9 matches found
CVE-2026-42333
CVE-2026-42333 affects Quarkus OpenAPI Generator. The issue: the generated authentication filter can match OpenAPI path templates too broadly, causing a security scheme for one operation to be applied to a different, similarly-named operation. This can cause bearer tokens, API keys, or basic cred...
CVE-2026-32947
Harden-Runner (CI/CD security agent for GitHub Actions runners) versions 2.15.1 and earlier are affected by a DNS over HTTPS (DoH) vulnerability that enables data exfiltration through permitted HTTPS endpoints by encoding data (e.g., hostname) in DoH subdomains. The attack requires the attacker t...
CVE-2026-28045
CVE-2026-28045 refers to a Local File Inclusion in the WordPress theme “N7 | Golf Club Sports & Events” by ThemeREX. The issue is described as an “Improper Control of Filename for Include/Require Statement in PHP Program,” affecting the theme up to version
WordPress N7 | Golf Club Sports & Events theme <= 2.16.0 - Local File Inclusion vulnerability
Local File Inclusion vulnerability discovered by Tran Nguyen Bao Khanh VCI - VNPT Cyber Immunity in WordPress Theme N7 | Golf Club Sports & Events versions = 2.16.0...
PT-2025-44793
Name of the Vulnerable Software and Affected Versions NextChat versions through 2.16.0 Description A directory traversal issue exists in NextChat due to the WebDAV proxy not properly handling dot path segments within its catch-all route. This allows attackers to potentially access sensitive...
Vulnerability-Lookup 跨站脚本漏洞
Vulnerability-Lookup is an open source Vulnerability-Lookup platform for managing disclosure of vulnerabilities. A cross-site scripting vulnerability exists in Vulnerability-Lookup version 2.16.0 that stems from insufficient cleanup of user input and could lead to a cross-site scripting attack...
CVE-2024-50541
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in overclokk Advanced Control Manager for WordPress by ItalyStrap advanced-control-manager allows Stored XSS.This issue affects Advanced Control Manager for WordPress by ItalyStrap: from n/a through =...
WordPress plugin Finale Lite 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security...
The vulnerability of the Red Hat Enterprise Linux operating system allows malicious actors to compromise the confidentiality, integrity, and accessibility of protected information.
The vulnerability of the gdm-debuginfo-2.16.0 package of the Red Hat Enterprise Linux operating system can lead to violations of confidentiality, integrity, and accessibility of protected information. Exploitation of this vulnerability can be carried out locally...