Lucene search
+L

11 matches found

attackerkb
attackerkb
added 16 hours ago4 views

CVE-2026-12434

The List category posts plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 0.95.0 via the sanitizestatus. This makes it possible for authenticated attackers, with contributor-level access and above, to extract titles, full content, excerpts,...

4.3CVSS6.1AI score
Exploits0References7
euvd
euvd
added 16 hours ago4 views

EUVD-2026-44856

The List category posts plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 0.95.0 via the sanitizestatus. This makes it possible for authenticated attackers, with contributor-level access and above, to extract titles, full content, excerpts,...

4.3CVSS6.1AI score
Exploits0References6
vulnersosv
vulnersosv
added 2026/03/20 4:38 a.m.8 views

kaithem (=0.95.0) potentially affected by CVE-2026-32889 via tinytag (=2.2.0)

tinytag PYPI version =2.2.0 is affected by a known vulnerability. The following packages have a transitive dependency on tinytag and may be impacted: - kaithem =0.95.0 Source cves: CVE-2026-32889 Source advisory: SNYK:PYTHON-TINYTAG-15763573...

6.5CVSS5.8AI score0.0041EPSS
Exploits1
osv
osv
added 2024/07/17 12:31 p.m.43 views

GHSA-6523-JF4R-C962 Apache StreamPipes has potential remote code execution (RCE) via file upload

Unrestricted Upload of File with dangerous type vulnerability in Apache StreamPipes. Such a dangerous type might be an executable file that may lead to a remote code execution RCE. The unrestricted upload is only possible for authenticated and authorized users. This issue affects Apache...

8.8CVSS9AI score0.01106EPSS
Exploits0References6
nvd
nvd
added 2024/07/17 10:15 a.m.35 views

CVE-2024-31411

Unrestricted Upload of File with dangerous type vulnerability in Apache StreamPipes. Such a dangerous type might be an executable file that may lead to a remote code execution RCE. The unrestricted upload is only possible for authenticated and authorized users. This issue affects Apache...

8.8CVSS0.01106EPSS
Exploits0References2
vulnrichment
vulnrichment
added 2024/07/17 9:22 a.m.23 views

CVE-2024-31411 Apache StreamPipes: Potential remote code execution (RCE) via file upload

Unrestricted Upload of File with dangerous type vulnerability in Apache StreamPipes. Such a dangerous type might be an executable file that may lead to a remote code execution RCE. The unrestricted upload is only possible for authenticated and authorized users. This issue affects Apache...

8AI score0.01106EPSS
Exploits0References1
cvelist
cvelist
added 2024/07/17 9:22 a.m.26 views

CVE-2024-31411 Apache StreamPipes: Potential remote code execution (RCE) via file upload

Unrestricted Upload of File with dangerous type vulnerability in Apache StreamPipes. Such a dangerous type might be an executable file that may lead to a remote code execution RCE. The unrestricted upload is only possible for authenticated and authorized users. This issue affects Apache...

0.01106EPSS
Exploits0References1
pypa
pypa
added 2024/07/17 9:15 a.m.9 views

PYSEC-2024-174

Server-Side Request Forgery SSRF vulnerability in Apache StreamPipes during installation process of pipeline elements.Previously, StreamPipes allowed users to configure custom endpoints from which to install additional pipeline elements. These endpoints were not properly validated, allowing an...

7.5CVSS7.1AI score0.00738EPSS
Exploits0References4Affected Software1
pypa
pypa
added 2024/07/17 9:15 a.m.8 views

PYSEC-2024-172

Time-of-check Time-of-use TOCTOU Race Condition vulnerability in Apache StreamPipes in user self-registration.This allows an attacker to potentially request the creation of multiple accounts with the same email address until the email address is registered, creating many identical users and...

5.3CVSS7AI score0.0066EPSS
Exploits0References4Affected Software1
cvelist
cvelist
added 2024/07/17 9:1 a.m.29 views

CVE-2024-30471 Apache StreamPipes: Potential creation of multiple identical accounts

Time-of-check Time-of-use TOCTOU Race Condition vulnerability in Apache StreamPipes in user self-registration. This allows an attacker to potentially request the creation of multiple accounts with the same email address until the email address is registered, creating many identical users and...

0.0066EPSS
Exploits0References1
susecve
susecve
added 2023/02/15 6:14 a.m.9 views

SUSE CVE-2006-4124

The libXm library in LessTif 0.95.0 and earlier allows local users to gain privileges via the DEBUGFILE environment variable, which is used to create world-writable files when libXm is run from a setuid program...

4.6CVSS7AI score0.00451EPSS
Exploits1References3
Rows per page
Query Builder