Lucene search
K

18 matches found

CNNVD
CNNVD
added 2026/04/18 12:0 a.m.9 views

iTerm2 安全漏洞

iTerm2 is a terminal emulator developed by George Nachman for Mac OS X. Versions of iTerm2 prior to 3.6.9 contained security vulnerabilities. These vulnerabilities stemmed from the possibility of executing code through DCS 2000p and OSC 135 data when displaying .txt files. This was because iTerm2...

7.8CVSS5.9AI score0.00199EPSS
Exploits1References6
RedhatCVE
RedhatCVE
added 2026/04/07 11:1 p.m.6 views

CVE-2026-35474

WeGIA is a Web manager for charitable institutions. Prior to 3.6.9, open redirect has been found in WeGIA webapp. The redirect parameter is taken directly from $GET with no URL validation or whitelist check, then used verbatim in a header"Location: ..." call. This vulnerability is fixed in 3.6.9...

6.1CVSS5.8AI score0.00183EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2026/04/07 11:1 p.m.5 views

CVE-2026-35475

WeGIA is a Web manager for charitable institutions. Prior to 3.6.9, the redirect parameter is taken directly from $GET with no URL validation or whitelist check, then used verbatim in a header"Location: ..." call. This vulnerability is fixed in 3.6.9...

6.1CVSS5.9AI score0.00186EPSS
Exploits1References1
CVE
CVE
added 2026/04/06 9:17 p.m.9 views

CVE-2026-35475

WeGIA (Web manager for charitable institutions) suffers an open redirect vulnerability prior to version 3.6.9. The redirect parameter is read directly from $_GET with no URL validation or whitelist, and is then used verbatim in a Location header, enabling potential redirection abuse. This is miti...

6.1CVSS5.9AI score0.00186EPSS
Exploits1References1Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/04/06 9:13 p.m.3 views

CVE-2026-35474

WeGIA is a Web manager for charitable institutions. Prior to 3.6.9, open redirect has been found in WeGIA webapp. The redirect parameter is taken directly from $GET with no URL validation or whitelist check, then used verbatim in a header"Location: ..." call. This vulnerability is fixed in 3.6.9...

5.1CVSS5.8AI score0.00183EPSS
Exploits1References2Affected Software1
CVE
CVE
added 2026/04/06 9:5 p.m.15 views

CVE-2026-35472

WeGIA (Web manager for charitable institutions) has an Open Redirect in the /WeGIA/controle/control.php endpoint, exploitable via the nextPage parameter when used with metodo=listarTodos and nomeClasse=EstoqueControle. The application does not validate/restrict nextPage, enabling redirects to arb...

6.1CVSS6AI score0.00224EPSS
Exploits1References1Affected Software1
CNNVD
CNNVD
added 2026/04/06 12:0 a.m.9 views

WeGIA 输入验证错误漏洞

WeGIA is a network manager for the welfare organization developed by Nilson Lazarin. Versions of WeGIA prior to 3.6.9 contained a vulnerability related to input validation errors. This vulnerability stemmed from the lack of validation on the /WeGIA/controle/control.php endpoint, which did not...

6.1CVSS5.8AI score0.00224EPSS
Exploits1References2
CNNVD
CNNVD
added 2026/04/06 12:0 a.m.9 views

WeGIA 输入验证错误漏洞

WeGIA is a network manager for a welfare organization developed by Nilson Lazarin. Versions of WeGIA prior to 3.6.9 contained a vulnerability related to input validation errors. This vulnerability stemmed from the lack of validation or restrictions on the nextPage parameter, which could lead to...

6.1CVSS5.8AI score0.00224EPSS
Exploits1References2
Positive Technologies
Positive Technologies
added 2026/04/06 12:0 a.m.5 views

PT-2026-30734

WeGIA is a Web manager for charitable institutions. Prior to 3.6.9, an Open Redirect vulnerability was identified in the /WeGIA/controle/control.php endpoint of the WeGIA application, specifically through the nextPage parameter when combined with metodo=listarId and nomeClasse=IsaidaControle. The...

5.1CVSS6AI score0.00224EPSS
Exploits1References2
CVE
CVE
added 2026/01/19 11:21 p.m.21 views

CVE-2025-15466

CVE-2025-15466 refers to the WordPress plugin Image Photo Gallery Final Tiles Grid (Lite) with a vulnerability caused by missing capability checks on multiple AJAX actions, affecting all versions up to and including 3.6.9. The issue enables authenticated attackers with Contributor-level access or...

5.4CVSS5.5AI score0.00188EPSS
Exploits0References2
CNNVD
CNNVD
added 2025/12/18 12:0 a.m.3 views

OFFIS DCMTK 代码问题漏洞

OFFIS DCMTK is a collection of libraries and applications that implement most of the DICOM standards from OFFIS Germany. Software for inspecting, building and converting DICOM image files, processing offline media, sending and receiving images over a network connection, and demonstrating image...

4.8CVSS4.3AI score0.00113EPSS
Exploits0References7
OSV
OSV
added 2025/12/13 4:16 p.m.2 views

DEBIAN-CVE-2025-14607

A vulnerability was detected in OFFIS DCMTK up to 3.6.9. Affected by this issue is the function DcmByteString::makeDicomByteString of the file dcmdata/libsrc/dcbytstr.cc of the component dcmdata. The manipulation results in memory corruption. The attack can be launched remotely. Upgrading to...

5.3CVSS6AI score0.00233EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/02/18 12:0 a.m.3 views

DCMTK 安全漏洞

DCMTK is a collection of libraries and applications that implement most of the DICOM standards from the DCMTK open source. Software for inspecting, building and converting DICOM image files, processing offline media, sending and receiving images over a network connection, and demonstrating image...

6.5CVSS6.8AI score0.00312EPSS
Exploits0References2
CNNVD
CNNVD
added 2025/02/18 12:0 a.m.5 views

DCMTK 安全漏洞

DCMTK is a collection of libraries and applications that implement most of the DICOM standards from the DCMTK open source. Software for inspecting, building and converting DICOM image files, processing offline media, sending and receiving images over a network connection, and demonstrating image...

7.5CVSS6.3AI score0.00527EPSS
Exploits0References3
AstraLinux
AstraLinux
added 2024/11/23 3:4 a.m.6 views

Astra Linux – Vulnerability in dcmtk

In DCMTK, versions prior to 3.6.9 have a segmentation fault due to an invalid DIMSE message...

5.3CVSS6.6AI score0.00748EPSS
Exploits1References3
OSV
OSV
added 2024/06/04 5:57 a.m.1 views

BELL-CVE-2024-36935

Bulletin has no description...

7.1CVSS7.2AI score0.00213EPSS
Exploits0References1
CNNVD
CNNVD
added 2024/03/13 12:0 a.m.3 views

WordPress Plugin SMS Alert Order Notifications Security Vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress is a blogging platform developed in the PHP language that supports personal blogs on PHP and MySQL servers.WordPress plugin is an application...

4.3CVSS6.6AI score0.00239EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2020/03/10 12:0 a.m.6 views

PT-2022-8587

Name of the Vulnerable Software and Affected Versions Moodle versions prior to 3.8.2 Moodle versions prior to 3.7.5 Moodle versions prior to 3.6.9 Moodle versions prior to 3.5.11 Description The issue allows users to view the grade history report without proper restrictions. Specifically, users...

4.3CVSS5.8AI score0.0054EPSS
Exploits0References8
Rows per page
Query Builder