Lucene search
K

11 matches found

CVE
CVE
added 2026/06/12 5:12 p.m.16 views

CVE-2026-47225

Type: CVE-2026-47225 affects Typesense search engine. A cache isolation flaw in versions prior to 29.1 and 30.2 affects requests that use both server-side search result caching and Scoped Search API Keys. Under certain request ordering, cached results could be reused across requests with differen...

6CVSS5.3AI score0.00226EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/06/12 12:0 a.m.13 views

PT-2026-48945

Typesense is a fast, typo-tolerant search engine. Prior to versions 29.1 and 30.2, there is a cache isolation issue affecting search requests that use both server-side search result caching and Scoped Search API Keys. Under specific request ordering, cached search results could be reused across...

6CVSS5.2AI score0.00226EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/04/21 5:5 p.m.5 views

CVE-2026-40584

RansomLook is a tool to monitor Ransomware groups and markets and extract their victims. Prior to 1.9.0, the API in the affected application improperly filters private location entries in website/web/api/genericapi.py. Because the code removes elements from a list while iterating over it, entries...

6.9CVSS5.8AI score0.00276EPSS
Exploits0References3Affected Software1
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2022-1150

Malicious code in bioql PyPI...

6.5CVSS6.4AI score0.00805EPSS
Exploits0References5
OSV
OSV
added 2022/02/11 4:15 p.m.18 views

CVE-2020-13676

The QuickEdit module does not properly check access to fields in some circumstances, which can lead to unintended disclosure of field data. Sites are only affected if the QuickEdit module which comes with the Standard profile is installed...

6.5CVSS6.3AI score
Exploits0References1
UbuntuCve
UbuntuCve
added 2022/02/11 4:15 p.m.26 views

CVE-2020-13676

The QuickEdit module does not properly check access to fields in some circumstances, which can lead to unintended disclosure of field data. Sites are only affected if the QuickEdit module which comes with the Standard profile is installed...

6.5CVSS6.6AI score0.00805EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2022/02/11 12:0 a.m.4 views

PT-2022-8503 · Drupal · Drupal Quickedit Module

Name of the Vulnerable Software and Affected Versions: Drupal QuickEdit module affected versions not specified Description: The QuickEdit module does not properly check access to fields in some circumstances, which can lead to unintended disclosure of field data. Sites are only affected if the...

6.5CVSS6.1AI score0.00805EPSS
Exploits0References12
OpenVAS
OpenVAS
added 2021/09/16 12:0 a.m.18 views

Drupal 8.x < 8.9.19, 9.x < 9.1.13, 9.2.x < 9.2.6 Multiple Vulnerabilities (SA-CORE-2021-006, SA-CORE-2021-007, SA-CORE-2021-008, SA-CORE-2021-009, SA-CORE-2021-010) - Linux

Drupal is prone to multiple vulnerabilities. Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

9.8CVSS7.2AI score0.01236EPSS
Exploits0References5
NVD
NVD
added 2021/06/24 2:15 p.m.8 views

CVE-2021-24000

A race condition with requestPointerLock and setTimeout could have resulted in a user interacting with one tab when they believed they were on a separate tab. In conjunction with certain elements such as input type="file" this could have led to an attack where a user was confused about the origin...

3.1CVSS0.00605EPSS
Exploits0References2
Hacker One
Hacker One
added 2020/01/19 6:32 p.m.38 views

MTN Group: OTP bypass - Unintended disclosure of OTP to client allows attacker to manage users' subscriptions

Summary: https://play.mtn.co.za/ authenticates subscribers via OTP before their subscriptions to be changed. However, the request which sends the OTP also returns the OTP in the network response, allowing an attacker to manage a user's usbscriptions. Steps To Reproduce: 1. Visit...

0.6AI score
Exploits0
NVD
NVD
added 2018/03/14 6:29 p.m.11 views

CVE-2018-7496

An Information Exposure issue was discovered in OSIsoft PI Vision versions 2017 and prior. The server response header and referrer-policy response header each provide unintended information disclosure...

5.3CVSS5.3AI score0.01273EPSS
Exploits0References2
Rows per page
Query Builder