7 matches found
CVE-2026-33304
OpenEMR is a free and open source electronic health records and medical practice management application. Prior to 8.0.0.2, an authorization bypass in the dated reminders log allows any authenticated non-admin user to view reminder messages belonging to other users, including associated patient...
PT-2026-26344
OpenEMR is a free and open source electronic health records and medical practice management application. Prior to 8.0.0.2, the module ACL function AclMain::zhAclCheck only checks for the presence of any "allow" user or group. It never checks for explicit "deny" allowed=0. As a result,...
Suricata < 7.0.13 / 8.x < 8.0.2 Multiple Vulnerabilities
The version of OISF Suricata installed on the remote host is prior to 7.0.13 or 8.x prior to 8.0.2. It is, therefore, affected by multiple vulnerabilities, including: - Suricata is a network IDS, IPS and NSM engine developed by the OISF Open Information Security Foundation and the Suricata...
UBUNTU-CVE-2025-64335
Suricata is a network IDS, IPS and NSM engine developed by the OISF Open Information Security Foundation and the Suricata community. In versions from 8.0.0 to before 8.0.2, a NULL dereference can occur when the entropy keyword is used in conjunction with base64data. This issue has been patched in...
WordPress WPCargo Track & Trace plugin <= 8.0.2 - Settings Change vulnerability
Settings Change vulnerability discovered by Mika Patchstack Alliance in WordPress Plugin WPCargo Track & Trace versions = 8.0.2...
SUSE CVE-2022-21322
Vulnerability in the MySQL Cluster product of Oracle MySQL component: Cluster: General. Supported versions that are affected are 8.0.27 and prior. Difficult to exploit vulnerability allows high privileged attacker with access to the physical communication segment attached to the hardware where th...
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.27 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server as well as unauthorized update insert or delete access to some of MySQL Server accessible data. CVSS 3.1 Base Score 7.1 (Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H).
...