CVE-2026-47351

CVE-2026-47351 (TYPO3 CMS) describes a broken access control in the backend clipboard. Users with backend access could insert arbitrary records and files into the clipboard without proper read-permission checks, enabling them to gather information about records and files they were not authorized ...

CVE-2026-2301

The Post Duplicator plugin for WordPress is vulnerable to unauthorized arbitrary protected post meta insertion in all versions up to, and including, 3.0.8. This is due to the duplicatepost function in includes/api.php using $wpdb-insert directly to the wppostmeta table instead of WordPress's...

CVE-2026-2301 Post Duplicator <= 3.0.8 - Missing Authorization to Authenticated (Contributor+) Protected Post Meta Insertion via 'customMetaData' Parameter

The Post Duplicator plugin for WordPress is vulnerable to unauthorized arbitrary protected post meta insertion in all versions up to, and including, 3.0.8. This is due to the duplicatepost function in includes/api.php using $wpdb-insert directly to the wppostmeta table instead of WordPress's...

EUVD-2021-33399

Malicious code in bioql PyPI...

EUVD-2023-43142

Malicious code in bioql PyPI...

Oracle WebLogic Server Core Component Input Validation Error Vulnerability

Oracle WebLogic Server is a product of Oracle Corporation. Oracle WebLogic Server is an application services middleware for cloud and traditional environments that provides a modern, lightweight development platform that supports the entire lifecycle management of applications from development to...

CVE-2021-46742

The multi-window module has a vulnerability of unauthorized insertion and tampering of Settings.Secure data.Successful exploitation of this vulnerability may affect the availability...

CVE-2021-46742

The multi-window module has a vulnerability of unauthorized insertion and tampering of Settings.Secure data.Successful exploitation of this vulnerability may affect the availability...

Design/Logic Flaw

The multi-window module has a vulnerability of unauthorized insertion and tampering of Settings.Secure data.Successful exploitation of this vulnerability may affect the availability...

CVE-2021-46742

The CVE-2021-46742 entry concerns Huawei HarmonyOS’s multi-window module, where unauthorized insertion and tampering of Settings.Secure data could affect availability. Public details in the documents indicate this affects HarmonyOS components related to the multi-window module, with no explicit e...

CVE-2021-46742

The multi-window module has a vulnerability of unauthorized insertion and tampering of Settings.Secure data.Successful exploitation of this vulnerability may affect the availability...

TYPO3 Multiple Cross-Site Scripting Vulnerabilities (Jan 2016)

TYPO3 is prone to multiple cross-site scripting vulnerabilities. SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:typo3:typo3";...

IBM DB2 9.7 < Fix Pack 9 Multiple Vulnerabilities

According to its version, the installation of IBM DB2 9.7 running on the remote host is prior to Fix Pack 9. It is, therefore, affected by one or more of the following vulnerabilities : - The included software, GSKit, contains several errors related to SSL and TLS that can result in denial of...