13 matches found
WordPress Easy Digital Downloads – eCommerce Payments and Subscriptions made easy plugin <= 3.6.7 - Cross-Site Request Forgery to Payment Account Hijacking vulnerability
Cross-Site Request Forgery to Payment Account Hijacking vulnerability discovered by type5afe in WordPress Plugin Easy Digital Downloads versions = 3.6.7...
Allocation of Resources Without Limits or Throttling
Overview Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling via the ACME TLS certificates' automatic generation. An attacker can exhaust system resources by opening multiple connections, sending minimal ClientHello messages with acme-tls/1, an...
CVE-2026-22045
Traefik is an HTTP reverse proxy and load balancer. Prior to 2.11.35 and 3.6.7, there is a potential vulnerability in Traefik ACME TLS certificates' automatic generation: the ACME TLS-ALPN fast path can allow unauthenticated clients to tie up go routines and file descriptors indefinitely when the...
CVE-2026-22045 Traefik's ACME TLS-ALPN fast path lacks timeouts and close on handshake stall
Traefik is an HTTP reverse proxy and load balancer. Prior to 2.11.35 and 3.6.7, there is a potential vulnerability in Traefik ACME TLS certificates' automatic generation: the ACME TLS-ALPN fast path can allow unauthenticated clients to tie up go routines and file descriptors indefinitely when the...
CVE-2025-14455
CVE-2025-14455 affects Image Photo Gallery Final Tiles Grid for WordPress. Public details in Wordfence report show an authenticated-by-design authorization bypass (Contributor+ and above) for gallery management actions, enabling deletion/modification/cloning of any user galleries. A fix exists in...
CVE-2025-14455 Image Photo Gallery Final Tiles Grid <= 3.6.7 - Missing Authorization to Authenticated (Contributor+) Gallery Management
The Image Photo Gallery Final Tiles Grid plugin for WordPress is vulnerable to authorization bypass in all versions up to, and including, 3.6.7. This is due to the plugin not properly verifying that a user is authorized to perform actions on gallery management functions. This makes it possible fo...
WordPress plugin Image Photo Gallery Final Tiles Grid 安全漏洞
...
PT-2024-19412 · Unknown · Jupyter Server +1
Name of the Vulnerable Software and Affected Versions: JupyterLab versions prior to 4.1.0b2 JupyterLab versions prior to 4.0.11 JupyterLab versions prior to 3.6.7 jupyter-server versions prior to 2.7.2 Description: JupyterLab is an extensible environment for interactive and reproducible computing...
DEBIAN-CVE-2023-24809
NetHack is a single player dungeon exploration game. Starting with version 3.6.2 and prior to version 3.6.7, illegal input to the "C" call command can cause a buffer overflow and crash the NetHack process. This vulnerability may be a security issue for systems that have NetHack installed suid/sgi...
CVE-2022-36713
creationtimestamp| type| source ---|---|--- 2022-08-30 07:34:57+00:00| seen| https://t.me/cibsecurity/49025...
CVE-2022-23671
creationtimestamp| type| source ---|---|--- 2022-05-17 22:27:42+00:00| seen| https://t.me/cibsecurity/42848...
UBUNTU-CVE-2017-0691
A denial of service vulnerability in the Android media framework. Product: Android. Versions: 7.0, 7.1.1, 7.1.2. Android ID: A-36724453...
Mozilla arbitrary free flaw
layout/generic/nsObjectFrame.cpp in Mozilla Firefox 3.6.7 does not properly free memory in the parameter array of a plugin instance, which allows remote attackers to cause a denial of service memory corruption or possibly execute arbitrary code via a crafted HTML document, related to the DATA and...