Lucene search
K

30 matches found

Cvelist
Cvelist
added 2026/06/15 12:0 a.m.28 views

CVE-2026-50885

Incorrect access control in the share-based read endpoints of Sismics Docs Teedy v1.11 allow unauthorized attackers to access sensitive endpoints via a crafted request...

0.00287EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/09 4:0 p.m.33 views

CVE-2026-49475 FreeSWITCH: Out-of-bounds memory access in core STUN attribute parsing

FreeSWITCH is a Software Defined Telecom Stack enabling the digital transformation from proprietary telecom switches to a software implementation that runs on any commodity hardware. Prior to version 1.11.0, a STUN packet whose declared attribute length is shorter than the structure the parser...

7.5CVSS0.00278EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/06/09 12:0 a.m.16 views

PT-2026-47846

FreeSWITCH is a Software Defined Telecom Stack enabling the digital transformation from proprietary telecom switches to a software implementation that runs on any commodity hardware. Prior to version 1.11.0, a STUN packet whose declared attribute length is shorter than the structure the parser...

7.5CVSS5.4AI score0.00278EPSS
Exploits0References2
Rosalinux
Rosalinux
added 2026/05/19 1:22 p.m.15 views

Advisory ROSA-SA-2026-3269

software: angie 1.11.5 AXIS: ROSA-CHROME unaffected versions = angie-1.11.5-1 affected versions angie-1.11.5-1 CVE-ID: CVE-2026-42945 BDU-ID: None CVE-Crit: HIGH CVE-DESC.: A heap buffer overflow vulnerability in the ngxhttprewritemodule NGINX Plus and NGINX Open Source module allows an...

9.2CVSS6.6AI score0.61469EPSS
Exploits40
SUSE CVE
SUSE CVE
added 2026/04/23 1:23 a.m.7 views

SUSE CVE-2026-40923

Tekton Pipelines project provides k8s-style resources for declaring CI/CD-style pipelines. Starting in version 1.0.0 and prior to versions 1.0.2, 1.3.4, 1.6.2, 1.9.3, and 1.11.1, a validation bypass in the VolumeMount path restriction allows mounting volumes under restricted /tekton/ internal pat...

5.4CVSS5.8AI score0.0022EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2026/04/13 7:23 p.m.5 views

CVE-2026-33737

Chamilo LMS is a learning management system. Prior to 1.11.38 and 2.0.0-RC.3, multiple files use simplexmlloadstring without XXE protection. With LIBXMLNOENT flag, arbitrary server files can be read. This vulnerability is fixed in 1.11.38 and 2.0.0-RC.3...

6.5CVSS5.9AI score0.0022EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/03/06 7:54 a.m.4 views

CVE-2026-28019

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in ThemeREX Manoir manoir allows PHP Local File Inclusion.This issue affects Manoir: from n/a through = 1.11...

8.1CVSS5.8AI score0.00403EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/03/06 7:53 a.m.4 views

CVE-2026-28020

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in ThemeREX Chroma chroma allows PHP Local File Inclusion.This issue affects Chroma: from n/a through = 1.11...

8.1CVSS5.8AI score0.00403EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/03/02 3:49 p.m.2 views

CVE-2025-52476 Chamilo: Reflected XSS via keyword_active parameter

Chamilo is a learning management system. Prior to version 1.11.30, there is a reflected cross-site scripting XSS vulnerability due to improper sanitization of the keywordactive parameter in admin/userlist.php. This issue has been patched in version 1.11.30...

5.1CVSS5.7AI score0.00187EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/02/06 12:0 a.m.7 views

PT-2026-6736

Name of the Vulnerable Software and Affected Versions html5 snmp version 1.11 Description The software contains a persistent cross-site scripting issue. An attacker can inject malicious scripts through the Remark parameter in the add router operation.php file. By crafting a POST request with a...

6.4CVSS6AI score0.00203EPSS
Exploits1References5
ATTACKERKB
ATTACKERKB
added 2025/06/06 1:15 p.m.3 views

CVE-2025-30948

Cross-Site Request Forgery CSRF vulnerability in Giraphix Creative Layouts for Elementor layouts-for-elementor allows Cross Site Request Forgery.This issue affects Layouts for Elementor: from n/a through = 1.11...

4.3CVSS5.9AI score0.0014EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2025/05/23 3:0 a.m.6 views

CVE-2023-1572

A vulnerability has been found in DataGear up to 1.11.1 and classified as problematic. This vulnerability affects unknown code of the component Plugin Handler. The manipulation leads to cross site scripting. It is possible to launch the attack on the local host. The exploit has been disclosed to...

5.4CVSS5.3AI score0.00542EPSS
Exploits1References1
OSV
OSV
added 2025/01/16 3:15 a.m.6 views

CVE-2025-22907

RE11S v1.11 was discovered to contain a stack overflow via the selSSID parameter in the formWlSiteSurvey function...

9.8CVSS5.8AI score0.00894EPSS
Exploits1References3
CNNVD
CNNVD
added 2025/01/16 12:0 a.m.3 views

WordPress plugin Custom Post Type Lockdown 跨站请求伪造漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site request forgery vulnerability...

8.8CVSS8.2AI score0.00274EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/01/16 12:0 a.m.5 views

PT-2025-4739 · Re11S · Re11S

Name of the Vulnerable Software and Affected Versions: RE11S version 1.11 Description: A stack overflow issue was discovered in the setWAN function via the pptpUserName parameter. This issue can be exploited, potentially leading to unintended consequences. No information is available about the...

9.8CVSS6.6AI score0.00712EPSS
Exploits1References11
CNNVD
CNNVD
added 2025/01/16 12:0 a.m.3 views

EDIMAX RE11S 安全漏洞

EDIMAX RE11S is a router from EDIMAX. A security vulnerability exists in EDIMAX RE11S v1.11, which stems from the discovery that the command parameter via /goform/mp contains a command injection vulnerability...

9.8CVSS7.4AI score0.05566EPSS
Exploits1References3
CNNVD
CNNVD
added 2024/09/27 12:0 a.m.3 views

MiniCMS 跨站请求伪造漏洞

MiniCMS is a mini content management system designed for personal websites by Dada bg5sbk, an individual developer. A cross-site request forgery vulnerability exists in MiniCMS version 1.11, which originates from an unknown function in the file page-edit.php that can lead to cross-site request...

6.9CVSS4.8AI score0.00291EPSS
Exploits1References6
ATTACKERKB
ATTACKERKB
added 2024/08/12 11:15 p.m.5 views

CVE-2024-43147

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Merkulove Selection Lite allows Stored XSS.This issue affects Selection Lite: from n/a through 1.11...

6.5CVSS5.2AI score0.00245EPSS
Exploits0References2
CNNVD
CNNVD
added 2024/07/30 12:0 a.m.4 views

ELECOM WRC-X6000XS-G、WRC-X1500GS-B和WRC-X1500GSA-B 安全漏洞

ELECOM WRC-X6000XS-G and others are a wireless router from ELECOM Japan. A security vulnerability exists in the ELECOM WRC-X6000XS-G, WRC-X1500GS-B, WRC-X1500GSA-B v1.11 and earlier versions, which originates from viewing a malicious page while logged in to an affected product with administrative...

8.8CVSS6.3AI score0.00198EPSS
Exploits0References4
CNNVD
CNNVD
added 2023/09/01 12:0 a.m.6 views

Chamilo LMS SQL Injection Vulnerability

Chamilo LMS is an open source online learning and collaboration system from the Chamilo Association. The system supports the creation of instructional content, distance training, and online question and answer sessions. A security vulnerability exists in Chamilo LMS versions v.1.11 through...

4.9CVSS7.8AI score0.00546EPSS
Exploits0References2
Rows per page
Query Builder