42539 matches found
GeoServer Demo Request Endpoint - Server Side Request Forgery
It is possible to achieve Server Side Request Forgery SSRF via the Demo request endpoint if Proxy Base URL has not been set. An unauthenticated user can supply a request that will be issued by the server, allowing enumeration of internal networks and, in the case of cloud instances, access to...
GHSA-FRRJ-87JH-2772 vulnerabilities
Vulnerabilities for packages: kube-vip...
WordPress Dokan plugin <= 5.0.6 - Cross Site Scripting (XSS) vulnerability
Cross Site Scripting XSS vulnerability discovered by daroo in WordPress Plugin Dokan versions = 5.0.6...
GHSA-C6M6-6997-FXFH vulnerabilities
Vulnerabilities for packages: chromium...
GHSA-V598-MR98-5866 vulnerabilities
Vulnerabilities for packages: chromium...
GHSA-MXR8-RXWP-G4GX vulnerabilities
Vulnerabilities for packages: chromium...
CVE-2026-15191
A flaw has been found in mettle sendportal up to 3.0.1. This vulnerability affects unknown code of the file vendor/mettle/sendportal-core/src/Http/Requests/CampaignStoreRequest.php of the component Campaign Creation Endpoint. Executing a manipulation can lead to authorization bypass. The attack c...
CVE-2026-53046
creationtimestamp| type| source ---|---|--- 2026-07-06 06:47:24+00:00| seen| https://www.hkcert.org/security-bulletin/debian-linux-kernel-multiple-vulnerabilities20260706...
PT-2026-55983
The Form Vibes – Database Manager for Forms plugin for WordPress is vulnerable to Stored Cross-Site Scripting via Contact Form 7 Form Field in all versions up to, and including, 1.5.2 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers ...
CVE-2026-14777
SourceCodester Onlne Examination & Learning Management System 1.0 has a vulnerability in /announcements.php that allows unrestricted file upload. The issue arises from an unknown functionality path in announcements.php, enabling remote exploitation and has publicly available exploits. The CVE not...
CVE-2026-13840
creationtimestamp| type| source ---|---|--- 2026-07-02 07:20:35+00:00| seen| https://www.hkcert.org/security-bulletin/google-chrome-multiple-vulnerabilities20260702 2026-07-06 07:16:27+00:00| seen| https://www.hkcert.org/security-bulletin/microsoft-edge-multiple-vulnerabilities20260706...
CVE-2026-43125
creationtimestamp| type| source ---|---|--- 2026-07-02 05:52:07+00:00| seen| https://www.hkcert.org/security-bulletin/ubuntu-linux-kernel-multiple-vulnerabilities20260702 2026-07-02 06:57:29+00:00| seen| https://www.hkcert.org/security-bulletin/redhat-linux-kernel-multiple-vulnerabilities20260702...
GHSA-PPWM-HJ26-HXCV vulnerabilities
Vulnerabilities for packages: chromium...
CVE-2026-10949 vulnerabilities
Vulnerabilities for packages: chromium...
GHSA-VPRH-JJ4G-R8H9 vulnerabilities
Vulnerabilities for packages: chromium...
GHSA-W5FC-G575-V9QJ vulnerabilities
Vulnerabilities for packages: chromium...
GHSA-P3QW-GCRH-3PQ6 vulnerabilities
Vulnerabilities for packages: firefox...
CVE-2026-7322 vulnerabilities
Vulnerabilities for packages: firefox...
GHSA-C6CH-GP25-6CPV vulnerabilities
Vulnerabilities for packages: chromium...
GHSA-366C-RRQJ-7GMP vulnerabilities
Vulnerabilities for packages: chromium...