Lucene search
K

7 matches found

Cvelist
Cvelist
added 2026/05/07 7:35 a.m.36 views

CVE-2026-27329 WordPress YITH WooCommerce Wishlist plugin <= 4.12.0 - Insecure Direct Object References (IDOR) vulnerability

Authorization Bypass Through User-Controlled Key vulnerability in YITH YITH WooCommerce Wishlist allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects YITH WooCommerce Wishlist: from n/a through 4.12.0...

5.3CVSS0.00315EPSS
Exploits0References1
Github Security Blog
Github Security Blog
added 2026/04/21 3:21 p.m.9 views

Auth0 Next.js SDK has Improper Proxy Cache Lookup

Description In affected versions of the Next.js SDK, simultaneous requests that trigger a nonce retry may cause the proxy cache fetcher to perform improper lookups for the token request results. Which Projects are Affected? Users are affected if they meet all of the following preconditions: -...

5.4CVSS5.8AI score0.00214EPSS
Exploits0References5Affected Software1
CVE
CVE
added 2026/04/17 8:54 p.m.17 views

CVE-2026-40155

The CVE concerns the Auth0 Next.js SDK. Affected versions: 4.12.0–4.17.1. Issue: when multiple simultaneous requests trigger a nonce retry, the proxy cache fetcher may perform improper lookups for token request results. Impact: affects projects using both the vulnerable SDK versions and the proxy...

5.4CVSS5.7AI score0.00214EPSS
Exploits0References3Affected Software1
EUVD
EUVD
added 2026/04/10 7:20 p.m.5 views

EUVD-2026-20876

LXD: Update of type field in restricted TLS certificate allows privilege escalation to cluster admin...

9.1CVSS5.8AI score0.00274EPSS
Exploits1References3
OSV
OSV
added 2024/02/02 7:15 a.m.3 views

CVE-2021-22282

Improper Control of Generation of Code 'Code Injection' vulnerability in B&R Industrial Automation Automation Studio allows Local Execution of Code.This issue affects Automation Studio: from 4.0 through 4.12...

7.8CVSS5.8AI score0.00397EPSS
Exploits0References1
CNNVD
CNNVD
added 2024/02/02 12:0 a.m.5 views

B&R Industrial Automation Studio Path Traversal Vulnerability

B&R Industrial Automation Studio is a suite of integrated development environments IDEs from B&R Industrial Automation, an Austrian company that develops and programs its automation solutions. A security vulnerability exists in B&R Industrial Automation Studio versions 4.0 through 4.12 that stems...

7.5CVSS6.8AI score0.00376EPSS
Exploits0References2
CNVD
CNVD
added 2019/12/12 12:0 a.m.2 views

Xen elevation of privilege vulnerability (CNVD-2020-07296)

Xen is an open source virtual machine monitor product. An elevation of privilege vulnerability exists in Xen 4.12. and earlier versions. The vulnerability stems from a race condition in page table upgrade and downgrade operations. An attacker could exploit this vulnerability to gain privileges on...

6.6CVSS9.3AI score0.01187EPSS
Exploits0References1
Rows per page
Query Builder