Lucene search
K

3 matches found

Vulnrichment
Vulnrichment
added 2026/05/09 4:15 a.m.11 views

CVE-2026-42560 auth: Patreon provider assigns the same local user ID to every authenticated Patreon account, enabling cross‑user impersonation

auth provides authentication via oauth2, direct and email. From versions 1.18.0 to before 1.25.2 and 2.0.0 to before 2.1.2, the Patreon OAuth provider maps every authenticated Patreon account to the same local user.ID, instead of deriving a unique ID from the Patreon account returned by Patreon. ...

9.1CVSS5.7AI score0.00417EPSS
Exploits0References4
vulnersOsv
vulnersOsv
added 2023/04/17 9:30 a.m.6 views

abi-ds-utils (>=0.1.2 <=0.1.9), abi-pyspark-utils (>=0.1.1 <=0.1.4) +191 more potentially affected by CVE-2023-22946 via pyspark (>=2.1.2 <=3.3.1)

pyspark PYPI version =2.1.2, =0.1.2, =0.1.1, =0.1.5, =0.0.1, =0.2.0, =0.0.2, =1.0.0, =0.9.1, =0.1.57, =0.11.0, =2.5.0b20240324 - bigdl-chronos =2.0.0 - bigdl-chronos-spark2 =2.0.0 - bigdl-chronos-spark3 =2.0.0 and more Source cves: CVE-2023-22946 Source advisory: OSV:GHSA-329J-JFVR-RHR6...

9.9CVSS7.7AI score0.01109EPSS
Exploits0
Exploit DB
Exploit DB
added 2005/04/11 12:0 a.m.30 views

Zoom Media Gallery 2.1.2 - &#039;index.php&#039; SQL Injection

source: https://www.securityfocus.com/bid/13094/info zOOm Media Gallery is reportedly affected by a remote SQL injection vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input before using it in an SQL query. Successful exploitation could result ...

7.4AI score
Exploits0
Rows per page
Query Builder