Lucene search
K

10 matches found

nvd
nvd
added 2026/05/21 8:16 a.m.24 views

CVE-2026-44073

Authentication modules in Netatalk 1.5.0 through 4.4.2 fail to check the return value of seteuid, which may allow a remote authenticated attacker to retain elevated privileges under error conditions...

5CVSS0.00277EPSS
Exploits0References1
euvd
euvd
added 2026/05/21 7:34 a.m.10 views

EUVD-2026-31236

Netatalk 1.5.0 through 4.4.2 uses DES-ECB for authentication with a timing side channel, which allows a remote attacker to recover authentication credentials via timing analysis...

5.9CVSS5.8AI score0.00389EPSS
Exploits0References1
nvd
nvd
added 2026/03/19 9:17 p.m.9 views

CVE-2026-32622

SQLBot is an intelligent data query system based on a large language model and RAG. Versions 1.5.0 and below contain a Stored Prompt Injection vulnerability that chains three flaws: a missing permission check on the Excel upload API allowing any authenticated user to upload malicious terminology,...

8.8CVSS0.00562EPSS
Exploits1References2
vulncheck_kev
vulncheck_kev
added 2026/03/07 12:0 a.m.2 views

VulnCheck KEV: CVE-2026-21891

ZimaOS is a fork of CasaOS, an operating system for Zima devices and x86-64 systems with UEFI. In versions up to and including 1.5.0, the application checks the validity of the username but appears to skip, misinterpret, or incorrectly validate the password when the provided username matches a...

9.8CVSS5.8AI score0.02169EPSS
In wildExploits1References24
cnnvd
cnnvd
added 2026/01/23 12:0 a.m.8 views

WordPress plugin Hyyan WooCommerce Polylang Integration has a security vulnerability

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. There is...

6.5CVSS5.8AI score0.00248EPSS
Exploits0References1
redhatcve
redhatcve
added 2026/01/01 12:17 p.m.11 views

CVE-2025-63032

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in thinkupthemes Consulting consulting allows Stored XSS.This issue affects Consulting: from n/a through = 1.5.0...

6.5CVSS5.9AI score0.00168EPSS
Exploits0References1
osv
osv
added 2025/11/04 8:18 p.m.9 views

CVE-2025-32786 GLPI Inventory Plugin is Vulnerable to Unauthenticated SQL Injection

The GLPI Inventory Plugin handles network discovery, inventory, software deployment, and data collection for GLPI agents. Versions 1.5.0 and below are vulnerable to SQL Injection. This issue is fixed in version 1.5.1...

7.5CVSS7.5AI score0.06576EPSS
Exploits0References5
ptsecurity
ptsecurity
added 2025/02/07 12:0 a.m.10 views

PT-2025-5911 · WordPress · Thunderbax Wp Admin Custom Page

Name of the Vulnerable Software and Affected Versions: thunderbax WP Admin Custom Page versions 1.5.0 and earlier Description: The issue is a Cross-Site Request Forgery CSRF vulnerability that allows Stored XSS in thunderbax WP Admin Custom Page. Recommendations: For versions 1.5.0 and earlier,...

7.1CVSS9AI score0.0015EPSS
Exploits0References5
cnvd
cnvd
added 2018/08/21 12:0 a.m.5 views

pkgconf buffer overflow vulnerability

pkgconf is an application that configures compilers for development frameworks. A buffer overflow vulnerability exists in the 'dequote' function in pkgconf versions 1.5.0 through 1.5.2. An attacker can exploit this vulnerability to execute arbitrary code or cause a denial of service with the help...

9.8CVSS9.6AI score0.01352EPSS
Exploits0References1
cnvd
cnvd
added 2018/02/06 12:0 a.m.7 views

Atlassian Crowd crowd-application plugin module user forgery vulnerability

Atlassian Crowd is a web-based single sign-on system from Atlassian Australia. The system provides authentication, authorization and other functions for multiple users, web applications and directory servers. crowd-application plugin module is one of the SSO management plugin. A security...

6.8CVSS6.8AI score0.00566EPSS
Exploits0References1
Rows per page
Query Builder