343 matches found
WordPress WP Document Revisions plugin <= 3.8.1 - Broken Access Control vulnerability
Broken Access Control vulnerability discovered by Jakub Herman in WordPress Plugin WP Document Revisions versions = 3.8.1...
CVE-2026-44197
Wagtail is an open source content management system built on Django. Prior to 7.0.7, 7.3.2, and 7.4, a CMS user without the ability to edit a page could access revisions of the page through the revision compare view if they knew the primary key of two revisions. This could potentially result in...
Quality-of-Service Feature Side Channels
Revisions Revision Date| Description ---|--- 2026-05-12| Initial publication...
GHSA-CRMX-4P49-46M2 MantisBT: Bugnote Revision Page Leaks Private Issue Metadata After Issue Access Is Revoked
MantisBT allows a bugnote author to access the note's Revisions page after losing access to the parent private issue. Impact Disclosure of the private Issue's Id and Summary. The bugnote full revision body remains secure. Patches - 71df1f67e05b2050cd4bd87839e6cc13747cf03f Workarounds None Credits...
Information Exposure
Overview mantisbt/mantisbt is a mantis bug tracker. Affected versions of this package are vulnerable to Information Exposure in the Revisions page for bugnotes after access to the parent private issue has been revoked. An attacker can obtain the private issue's ID and summary by accessing the...
CVE-2026-44197
Wagtail is an open source content management system built on Django. Prior to 7.0.7, 7.3.2, and 7.4, a CMS user without the ability to edit a page could access revisions of the page through the revision compare view if they knew the primary key of two revisions. This could potentially result in...
CVE-2026-44197 Wagtail: Improper permission handling when comparing revisions
Wagtail is an open source content management system built on Django. Prior to 7.0.7, 7.3.2, and 7.4, a CMS user without the ability to edit a page could access revisions of the page through the revision compare view if they knew the primary key of two revisions. This could potentially result in...
CVE-2026-44197 Wagtail: Improper permission handling when comparing revisions
Wagtail is an open source content management system built on Django. Prior to 7.0.7, 7.3.2, and 7.4, a CMS user without the ability to edit a page could access revisions of the page through the revision compare view if they knew the primary key of two revisions. This could potentially result in...
PT-2026-39879
Name of the Vulnerable Software and Affected Versions Mantis Bug Tracker MantisBT versions prior to 2.28.2 Description A bugnote author can access the Revisions page of a note even after losing access to the parent private issue. This leads to the disclosure of the private issue's ID and summary,...
EUVD-2026-27709
In the Linux kernel, the following vulnerability has been resolved: perf/arm-cmn: Reject unsupported hardware configurations So far we've been fairly lax about accepting both unknown CMN models at least with a warning, and unknown revisions of those which we do know, as although things do...
CVE-2026-43150
The CVE-2026-43150 issue affects the Linux kernel’s perf/arm-cmn component, where the kernel now rejects unsupported CMN hardware configurations. The root cause is the kernel’s prior assumptions about maximum sizes and counts for CMN models and revisions, which could allow larger or unknown confi...
CVE-2026-43150 perf/arm-cmn: Reject unsupported hardware configurations
In the Linux kernel, the following vulnerability has been resolved: perf/arm-cmn: Reject unsupported hardware configurations So far we've been fairly lax about accepting both unknown CMN models at least with a warning, and unknown revisions of those which we do know, as although things do...
Evolution of Log-Based Detection Rules in Public Repositories
Log-based detection rules remain central to modern security operations, encoding domain expertise that analysts iteratively refine to balance detection coverage against alert volume. Yet while prior work has examined the evolution of network intrusion detection signatures, the longitudinal behavi...
PT-2026-37490
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel fails to properly reject unsupported hardware configurations in the perf/arm-cmn component. By accepting unknown Coherent Mesh Network CMN models and revisions, the syst...
CVE-2025-3756 Denial of Service Vulnerabilities in System 800xA, Symphony® Plus IEC 61850
A vulnerability exists in the command handling of the IEC 61850 communication stack included in the product revisions listed as affected in this CVE. An attacker with access to IEC 61850 networks could exploit the vulnera bility by using a specially crafted 61850 packet, forcing the communication...
[SECURITY] Fedora 43 Update: rauc-1.15.2-1.fc43
RAUC is a lightweight update client that runs on your Embedded Linux device and reliably controls the procedure of updating your device with a new firmwa re revision. RAUC is also the tool on your host system that lets you create, inspect and modify update artifacts for your device. Service is no...
GHSA-MVV8-V4JJ-G47J Directus: Sensitive fields exposed in revision history
Summary Directus stores revision records in directusrevisions whenever items are created or updated. Due to the revision snapshot code not consistently calling the prepareDelta sanitization pipeline, sensitive fields including user tokens, two-factor authentication secrets, external auth...
CVE-2026-33887
Statamic is a Laravel and Git powered content management system CMS. Prior to versions 5.73.16 and 6.7.2, authenticated Control Panel users could view entry revisions for any collection with revisions enabled, regardless of whether they had the required collection permissions. This bypasses the...
SUSE CVE-2026-32692
An authorization bypass vulnerability in the Vault secrets back-end implementation of Juju versions 3.1.6 through 3.6.18 allows an authenticated unit agent to perform unauthorized updates to secret revisions. With sufficient information, an attacker can poison any existing secret revision within...
CVE-2026-33887
Statamic is a Laravel and Git powered content management system CMS. Prior to versions 5.73.16 and 6.7.2, authenticated Control Panel users could view entry revisions for any collection with revisions enabled, regardless of whether they had the required collection permissions. This bypasses the...