Lucene search
K

9 matches found

Positive Technologies
Positive Technologies
added 2026/03/13 12:0 a.m.7 views

PT-2026-25226

Missing Authorization vulnerability in raratheme Rara Academic rara-academic allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Rara Academic: from n/a through = 1.2.2...

5.3CVSS5.8AI score0.00214EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/03/12 4:45 p.m.24 views

CVE-2026-28356 ReDoS in multipart 1.3.0 - `parse_options_header()`

multipart is a fast multipart/form-data parser for python. Prior to 1.2.2, 1.3.1 and 1.4.0-dev, the parseoptionsheader function in multipart.py uses a regular expression with an ambiguous alternation, which can cause exponential backtracking ReDoS when parsing maliciously crafted HTTP or multipar...

7.5CVSS0.00606EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/22 2:32 p.m.5 views

EUVD-2025-35409

Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in ypromo PT Luxa Addons pt-luxa-addons allows Path Traversal.This issue affects PT Luxa Addons: from n/a through = 1.2.2...

5.3CVSS6.4AI score0.00391EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2024/12/18 12:0 a.m.4 views

PT-2024-36790

Name of the Vulnerable Software and Affected Versions pyrage versions 1.2.0 through 1.2.2 Description The issue concerns the execution of arbitrary binaries due to malicious plugin names, recipients, or identities. This can occur when a plugin name containing a path separator is provided to the a...

9.8CVSS6AI score0.00472EPSS
Exploits0References28
Positive Technologies
Positive Technologies
added 2024/12/09 12:0 a.m.3 views

PT-2024-12236 · Sparkle Themes · Sparkle Themes Blogger Buzz

Name of the Vulnerable Software and Affected Versions: Sparkle Themes Blogger Buzz versions 1.2.2 and earlier Description: The issue is related to a Missing Authorization vulnerability, which allows exploiting incorrectly configured access control security levels. Recommendations: For Sparkle...

4.3CVSS9.4AI score0.00388EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2024/11/14 12:0 a.m.3 views

PT-2024-25481 · Lunary · Lunary

Name of the Vulnerable Software and Affected Versions: lunary-ai/lunary versions 1.2.2 through 1.2.6 Description: The issue allows unprivileged users to re-generate the private key for projects they do not have access to. Specifically, a user with a 'Member' role can issue a request to regenerate...

9.6CVSS9.4AI score0.00386EPSS
Exploits1References6
Positive Technologies
Positive Technologies
added 2024/10/12 12:0 a.m.8 views

PT-2024-39836 · WordPress · Imagepress

Name of the Vulnerable Software and Affected Versions: ImagePress – Image Gallery plugin for WordPress versions up to, and including, 1.2.2 Description: The issue is due to missing or incorrect nonce validation on the imagepress admin page function, making it possible for unauthenticated attacker...

4.3CVSS6.5AI score0.00232EPSS
Exploits0References12
Positive Technologies
Positive Technologies
added 2024/05/20 12:0 a.m.5 views

PT-2024-27674 · Lunary · Lunary

Name of the Vulnerable Software and Affected Versions: lunary-ai/lunary versions 1.2.2 through 1.2.7 Description: The issue is related to the DELETE endpoint located at packages/backend/src/api/v1/datasets, which is vulnerable to unauthorized dataset deletion due to missing authorization and...

9.1CVSS9.3AI score0.0047EPSS
Exploits1References6
Positive Technologies
Positive Technologies
added 2023/02/09 12:0 a.m.8 views

PT-2023-10255 · Dimtion · Shaarlier

Name of the Vulnerable Software and Affected Versions: dimtion Shaarlier versions up to 1.2.2 Description: A critical issue has been found, affecting the function createTag of the file app/src/main/java/com/dimtion/shaarlier/TagsSource.java in the component Tag Handler. This issue leads to sql...

9.8CVSS6.2AI score0.00628EPSS
Exploits0References7
Rows per page
Query Builder