know, as although things do...

7.8CVSS0.00139EPSS
Exploits0References6
Packet Storm News
Packet Storm News
added 2026/05/06 12:0 a.m.14 views

Evolution of Log-Based Detection Rules in Public Repositories

Log-based detection rules remain central to modern security operations, encoding domain expertise that analysts iteratively refine to balance detection coverage against alert volume. Yet while prior work has examined the evolution of network intrusion detection signatures, the longitudinal behavi...

5.8AI score
Exploits0
Positive Technologies
Positive Technologies
added 2026/05/06 12:0 a.m.11 views

PT-2026-37490

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel fails to properly reject unsupported hardware configurations in the perf/arm-cmn component. By accepting unknown Coherent Mesh Network CMN models and revisions, the syst...

7.8CVSS7AI score0.00139EPSS
Exploits0
Cvelist
Cvelist
added 2026/04/13 5:11 p.m.21 views

CVE-2025-3756 Denial of Service Vulnerabilities in System 800xA, Symphony® Plus IEC 61850

A vulnerability exists in the command handling of the IEC 61850 communication stack included in the product revisions listed as affected in this CVE. An attacker with access to IEC 61850 networks could exploit the vulnera bility by using a specially crafted 61850 packet, forcing the communication...

7.1CVSS0.00184EPSS
Exploits0References1
Fedora
Fedora
added 2026/04/08 12:54 a.m.10 views

[SECURITY] Fedora 43 Update: rauc-1.15.2-1.fc43

RAUC is a lightweight update client that runs on your Embedded Linux device and reliably controls the procedure of updating your device with a new firmwa re revision. RAUC is also the tool on your host system that lets you create, inspect and modify update artifacts for your device. Service is no...

7.2CVSS5.9AI score0.00141EPSS
Exploits0
OSV
OSV
added 2026/04/04 6:12 a.m.3 views

GHSA-MVV8-V4JJ-G47J Directus: Sensitive fields exposed in revision history

Summary Directus stores revision records in directusrevisions whenever items are created or updated. Due to the revision snapshot code not consistently calling the prepareDelta sanitization pipeline, sensitive fields including user tokens, two-factor authentication secrets, external auth...

6.5CVSS5.8AI score0.0017EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2026/03/28 11:9 p.m.4 views

CVE-2026-33887

Statamic is a Laravel and Git powered content management system CMS. Prior to versions 5.73.16 and 6.7.2, authenticated Control Panel users could view entry revisions for any collection with revisions enabled, regardless of whether they had the required collection permissions. This bypasses the...

5.4CVSS5.8AI score0.00142EPSS
Exploits0References1
SUSE CVE
SUSE CVE
added 2026/03/28 12:27 a.m.5 views

SUSE CVE-2026-32692

An authorization bypass vulnerability in the Vault secrets back-end implementation of Juju versions 3.1.6 through 3.6.18 allows an authenticated unit agent to perform unauthorized updates to secret revisions. With sufficient information, an attacker can poison any existing secret revision within...

7.6CVSS5.9AI score0.00166EPSS
Exploits0References3
NVD
NVD
added 2026/03/27 9:17 p.m.5 views

CVE-2026-33887

Statamic is a Laravel and Git powered content management system CMS. Prior to versions 5.73.16 and 6.7.2, authenticated Control Panel users could view entry revisions for any collection with revisions enabled, regardless of whether they had the required collection permissions. This bypasses the...

5.4CVSS0.00142EPSS
Exploits0References1
Rows per page
Query Builder