CVE-2026-10814

A vulnerability has been found in milvus-io milvus up to 2.6.13. This vulnerability affects unknown code of the file internal/metastore/kv/rootcoord/kvcatalog.go of the component Grantee ID Hash Handler. The manipulation leads to use of weak hash. The attack needs to be performed locally. The...

EUVD-2023-52795

Malicious code in bioql PyPI...

EUVD-2023-52794

Malicious code in bioql PyPI...

EUVD-2023-52792

Malicious code in bioql PyPI...

CVE-2024-45199

insightsoftware Hive JDBC through 2.6.13 has a remote code execution vulnerability. Attackers can inject malicious parameters into the JDBC URL, triggering JNDI injection during the process when the JDBC Driver uses this URL to connect to the database. This can further lead to remote code executi...

CVE-2024-10174

The WP Project Manager – Task, team, and project management plugin featuring kanban board and gantt charts plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 2.6.13 via the 'AbstractPermission' class due to missing validation on the 'useri...

CVE-2023-48759

Missing Authorization vulnerability in Crocoblock JetElements For Elementor.This issue affects JetElements For Elementor: from n/a through 2.6.13...

WordPress plugin JetElements For Elementor security vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plug-in. A security...

PT-2024-13645 · Crocoblock · Crocoblock Jetelements For Elementor

Name of the Vulnerable Software and Affected Versions: Crocoblock JetElements For Elementor versions 2.6.13 and earlier Description: The issue is related to a Missing Authorization vulnerability. This means that there is a lack of proper authorization checks, potentially allowing unauthorized...

WordPress plugin JetElements For Elementor security vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plug-in. A security...

PT-2024-13644 · Crocoblock · Crocoblock Jetelements For Elementor

Name of the Vulnerable Software and Affected Versions: Crocoblock JetElements For Elementor versions 2.6.13 and earlier Description: The issue is related to a Missing Authorization vulnerability in Crocoblock JetElements For Elementor. Recommendations: For versions 2.6.13 and earlier, update to a...

PT-2024-13643 · Crocoblock · Crocoblock Jetelements For Elementor

Name of the Vulnerable Software and Affected Versions: Crocoblock JetElements For Elementor versions 2.6.13 and earlier Description: The issue is related to a Missing Authorization vulnerability in Crocoblock JetElements For Elementor. Recommendations: For versions 2.6.13 and earlier, update to a...

WordPress Mollie Forms Plugin <= 2.6.13 is vulnerable to Cross Site Request Forgery (CSRF)

Software Mollie Forms Type Plugin Vulnerable versions = 2.6.13 Fixed in 2.6.14 OWASP Top 10 A5: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2024-2368 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID be4c386416af Credits Lucio Sá Required...

CVE-2023-48762

Cross-Site Request Forgery CSRF vulnerability in Crocoblock JetElements For Elementor.This issue affects JetElements For Elementor: from n/a through 2.6.13...

PT-2023-30944 · Crocoblock · Crocoblock Jetelements For Elementor

Name of the Vulnerable Software and Affected Versions: Crocoblock JetElements For Elementor versions 2.6.13 and earlier Description: A Cross-Site Request Forgery CSRF issue has been identified. This type of issue allows an attacker to trick a user into performing unintended actions on a web...

Vulnerabilities fixed in Rancher

Vulnerabilities have been fixed in Rancher. The vulnerability with reference CVE-2022-43760 allows a malicious person to perform a Cross-Site Scripting attack. Such an attack can lead to execution of arbitrary code in the context of the browser of the victim. The vulnerabilities marked...

SUSE CVE-2005-2800

Memory leak in the seqfile implementation in the SCSI procfs interface sg.c in Linux kernel 2.6.13 and earlier allows local users to cause a denial of service memory consumption via certain repeated reads from the /proc/scsi/sg/devices file, which is not properly handled when the next iterator...

SUSE CVE-2007-0772

The Linux kernel 2.6.13 and other versions before 2.6.20.1 allows remote attackers to cause a denial of service oops via a crafted NFSACL 2 ACCESS request that triggers a free of an incorrect pointer...

PT-2022-24037 · Smartrg · Smartrg Sr506N +1

Name of the Vulnerable Software and Affected Versions: SmartRG SR506n version 2.5.15 SmartRG SR510n version 2.6.13 Description: The issue allows for Remote Code Execution RCE via the ping host feature. Recommendations: For SmartRG SR506n version 2.5.15, consider disabling the ping host feature...

SmartRG Router 2.6.13 Remote Code Execution Exploit

Exploit Title: SmartRG Router - Remote Code Execution Exploit Author: Yerodin Richards Vendor Homepage: https://adtran.com Version: 2.5.15 / 2.6.13 confirmed Tested on: SR506n 2.5.15 & SR510n 2.6.13 CVE : CVE-2022-37661 import requests from subprocess import Popen, PIPE routerhost =...