36 matches found
Allocation of Resources Without Limits or Throttling
Overview Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling via the Optimizer component. An attacker can cause the server to hang or crash repeatedly by sending specially crafted requests over the network. This is only exploitable if the...
CVE-2025-66091
CVE-2025-66091 is a DOM-based XSS vulnerability in the WordPress plugin Stylish Cost Calculator (design stylish-cost-calculator) up to version
Allocation of Resources Without Limits or Throttling
Overview Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling via the Server: Optimizer component. A high privileged attacker can cause the server to hang or crash repeatedly by sending specially crafted requests over the network. Remediation...
UBUNTU-CVE-2025-7259
An authorized user can issue queries with duplicate id fields, that leads to unexpected behavior in MongoDB Server, which may result to crash. This issue can only be triggered by authorized users and cause Denial of Service. This issue affects MongoDB Server v8.1 version 8.1.0...
CVE-2025-7259 Certain Queries with Duplicate _id Fields May Cause MongoDB Server to Crash
An authorized user can issue queries with duplicate id fields, that leads to unexpected behavior in MongoDB Server, which may result to crash. This issue can only be triggered by authorized users and cause Denial of Service. This issue affects MongoDB Server v8.1 version 8.1.0...
MongoDB Server 安全漏洞
MongoDB Server is a set of open source NoSQL databases from the American company MongoDB. The database provides collection-oriented storage, dynamic querying, data replication and automatic failover. A security vulnerability exists in MongoDB Server version v8.1, which stems from a duplicateid...
IBM Spectrum Protect Server 访问控制错误漏洞
IBM Spectrum Protect Server is a spectrum protection system from International Business Machines IBM, Inc. provides comprehensive data resiliency for physical file servers, virtual environments, and a wide range of applications. An access control error vulnerability exists in IBM Spectrum Protect...
CVE-2025-48827
vBulletin 5.0.0 through 5.7.5 and 6.0.0 through 6.0.3 allows unauthenticated users to invoke protected API controllers' methods when running on PHP 8.1 or later, as demonstrated by the /api.php?method=protectedMethod pattern, as exploited in the wild in May 2025...
CVE-2022-34593
DPTech VPN v8.1.28.0 was discovered to contain an arbitrary file read vulnerability...
CVE-2020-35206
Reflected XSS in Web Compliance Manager in Quest Policy Authority version 8.1.2.200 allows attackers to inject malicious code into the browser via a specially crafted link to the cConn.jsp file via the ur parameter. NOTE: This vulnerability only affects products that are no longer supported by th...
CVE-2020-9769
Multiple issues were addressed by updating to version 8.1.1850. This issue is fixed in macOS Catalina 10.15.4. Multiple issues in Vim...
CVE-2016-10917
The search-everything plugin before 8.1.6 for WordPress has SQL injection related to empty search strings, a different vulnerability than CVE-2014-2316...
ICEcoder 安全漏洞
ICEcoder is a browser-based code editor from ICEcoder open source. Allows users to code online or offline directly in a web browser. A security vulnerability exists in ICEcoder version 8.1, which stems from the discovery of a contained path traversal vulnerability via...
PT-2024-18941
Name of the Vulnerable Software and Affected Versions github.com/gotenberg/gotenberg/v8/pkg/gotenberg versions prior to 8.1.0 github.com/gotenberg/gotenberg/v8/pkg/modules/chromium versions prior to 8.1.0 github.com/gotenberg/gotenberg/v8/pkg/modules/webhook versions prior to 8.1.0 Description Th...
Globitel SpeechLog Analytics 安全漏洞
Globitel SpeechLog Analytics is a speech analysis module from Globitel. A security vulnerability exists in Globitel SpeechLog Analytics version v8.1, which was discovered to contain a stored cross-site scripting XSS vulnerability in the "Save Query" function...
PT-2024-2371 · Phpmyfaq · Phpmyfaq
Name of the Vulnerable Software and Affected Versions: phpMyFAQ versions 8.1 and later Description: The issue is related to the lack of protection for the web page structure, allowing an attacker to conduct cross-site scripting XSS attacks using specially crafted .html files. An attacker with adm...
mysql: Server: Optimizer unspecified vulnerability (CPU Oct 2023)
Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Optimizer. Supported versions that are affected are 8.0.34 and prior and 8.1.0. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server...
GHSA-M6VM-37G8-GQVH MySQL Connectors takeover vulnerability
Vulnerability in the MySQL Connectors product of Oracle MySQL component: Connector/J. Supported versions that are affected are 8.1.0 and prior. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise MySQL Connectors. Successful...
UBUNTU-CVE-2023-22095
Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Optimizer. The supported version that is affected is 8.1.0. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of thi...
CVE-2023-44229
CVE-2023-44229 concerns the Tiny Carousel Horizontal Slider WordPress plugin. The vulnerability is an authenticated (admin+) Stored Cross-Site Scripting (XSS) flaw in versions