Lucene search
K

13 matches found

Patchstack
Patchstack
added 2026/05/27 5:18 p.m.15 views

WordPress Easy Digital Downloads – eCommerce Payments and Subscriptions made easy plugin <= 3.6.7 - Cross-Site Request Forgery to Payment Account Hijacking vulnerability

Cross-Site Request Forgery to Payment Account Hijacking vulnerability discovered by type5afe in WordPress Plugin Easy Digital Downloads versions = 3.6.7...

4.3CVSS5.8AI score0.00135EPSS
Exploits0References1Affected Software1
Snyk
Snyk
added 2026/01/15 11:53 p.m.2 views

Allocation of Resources Without Limits or Throttling

Overview Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling via the ACME TLS certificates' automatic generation. An attacker can exhaust system resources by opening multiple connections, sending minimal ClientHello messages with acme-tls/1, an...

8.2CVSS6.6AI score0.00321EPSS
Exploits0References2
NVD
NVD
added 2026/01/15 11:15 p.m.8 views

CVE-2026-22045

Traefik is an HTTP reverse proxy and load balancer. Prior to 2.11.35 and 3.6.7, there is a potential vulnerability in Traefik ACME TLS certificates' automatic generation: the ACME TLS-ALPN fast path can allow unauthenticated clients to tie up go routines and file descriptors indefinitely when the...

7.5CVSS0.00321EPSS
Exploits0References4
OSV
OSV
added 2026/01/15 10:44 p.m.4 views

CVE-2026-22045 Traefik's ACME TLS-ALPN fast path lacks timeouts and close on handshake stall

Traefik is an HTTP reverse proxy and load balancer. Prior to 2.11.35 and 3.6.7, there is a potential vulnerability in Traefik ACME TLS certificates' automatic generation: the ACME TLS-ALPN fast path can allow unauthenticated clients to tie up go routines and file descriptors indefinitely when the...

5.9CVSS6.7AI score0.00321EPSS
Exploits0References6
CVE
CVE
added 2025/12/19 9:29 a.m.15 views

CVE-2025-14455

CVE-2025-14455 affects Image Photo Gallery Final Tiles Grid for WordPress. Public details in Wordfence report show an authenticated-by-design authorization bypass (Contributor+ and above) for gallery management actions, enabling deletion/modification/cloning of any user galleries. A fix exists in...

5.4CVSS5.5AI score0.00251EPSS
Exploits0References5
Cvelist
Cvelist
added 2025/12/19 9:29 a.m.24 views

CVE-2025-14455 Image Photo Gallery Final Tiles Grid <= 3.6.7 - Missing Authorization to Authenticated (Contributor+) Gallery Management

The Image Photo Gallery Final Tiles Grid plugin for WordPress is vulnerable to authorization bypass in all versions up to, and including, 3.6.7. This is due to the plugin not properly verifying that a user is authorized to perform actions on gallery management functions. This makes it possible fo...

5.4CVSS0.00251EPSS
Exploits0References5
CNNVD
CNNVD
added 2025/12/19 12:0 a.m.8 views

WordPress plugin Image Photo Gallery Final Tiles Grid 安全漏洞

...

5.4CVSS5.8AI score0.00251EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2024/01/19 12:0 a.m.4 views

PT-2024-19412 · Unknown · Jupyter Server +1

Name of the Vulnerable Software and Affected Versions: JupyterLab versions prior to 4.1.0b2 JupyterLab versions prior to 4.0.11 JupyterLab versions prior to 3.6.7 jupyter-server versions prior to 2.7.2 Description: JupyterLab is an extensible environment for interactive and reproducible computing...

7.6CVSS7.7AI score0.00665EPSS
Exploits0References18
OSV
OSV
added 2023/02/17 8:15 p.m.2 views

DEBIAN-CVE-2023-24809

NetHack is a single player dungeon exploration game. Starting with version 3.6.2 and prior to version 3.6.7, illegal input to the "C" call command can cause a buffer overflow and crash the NetHack process. This vulnerability may be a security issue for systems that have NetHack installed suid/sgi...

5.5CVSS7.2AI score0.00235EPSS
Exploits0References1
Circl
Circl
added 2022/08/30 7:34 a.m.4 views

CVE-2022-36713

creationtimestamp| type| source ---|---|--- 2022-08-30 07:34:57+00:00| seen| https://t.me/cibsecurity/49025...

9.8CVSS8.7AI score0.00789EPSS
Exploits1References1
Circl
Circl
added 2022/05/17 10:27 p.m.5 views

CVE-2022-23671

creationtimestamp| type| source ---|---|--- 2022-05-17 22:27:42+00:00| seen| https://t.me/cibsecurity/42848...

7.5CVSS7.3AI score0.01198EPSS
Exploits0References1
OSV
OSV
added 2017/07/06 8:29 p.m.4 views

UBUNTU-CVE-2017-0691

A denial of service vulnerability in the Android media framework. Product: Android. Versions: 7.0, 7.1.1, 7.1.2. Android ID: A-36724453...

5.5CVSS6.4AI score0.01019EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2010/07/24 12:12 a.m.4 views

Mozilla arbitrary free flaw

layout/generic/nsObjectFrame.cpp in Mozilla Firefox 3.6.7 does not properly free memory in the parameter array of a plugin instance, which allows remote attackers to cause a denial of service memory corruption or possibly execute arbitrary code via a crafted HTML document, related to the DATA and...

10CVSS7.8AI score0.0413EPSS
Exploits1References4
Rows per page
Query Builder