19 matches found
WordPress Court Reservation – Manage Your Court Bookings Online plugin <= 1.10.11 - Unauthenticated SQL Injection vulnerability
Unauthenticated SQL Injection vulnerability discovered by MD. TAREQ AHAMED JONY itztrq - Knight Squad in WordPress Plugin Court Reservation versions = 1.10.11...
CVE-2026-7474
HashiCorp Nomad and Nomad Enterprise prior to 2.0.1 are vulnerable to code execution on the client host through a path traversal attack. This vulnerability CVE-2026-7474 is fixed in Nomad 2.0.1, 1.11.5 and 1.10.11...
CVE-2026-7474
CVE-2026-7474 affects HashiCorp Nomad and Nomad Enterprise prior to 2.0.1 through a path traversal vulnerability on the client host that can lead to code execution. The issue is fixed in Nomad 2.0.1, 1.11.5, and 1.10.11. Affected component is the client-side handling of dynamic host volumes, with...
CVE-2026-39675 WordPress Court Reservation plugin <= 1.10.11 - Broken Access Control vulnerability
Missing Authorization vulnerability in webmuehle Court Reservation court-reservation allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Court Reservation: from n/a through = 1.10.11...
FreeSWITCH < 1.10.11 DoS Vulnerability
FreeSWITCH is prone to a denial of service DoS vulnerability. SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...
ALPINE-CVE-2023-51443
FreeSWITCH is a Software Defined Telecom Stack enabling the digital transformation from proprietary telecom switches to a software implementation that runs on any commodity hardware. Prior to version 1.10.11, when handling DTLS-SRTP for media setup, FreeSWITCH is susceptible to Denial of Service...
CVE-2023-24999 Vault Fails to Verify if the AppRole SecretID Belongs to Role During a Destroy Operation
HashiCorp Vault and Vault Enterprise’s approle auth method allowed any authenticated user with access to an approle destroy endpoint to destroy the secret ID of any other role by providing the secret ID accessor. This vulnerability is fixed in Vault 1.13.0, 1.12.4, 1.11.8, 1.10.11 and above...
Cilium 安全漏洞
Cilium is an open source software. It is used to provide and transparently secure network connectivity and load balancing between application workloads, such as application containers or processes. A security vulnerability exists in Cilium versions prior to 1.9.16, 1.10.11, and 1.11.15, which ste...
Cilium安全漏洞
Cilium is an open source software. It is used to provide and transparently secure network connectivity and load balancing between application workloads such as application containers or processes. A security vulnerability exists in Cilium versions prior to 1.9.16, 1.10.11, and 1.11.15. An attacke...
CVE-2021-36373
When reading a specially crafted TAR archive an Apache Ant build can be made to allocate large amounts of memory that finally leads to an out of memory error, even for small inputs. This can be used to disrupt builds using Apache Ant. Apache Ant prior to 1.9.16 and 1.10.11 were affected...
CVE-2021-29439
The Grav admin plugin prior to version 1.10.11 does not correctly verify caller's privileges. As a consequence, users with the permission admin.login can install third-party plugins and their dependencies. By installing the right plugin, an attacker can obtain an arbitrary code execution primitiv...
Design/Logic Flaw
The Grav admin plugin prior to version 1.10.11 does not correctly verify caller's privileges. As a consequence, users with the permission admin.login can install third-party plugins and their dependencies. By installing the right plugin, an attacker can obtain an arbitrary code execution primitiv...
CVE-2021-29439 Plugins can be installed with minimal admin privileges
The Grav admin plugin prior to version 1.10.11 does not correctly verify caller's privileges. As a consequence, users with the permission admin.login can install third-party plugins and their dependencies. By installing the right plugin, an attacker can obtain an arbitrary code execution primitiv...
PT-2021-18215 · Grav · Grav Admin Plugin
Name of the Vulnerable Software and Affected Versions: Grav admin plugin versions prior to 1.10.11 Description: The issue arises from incorrect verification of caller's privileges, allowing users with the admin.login permission to install third-party plugins and their dependencies. This can lead ...
PYSEC-2020-18
The previous default setting for Airflow's Experimental API was to allow all API requests without authentication, but this poses security risks to users who miss this fact. From Airflow 1.10.11 the default has been changed to deny all requests by default and is documented at...
PYSEC-2020-18
The previous default setting for Airflow's Experimental API was to allow all API requests without authentication, but this poses security risks to users who miss this fact. From Airflow 1.10.11 the default has been changed to deny all requests by default and is documented at...
Vectura Perfect Privacy VPN Manager Denial of Service Vulnerability
Vectura Perfect Privacy VPN Manager is a suite of anonymous VPN software. A security vulnerability exists in Vectura Perfect Privacy VPN Manager versions 1.10.10 and 1.10.11. A local attacker can exploit this vulnerability to cause a denial of service FrmAdvancedProtection component crash and...
wireshark: NCP dissector crashes (wnpa-sec-2014-22)
Stack-based buffer overflow in the buildexpertdata function in epan/dissectors/packet-ncp2222.inc in the NCP dissector in Wireshark 1.10.x before 1.10.11 and 1.12.x before 1.12.2 allows remote attackers to cause a denial of service application crash via a crafted packet...
SuSE 11.3 Security Update : wireshark (SAT Patch Number 9968)
wireshark has been updated to version 1.10.11 to fix five security issues. These security issues have been fixed : - SigComp UDVM buffer overflow. CVE-2014-8710 - AMQP dissector crash. CVE-2014-8711 - NCP dissector crashes. CVE-2014-8712 / CVE-2014-8713 - TN5250 infinite loops CVE-2014-8714. This...