Lucene search
K

25 matches found

EUVD
EUVD
added 2026/05/18 7:2 p.m.11 views

EUVD-2026-30543

ws: Uninitialized memory disclosure...

4.4CVSS5.8AI score0.00717EPSS
Exploits1References3
Github Security Blog
Github Security Blog
added 2026/03/11 9:11 p.m.11 views

.NET Denial of Service Vulnerability

Microsoft Security Advisory CVE-2026-26130 – .NET Denial of Service Vulnerability Executive summary Microsoft is releasing this security advisory to provide information about a vulnerability in .NET 8.0, .NET 9.0, and .NET 10.0. This advisory also provides guidance on what developers can do to...

7.5CVSS6AI score0.02818EPSS
Exploits0References5Affected Software12
CNNVD
CNNVD
added 2026/02/12 12:0 a.m.7 views

iNetTools 安全漏洞

iNetTools is a network diagnosis and testing tool developed by iNetTools Corporation. Version 8.20 of iNetTools contains a security vulnerability. This vulnerability stems from a denial-of-service vulnerability in the Whois function, which could allow attackers to cause the application to crash b...

7.5CVSS5.8AI score0.00304EPSS
Exploits0References3
NVD
NVD
added 2026/02/08 2:15 a.m.8 views

CVE-2026-2206

A security flaw has been discovered in WeKan up to 8.20. This vulnerability affects unknown code of the file server/methods/fixDuplicateLists.js of the component Administrative Repair Handler. Performing a manipulation results in improper access controls. It is possible to initiate the attack...

8.8CVSS0.00239EPSS
Exploits0References6
ATTACKERKB
ATTACKERKB
added 2026/02/08 1:9 a.m.7 views

CVE-2026-2208

A security vulnerability has been detected in WeKan up to 8.20. Impacted is an unknown function of the file server/publications/rules.js of the component Rules Handler. The manipulation leads to missing authorization. The attack can be initiated remotely. Upgrading to version 8.21 is recommended ...

5.3CVSS4.6AI score0.00244EPSS
Exploits0References7
ATTACKERKB
ATTACKERKB
added 2026/02/08 1:9 a.m.8 views

CVE-2026-2207

A weakness has been identified in WeKan up to 8.20. This issue affects some unknown processing of the file server/publications/activities.js of the component Activity Publication Handler. Executing a manipulation can lead to information disclosure. It is possible to launch the attack remotely...

6.9CVSS5.3AI score0.00342EPSS
Exploits0References7
CNNVD
CNNVD
added 2026/02/08 12:0 a.m.8 views

WeKan 访问控制错误漏洞

WeKan is an open-source dashboard application developed by WeKan. Versions of WeKan prior to 8.20 contained a access control vulnerability. This vulnerability stemmed from improper handling of the file server/publications/activities.js component in the Activity Publication Handler, which could le...

6.9CVSS6AI score0.00342EPSS
Exploits0References7
ATTACKERKB
ATTACKERKB
added 2026/02/07 9:59 p.m.5 views

CVE-2026-25859

Wekan versions prior to 8.20 allow non-administrative users to access migration functionality due to insufficient permission checks, potentially resulting in unauthorized migration operations...

7.1CVSS5.2AI score0.00343EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2026/02/07 1:23 a.m.10 views

CVE-2026-1963

A vulnerability was found in WeKan up to 8.20. This affects an unknown function of the file models/attachments.js of the component Attachment Storage. The manipulation results in improper access controls. The attack may be launched remotely. Upgrading to version 8.21 mitigates this issue. The pat...

9.8CVSS6AI score0.00323EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/02/07 12:0 a.m.11 views

PT-2026-6934

Name of the Vulnerable Software and Affected Versions Wekan versions prior to 8.20 Description Insufficient permission checks in Wekan allow non-administrative users to access migration functionality, potentially leading to unauthorized migration operations. Recommendations Update Wekan to versio...

8.8CVSS5.4AI score0.00343EPSS
Exploits0References7
Cvelist
Cvelist
added 2026/02/05 12:32 a.m.28 views

CVE-2026-1898 WeKan LDAP User Sync syncUser.js SyncLDAPBleed access control

A vulnerability was determined in WeKan up to 8.20. This affects an unknown part of the file packages/wekan-ldap/server/syncUser.js of the component LDAP User Sync. This manipulation causes improper access controls. It is possible to initiate the attack remotely. Upgrading to version 8.21 is able...

6.5CVSS0.00266EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2026/02/05 12:0 a.m.8 views

PT-2026-6633

Name of the Vulnerable Software and Affected Versions WeKan versions prior to 8.21 Description A flaw exists in WeKan up to version 8.20 related to improper access controls within the REST Endpoint component. The issue resides in an unknown function of the models/boards.js file. Remote exploitati...

5.3CVSS5.3AI score0.00218EPSS
Exploits0References11
Cvelist
Cvelist
added 2026/02/04 11:32 p.m.30 views

CVE-2026-1896 WeKan Migration Operation comprehensiveBoardMigration.js ComprehensiveBoardMigration MigrationBleed access control

A vulnerability has been found in WeKan up to 8.20. Affected by this vulnerability is the function ComprehensiveBoardMigration of the file server/migrations/comprehensiveBoardMigration.js of the component Migration Operation Handler. The manipulation of the argument boardId leads to improper acce...

6.5CVSS0.00276EPSS
Exploits0References6
CVE
CVE
added 2026/02/04 11:2 p.m.14 views

CVE-2026-1895

CVE-2026-1895 affects WeKan up to version 8.20, specifically the Attachment Storage Handler’s file models/lists.js , function applyWipLimit . The vulnerability arises from a manipulation that can lead to improper access controls and can be exploited remotely. The advisory states that upgrading to...

6.5CVSS5AI score0.00276EPSS
Exploits0References7Affected Software1
RedhatCVE
RedhatCVE
added 2025/12/13 8:41 p.m.6 views

CVE-2025-14580

A security vulnerability has been detected in Qualitor up to 8.24.73. The impacted element is an unknown function of the file /Qualitor/html/bc/bcdocumento9/biblioteca/request/viewDocumento.php. Such manipulation of the argument cdscript leads to cross site scripting. It is possible to launch the...

6.1CVSS5.6AI score0.00208EPSS
Exploits1References1
NVD
NVD
added 2025/11/30 4:15 p.m.7 views

CVE-2025-13792

A security flaw has been discovered in Qualitor up to 8.20.104/8.24.97. Affected by this vulnerability is the function eval of the file /html/st/stdeslocamento/request/getResumo.php. Performing a manipulation of the argument passageiros results in code injection. Remote exploitation of the attack...

7.5CVSS0.00402EPSS
Exploits0References6
OSV
OSV
added 2023/04/27 11:15 p.m.6 views

CVE-2023-28400

mySCADA myPRO versions 8.26.0 and prior has parameters which an authenticated user could exploit to inject arbitrary operating system commands...

8.8CVSS5.9AI score0.2457EPSS
Exploits0References1
RedHat Linux
RedHat Linux
added 2022/10/25 9:10 a.m.5 views

mysql: Server: Options unspecified vulnerability (CPU Oct 2021)

Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Options. Supported versions that are affected are 8.0.26 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attac...

4.9CVSS7.3AI score0.01408EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2022/08/24 12:0 a.m.4 views

PT-2022-22387 · Abb · Abb Zenon

Name of the Vulnerable Software and Affected Versions: ABB Zenon version 8.20 Description: The issue allows an attacker to add or alter data points and corresponding attributes. Once such engineering data is used, the data visualization will be altered for the end user. Recommendations: For ABB...

8.4CVSS8.3AI score0.00146EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2022/01/19 12:15 p.m.11 views

CVE-2022-21334

Vulnerability in the MySQL Cluster product of Oracle MySQL component: Cluster: General. Supported versions that are affected are 8.0.27 and prior. Difficult to exploit vulnerability allows high privileged attacker with access to the physical communication segment attached to the hardware where th...

6.3CVSS6.7AI score0.02795EPSS
Exploits0References4Affected Software1
Rows per page
Query Builder