7 matches found
CVE-2026-27329 WordPress YITH WooCommerce Wishlist plugin <= 4.12.0 - Insecure Direct Object References (IDOR) vulnerability
Authorization Bypass Through User-Controlled Key vulnerability in YITH YITH WooCommerce Wishlist allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects YITH WooCommerce Wishlist: from n/a through 4.12.0...
Auth0 Next.js SDK has Improper Proxy Cache Lookup
Description In affected versions of the Next.js SDK, simultaneous requests that trigger a nonce retry may cause the proxy cache fetcher to perform improper lookups for the token request results. Which Projects are Affected? Users are affected if they meet all of the following preconditions: -...
CVE-2026-40155
The CVE concerns the Auth0 Next.js SDK. Affected versions: 4.12.0–4.17.1. Issue: when multiple simultaneous requests trigger a nonce retry, the proxy cache fetcher may perform improper lookups for token request results. Impact: affects projects using both the vulnerable SDK versions and the proxy...
EUVD-2026-20876
LXD: Update of type field in restricted TLS certificate allows privilege escalation to cluster admin...
CVE-2021-22282
Improper Control of Generation of Code 'Code Injection' vulnerability in B&R Industrial Automation Automation Studio allows Local Execution of Code.This issue affects Automation Studio: from 4.0 through 4.12...
B&R Industrial Automation Studio Path Traversal Vulnerability
B&R Industrial Automation Studio is a suite of integrated development environments IDEs from B&R Industrial Automation, an Austrian company that develops and programs its automation solutions. A security vulnerability exists in B&R Industrial Automation Studio versions 4.0 through 4.12 that stems...
Xen elevation of privilege vulnerability (CNVD-2020-07296)
Xen is an open source virtual machine monitor product. An elevation of privilege vulnerability exists in Xen 4.12. and earlier versions. The vulnerability stems from a race condition in page table upgrade and downgrade operations. An attacker could exploit this vulnerability to gain privileges on...