Lucene search
K

9 matches found

NVD
NVD
added 2026/05/19 11:16 p.m.22 views

CVE-2026-8491

Improper Check for Unusual or Exceptional Conditions vulnerability in Drupal Node View Permissions allows Forceful Browsing. This issue affects Node View Permissions: from 0.0.0 before 1.7.0, from 2.0.0 before 2.0.1...

3.7CVSS0.00214EPSS
Exploits0References1
CVE
CVE
added 2026/05/19 10:28 p.m.19 views

CVE-2026-8491

CVE-2026-8491 involves an improper check in the Drupal Node View Permissions module that permits forceful browsing. Affected are Node View Permissions 0.0.0–1.6.x and 2.0.0–2.0.0, where cancelled users’ content reassigned to anonymous users could be exposed. Remediation: upgrade to 1.7.0 (for 0.0...

3.7CVSS5.8AI score0.00214EPSS
Exploits0References1Affected Software1
Tenable Nessus
Tenable Nessus
added 2026/05/11 12:0 a.m.8 views

Unity Linux 20.1060e / 20.1070e Security Update: linuxptp (UTSA-2026-017411)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017411 advisory. A flaw was found in the ptp4l program of the linuxptp package. When ptp4l is operating on a little-endian architecture as a PTP transparent clock, a remote attacker...

7.1CVSS7.1AI score0.01895EPSS
Exploits0References4
Patchstack
Patchstack
added 2026/03/03 11:25 a.m.8 views

WordPress Lendiz theme < 2.0.1 - Arbitrary File Upload vulnerability

Arbitrary File Upload vulnerability discovered by Tran Nguyen Bao Khanh VCI - VNPT Cyber Immunity in WordPress Theme Lendiz versions 2.0.1...

9.9CVSS5.9AI score0.00447EPSS
Exploits0Affected Software1
OSV
OSV
added 2026/01/28 8:2 p.m.6 views

CVE-2025-13984 Next.js - Critical - Access bypass - SA-CONTRIB-2025-122

Permissive Cross-domain Security Policy with Untrusted Domains vulnerability in Drupal Next.Js allows Cross-Site Scripting XSS.This issue affects Next.Js: from 0.0.0 before 1.6.4, from 2.0.0 before 2.0.1...

6.1CVSS5.9AI score0.00141EPSS
Exploits0References5
CNNVD
CNNVD
added 2025/07/21 12:0 a.m.6 views

Drupal Block Attributes 安全漏洞

Drupal Block Attributes is a configuration interface plugin for the Drupal community. A security vulnerability exists in Drupal Block Attributes versions prior to 1.1.0 and prior to 2.0.1, which stems from improper input neutralization during page generation and could lead to a cross-site scripti...

6.1CVSS6AI score0.00223EPSS
Exploits0References3
Patchstack
Patchstack
added 2025/04/02 12:0 a.m.3 views

Drupal Obfuscate module < 2.0.1 - Authenticated Cross Site Scripting (XSS) vulnerability

Authenticated Cross Site Scripting XSS vulnerability discovered by Pierre Rudloff prudloff in WordPress Module Obfuscate versions 2.0.1...

5.4CVSS6.1AI score0.00217EPSS
Exploits0References1Affected Software1
Positive Technologies
Positive Technologies
added 2024/07/15 12:0 a.m.5 views

PT-2024-28950

Name of the Vulnerable Software and Affected Versions Fastapi OPA versions prior to 2.0.1 Description The issue allows unauthenticated attackers to discover which entities exist within an application by sending HTTP OPTIONS requests. This is because OpaMiddleware allows all HTTP OPTIONS requests...

6.9CVSS5.9AI score0.00563EPSS
Exploits0References16
CNVD
CNVD
added 2017/05/26 12:0 a.m.6 views

Smb4K Local Elevation of Privilege Vulnerability

Smb4K is a set of tools that use Samba software to access SMB/CIFS shares in the local network neighborhood. A security vulnerability exists in versions of Smb4K prior to 2.0.1. A local attacker could exploit this vulnerability to gain root privileges...

7.8CVSS6.8AI score0.01948EPSS
Exploits3References1
Rows per page
Query Builder