Lucene search
K

9 matches found

CVE
CVE
added 2026/05/09 7:16 p.m.24 views

CVE-2026-42333

CVE-2026-42333 affects Quarkus OpenAPI Generator. The issue: the generated authentication filter can match OpenAPI path templates too broadly, causing a security scheme for one operation to be applied to a different, similarly-named operation. This can cause bearer tokens, API keys, or basic cred...

6.3CVSS5.7AI score0.004EPSS
Exploits0References5
CVE
CVE
added 2026/03/20 4:3 a.m.17 views

CVE-2026-32947

Harden-Runner (CI/CD security agent for GitHub Actions runners) versions 2.15.1 and earlier are affected by a DNS over HTTPS (DoH) vulnerability that enables data exfiltration through permitted HTTPS endpoints by encoding data (e.g., hostname) in DoH subdomains. The attack requires the attacker t...

4.9CVSS6.2AI score0.00305EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2026/03/05 5:54 a.m.10 views

CVE-2026-28045

CVE-2026-28045 refers to a Local File Inclusion in the WordPress theme “N7 | Golf Club Sports & Events” by ThemeREX. The issue is described as an “Improper Control of Filename for Include/Require Statement in PHP Program,” affecting the theme up to version

8.1CVSS5.9AI score0.00403EPSS
Exploits0References1
Patchstack
Patchstack
added 2026/03/02 11:27 a.m.4 views

WordPress N7 | Golf Club Sports & Events theme <= 2.16.0 - Local File Inclusion vulnerability

Local File Inclusion vulnerability discovered by Tran Nguyen Bao Khanh VCI - VNPT Cyber Immunity in WordPress Theme N7 | Golf Club Sports & Events versions = 2.16.0...

8.1CVSS5.9AI score0.00403EPSS
Exploits0Affected Software1
Positive Technologies
Positive Technologies
added 2025/11/03 12:0 a.m.6 views

PT-2025-44793

Name of the Vulnerable Software and Affected Versions NextChat versions through 2.16.0 Description A directory traversal issue exists in NextChat due to the WebDAV proxy not properly handling dot path segments within its catch-all route. This allows attackers to potentially access sensitive...

7.5CVSS6.3AI score0.00835EPSS
Exploits1References5
CNNVD
CNNVD
added 2025/09/25 12:0 a.m.4 views

Vulnerability-Lookup 跨站脚本漏洞

Vulnerability-Lookup is an open source Vulnerability-Lookup platform for managing disclosure of vulnerabilities. A cross-site scripting vulnerability exists in Vulnerability-Lookup version 2.16.0 that stems from insufficient cleanup of user input and could lead to a cross-site scripting attack...

6.4CVSS5.7AI score0.00185EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2025/05/23 8:34 a.m.4 views

CVE-2024-50541

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in overclokk Advanced Control Manager for WordPress by ItalyStrap advanced-control-manager allows Stored XSS.This issue affects Advanced Control Manager for WordPress by ItalyStrap: from n/a through =...

6.5CVSS5.9AI score0.00348EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/01/02 12:0 a.m.7 views

WordPress plugin Finale Lite 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security...

6.5CVSS8.8AI score0.00391EPSS
Exploits0References1
BDU FSTEC
BDU FSTEC
added 2015/04/28 12:0 a.m.11 views

The vulnerability of the Red Hat Enterprise Linux operating system allows malicious actors to compromise the confidentiality, integrity, and accessibility of protected information.

The vulnerability of the gdm-debuginfo-2.16.0 package of the Red Hat Enterprise Linux operating system can lead to violations of confidentiality, integrity, and accessibility of protected information. Exploitation of this vulnerability can be carried out locally...

6.9CVSS5.4AI score0.00371EPSS
Exploits0References2
Rows per page
Query Builder