Lucene search
K

20 matches found

NVD
NVD
added 2026/06/02 2:16 p.m.11 views

CVE-2026-49782

Missing Authorization vulnerability in Elementor Elementor Website Builder allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Elementor Website Builder: from n/a through 4.1.0...

5.4CVSS0.00145EPSS
Exploits0References1
NVD
NVD
added 2026/04/23 12:16 a.m.21 views

CVE-2026-1726

IBM Guardium Key Lifecycle Manager 4.1, 4.1.1, 4.2, 4.2.1, 5.0, and 5.1 enables privilege escalation, allowing unauthorized users to perform administrative operations after being demoted. Attackers could access sensitive data, modify system configurations, or change permissions for other users. T...

4.8CVSS0.00194EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/10/24 2:33 p.m.7 views

CVE-2025-49952

Authorization Bypass Through User-Controlled Key vulnerability in favethemes Houzez houzez allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Houzez: from n/a through = 4.2.5...

6.5CVSS5.9AI score0.00408EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.9 views

EUVD-2025-27239

Malicious code in bioql PyPI...

8.7CVSS6.4AI score0.00443EPSS
Exploits0References1
Patchstack
Patchstack
added 2025/09/09 5:9 p.m.7 views

WordPress Export WP Page to Static HTML/CSS Plugin <= 4.1.0 - Broken Access Control Vulnerability

Broken Access Control Vulnerability discovered by Bao - BlueRock in WordPress Plugin Export WP Page to Static HTML/CSS versions = 4.1.0...

5.3CVSS6.6AI score0.00216EPSS
Exploits0Affected Software1
NVD
NVD
added 2025/09/09 9:15 a.m.8 views

CVE-2025-40795

A vulnerability has been identified in SIMATIC PCS neo V4.1 All versions, SIMATIC PCS neo V5.0 All versions, SIMATIC PCS neo V6.0 All versions V6.0 SP1 Update 1, User Management Component UMC All versions V2.15.1.3. Affected products contain a stack-based buffer overflow vulnerability in the...

9.8CVSS0.00665EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/09/09 12:0 a.m.12 views

PT-2025-36683

Name of the Vulnerable Software and Affected Versions: SIMATIC PCS neo versions 4.1 All versions SIMATIC PCS neo versions 5.0 All versions User Management Component UMC versions prior to 2.15.1.3 Description: The software contains an out-of-bounds read issue in the integrated User Management...

8.7CVSS6.4AI score0.00477EPSS
Exploits0References4
Patchstack
Patchstack
added 2025/09/02 4:55 p.m.7 views

WordPress PostX plugin <= 4.1.36 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Abu Hurayra in WordPress Plugin PostX versions = 4.1.36...

7.1CVSS7AI score0.00211EPSS
Exploits0Affected Software1
CNNVD
CNNVD
added 2025/05/07 12:0 a.m.4 views

WordPress plugin WP jQuery DataTable 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin ... A cross-site...

5.9CVSS6.2AI score0.00225EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/01/16 12:0 a.m.9 views

WordPress plugin DD Roles 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plug-in. A security vulnerability...

8.8CVSS8.2AI score0.00533EPSS
Exploits0References1
Patchstack
Patchstack
added 2025/01/15 10:40 a.m.6 views

WordPress MailChimp Subscribe Form plugin <= 4.1 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by Peter Thaleikis Patchstack Alliance in WordPress Plugin MailChimp Subscribe Forms versions = 4.1...

6.5CVSS6.1AI score0.00225EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2024/10/31 1:17 p.m.7 views

WordPress Website price calculator plugin <= 4.1 - SQL Injection vulnerability

SQL Injection vulnerability discovered by LVT-tholv2k Patchstack Alliance in WordPress Plugin Website price calculator versions = 4.1...

8.5CVSS8.1AI score0.00384EPSS
Exploits0Affected Software1
OSV
OSV
added 2023/10/11 8:15 a.m.5 views

CVE-2023-44997

Cross-Site Request Forgery CSRF vulnerability in Nitin Rathod WP Forms Puzzle Captcha plugin = 4.1 versions...

8.8CVSS7.3AI score0.00208EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2022/06/20 12:0 a.m.9 views

CVE-2022-31248

A Observable Response Discrepancy vulnerability in spacewalk-java of SUSE Manager Server 4.1, SUSE Manager Server 4.2 allows remote attackers to discover valid usernames. This issue affects: SUSE Manager Server 4.1 spacewalk-java versions prior to 4.1.46-1. SUSE Manager Server 4.2 spacewalk-java...

5.3CVSS6.8AI score0.00968EPSS
Exploits1References2
vulnersOsv
vulnersOsv
added 2022/05/17 3:46 a.m.6 views

cloud.altemista.fwk.framework:cloud-altemistafwk-documentation (=3.1.0.RELEASE), cloud.altemista.fwk.message:cloud-altemistafwk-core-message-active-conf (>=3.0.0.RELEASE <=3.1.0.RELEASE) +706 more potentially affected by CVE-2012-6092 via org.apache.activemq:activemq-core (>=4.1.1 <=5.7.0)

org.apache.activemq:activemq-core MAVEN version =4.1.1, =3.0.0.RELEASE, =1.0, =1.0.0, =1.0.0, =0.4.2, =0.4.2, =0.4.2, =3.0.0.rc1, =3.0.0.rc1, =3.0.0.rc1, =3.0.0.rc1, =3.2.1 and more Source cves: CVE-2012-6092 Source advisory: OSV:GHSA-RP9P-863F-9C4H...

4.3CVSS6.9AI score0.06018EPSS
Exploits1
Positive Technologies
Positive Technologies
added 2018/11/08 12:0 a.m.6 views

PT-2018-2622 · Apache +1 · Apache Openoffice +2

Name of the Vulnerable Software and Affected Versions: Apache Open Office versions 4.1.5 and earlier Description: The issue is related to an arithmetic overflow that occurs when loading a document with a smaller end line termination than the operating system uses. This defect can cause the softwa...

9.8CVSS7.8AI score0.78683EPSS
Exploits16References37
CNVD
CNVD
added 2018/08/28 12:0 a.m.7 views

SAP BusinessObjects Business Intelligence Admin Tools Information Disclosure Vulnerability

SAP BusinessObjects Business Intelligence is a suite of business intelligence software and enterprise performance solutions from SAP. The product features report generation, analysis, data visualization, etc. Admin Tools is one of the management tools. An information disclosure vulnerability exis...

7.5CVSS7.1AI score0.01744EPSS
Exploits0References1
OSV
OSV
added 2014/12/08 11:59 a.m.3 views

DEBIAN-CVE-2014-9218

libraries/common.inc.php in phpMyAdmin 4.0.x before 4.0.10.7, 4.1.x before 4.1.14.8, and 4.2.x before 4.2.13.1 allows remote attackers to cause a denial of service resource consumption via a long password...

5CVSS8.9AI score0.11055EPSS
Exploits4References1
RedHat Linux
RedHat Linux
added 2009/11/09 3:26 p.m.5 views

tomcat request dispatcher information disclosure vulnerability

Apache Tomcat 4.1.0 through 4.1.39, 5.5.0 through 5.5.27, 6.0.0 through 6.0.18, and possibly earlier versions normalizes the target pathname before filtering the query string when using the RequestDispatcher method, which allows remote attackers to bypass intended access restrictions and conduct...

5CVSS6.1AI score0.18685EPSS
Exploits1References4
Positive Technologies
Positive Technologies
added 2008/10/13 12:0 a.m.5 views

PT-2008-4686 · Apache · Apache Tomcat

Name of the Vulnerable Software and Affected Versions: Apache Tomcat versions 4.1.0 through 4.1.31 Apache Tomcat version 5.5.0 Description: The issue allows remote attackers to bypass IP address restrictions and obtain sensitive information due to a synchronization problem and lack of thread...

4.3CVSS6.4AI score0.04807EPSS
Exploits2References27
Rows per page
Query Builder