Lucene search
K

863 matches found

NVD
NVD
added 2026/07/06 12:16 a.m.8 views

CVE-2026-14777

A weakness has been identified in SourceCodester Onlne Examination & Learning Management System 1.0. Affected by this issue is some unknown functionality of the file /announcements.php. Executing a manipulation can lead to unrestricted upload. The attack can be executed remotely. The exploit has...

6.5CVSS0.00214EPSS
Exploits0References6
CVE
CVE
added 2026/07/05 11:15 p.m.15 views

CVE-2026-14777

SourceCodester Onlne Examination & Learning Management System 1.0 has a vulnerability in /announcements.php that allows unrestricted file upload. The issue arises from an unknown functionality path in announcements.php, enabling remote exploitation and has publicly available exploits. The CVE not...

6.5CVSS6.4AI score0.00214EPSS
Exploits0References6
ATTACKERKB
ATTACKERKB
added 2026/07/05 11:15 p.m.9 views

CVE-2026-14777

A weakness has been identified in SourceCodester Onlne Examination & Learning Management System 1.0. Affected by this issue is some unknown functionality of the file /announcements.php. Executing a manipulation can lead to unrestricted upload. The attack can be executed remotely. The exploit has...

6.5CVSS6.4AI score0.00214EPSS
Exploits0References6Affected Software1
Securelist
Securelist
added 2026/06/29 10:0 a.m.12 views

The Gentlemen are knocking: сustom backdoors and evolving tactics

Introduction This year saw the emergence of The Gentlemen, a prominent example of a group operating under the ransomware-as-a-service RaaS model. Although our initial assessment suggested the group first appeared in mid-2025, it actually started ramping up its activities at the beginning of 2026...

6AI score
Exploits0
NVD
NVD
added 2026/06/27 8:16 a.m.12 views

CVE-2026-11773

The Masteriyo LMS – LMS Course Builder, Quizzes & Certificates plugin for WordPress is vulnerable to authorization bypass in all versions up to, and including, 2.2.1. This is due to the plugin not properly verifying that a user is authorized to perform an action. This makes it possible for...

4.3CVSS0.0015EPSS
Exploits0References6
Cvelist
Cvelist
added 2026/06/27 6:50 a.m.37 views

CVE-2026-11773 Masteriyo LMS <= 2.2.1 - Missing Authorization to Authenticated (Student+) Arbitrary Course Announcement Modification

The Masteriyo LMS – LMS Course Builder, Quizzes & Certificates plugin for WordPress is vulnerable to authorization bypass in all versions up to, and including, 2.2.1. This is due to the plugin not properly verifying that a user is authorized to perform an action. This makes it possible for...

4.3CVSS0.0015EPSS
Exploits0References6
ATTACKERKB
ATTACKERKB
added 2026/06/27 6:50 a.m.8 views

CVE-2026-11773

The Masteriyo LMS – LMS Course Builder, Quizzes & Certificates plugin for WordPress is vulnerable to authorization bypass in all versions up to, and including, 2.2.1. This is due to the plugin not properly verifying that a user is authorized to perform an action. This makes it possible for...

4.3CVSS5.9AI score0.0015EPSS
Exploits0References7
EUVD
EUVD
added 2026/06/27 6:50 a.m.9 views

EUVD-2026-39953

The Masteriyo LMS – LMS Course Builder, Quizzes & Certificates plugin for WordPress is vulnerable to authorization bypass in all versions up to, and including, 2.2.1. This is due to the plugin not properly verifying that a user is authorized to perform an action. This makes it possible for...

4.3CVSS5.9AI score0.0015EPSS
Exploits0References6
CVE
CVE
added 2026/06/27 6:50 a.m.24 views

CVE-2026-11773

CVE-2026-11773 affects the Masteriyo LMS – LMS Course Builder, Quizzes & Certificates WordPress plugin (versions up to 2.2.1). The issue is an authorization bypass where the plugin fails to verify a user’s permission, enabling authenticated attackers with student-level access and above to modify ...

4.3CVSS5.9AI score0.0015EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2026/06/27 12:0 a.m.14 views

PT-2026-53050

Name of the Vulnerable Software and Affected Versions Masteriyo LMS – LMS Course Builder, Quizzes & Certificates versions prior to 2.2.2 Description An authorization bypass exists because the plugin fails to properly verify if a user is authorized to perform specific actions. This allows...

4.3CVSS5.9AI score0.0015EPSS
Exploits0References12
CNNVD
CNNVD
added 2026/06/09 12:0 a.m.17 views

Microsoft Azure 资源管理错误漏洞

Microsoft Azure is an open enterprise-level cloud computing platform provided by the American company Microsoft. There is a resource management vulnerability in Microsoft Azure. Currently, there is no information regarding this vulnerability. Please stay informed by following CNNVD or the vendor’...

8.2CVSS5.3AI score0.00324EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/06/06 12:0 a.m.12 views

EulerOS Virtualization 2.13.1 : avahi (EulerOS-SA-2026-2120)

According to the versions of the avahi package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : Avahi is a system which facilitates service discovery on a local network via the mDNS/DNS-SD protocol suite. In 0.9-rc2 and earlier, ...

6.5CVSS5.6AI score0.00353EPSS
Exploits1References4
CNNVD
CNNVD
added 2026/05/22 12:0 a.m.11 views

Zephyr 安全漏洞

Zephyr is an open-source, scalable real-time operating system RTOS developed by Zephyr. There is a security vulnerability in Zephyr, caused by a bit offset issue. A remote attacker can set an unvalidated negative value of logannounceinterval by sending a specially crafted PTPMSGMANAGEMENT message...

6.5CVSS5.8AI score0.00194EPSS
Exploits1References2
CNNVD
CNNVD
added 2026/05/13 12:0 a.m.11 views

vm2 安全漏洞

vm2 is a high-level virtual machine/sandbox developed by Patrik Simek from Czech Republic. It allows running untrusted code using Node’s built-in modules listed in the allowlist. Versions of vm2 prior to 3.11.2 have security vulnerabilities. There is currently no information regarding these...

9.8CVSS6.1AI score0.00812EPSS
Exploits1References1
CNNVD
CNNVD
added 2026/05/12 12:0 a.m.10 views

Cribl 安全漏洞

Cribl is a log analysis tool. Versions of Cribl prior to 4.17.1 have security vulnerabilities. There is currently no information regarding these vulnerabilities. Please stay informed by following CNNVD or the vendor’s announcements...

9.8CVSS5.8AI score0.00889EPSS
Exploits0References2
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/04/16 9:44 a.m.7 views

Malicious code in apl-announcements (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 4f5e32781749c59464ed1f8d649c60102886b11838297e856aeaa3be42ed15f1 The package apl-announcements was found to contain malicious code...

5.7AI score
Exploits0
OSV
OSV
added 2026/04/16 9:44 a.m.6 views

MAL-2026-2728 Malicious code in apl-announcements (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 4f5e32781749c59464ed1f8d649c60102886b11838297e856aeaa3be42ed15f1 The package apl-announcements was found to contain malicious code...

5.7AI score
Exploits0
Wired Threat Level
Wired Threat Level
added 2026/04/13 10:30 a.m.5 views

The Dumbest Hack of the Year Exposed a Very Real Problem

Last April, a hacker hijacked crosswalk announcements to mimic Mark Zuckerberg and Elon Musk. Records obtained by WIRED reveal how unprepared local authorities were...

5.8AI score
Exploits0
Positive Technologies
Positive Technologies
added 2026/03/30 12:0 a.m.5 views

PT-2026-29104

Name of the Vulnerable Software and Affected Versions Docker Model Runner versions prior to 1.1.25 Docker Desktop versions prior to 4.67.0 Description The software contains a Server-Side Request Forgery SSRF issue within the OCI registry token exchange process. When retrieving a model, the softwa...

9.1CVSS6AI score0.00494EPSS
Exploits0References42
RedhatCVE
RedhatCVE
added 2026/03/26 3:2 p.m.6 views

CVE-2026-32308

OneUptime is a solution for monitoring and managing online services. Prior to 10.0.23, the Markdown viewer component renders Mermaid diagrams with securityLevel: "loose" and injects the SVG output via innerHTML. This configuration explicitly allows interactive event bindings in Mermaid diagrams,...

7.6CVSS6AI score0.00224EPSS
Exploits1References1
Rows per page
Query Builder