714 matches found
ON24 Q&A Chat 安全漏洞
ON24 Q&A Chat is an online interactive Q&A and chat component developed by ON24 Inc. There is a security vulnerability in ON24 Q&A Chat. This vulnerability stems from the console-survey/api/v1/answer/EVENTID/TIMESTAMP/ endpoint, which allows unauthorized access through bypassing user-controlled...
CVE-2026-30707
An issue was discovered in SpeedExam Online Examination System SaaS after v.FEV2026. It allows Broken Access Control via the ReviewAnswerDetails ASP.NET PageMethod. Authenticated attackers can bypass client-side restrictions and invoke this method directly to retrieve the full answer key. The...
WordPress LearnPress plugin <= 4.3.2.8 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Quiz Answer Deletion vulnerability
Missing Authorization to Authenticated Subscriber+ Arbitrary Quiz Answer Deletion vulnerability discovered by Jack Pas Dark. - Black Lantern Security in WordPress Plugin LearnPress versions = 4.3.2.8...
GNU C Library 安全漏洞
The GNU C Library is an open-source, free C programming language library published by the GNU community under the LGPL license. Versions of the GNU C Library 2.34 to 2.43 contained security vulnerabilities. These vulnerabilities occurred because the gethostbyaddr or gethostbyaddrr functions might...
EUVD-2026-12629
An issue was discovered in SpeedExam Online Examination System SaaS after v.FEV2026. It allows Broken Access Control via the ReviewAnswerDetails ASP.NET PageMethod. Authenticated attackers can bypass client-side restrictions and invoke this method directly to retrieve the full answer key...
CVE-2026-30707
An issue was discovered in SpeedExam Online Examination System SaaS after v.FEV2026. It allows Broken Access Control via the ReviewAnswerDetails ASP.NET PageMethod. Authenticated attackers can bypass client-side restrictions and invoke this method directly to retrieve the full answer key. The...
CVE-2026-30707
An issue was discovered in SpeedExam Online Examination System SaaS after v.FEV2026. It allows Broken Access Control via the ReviewAnswerDetails ASP.NET PageMethod. Authenticated attackers can bypass client-side restrictions and invoke this method directly to retrieve the full answer key. The...
PT-2026-25930
An issue was discovered in SpeedExam Online Examination System SaaS after v.FEV2026. It allows Broken Access Control via the ReviewAnswerDetails ASP.NET PageMethod. Authenticated attackers can bypass client-side restrictions and invoke this method directly to retrieve the full answer key...
CVE-2026-30707
An issue was discovered in SpeedExam Online Examination System SaaS after v.FEV2026. It allows Broken Access Control via the ReviewAnswerDetails ASP.NET PageMethod. Authenticated attackers can bypass client-side restrictions and invoke this method directly to retrieve the full answer key. The...
CVE-2026-30707
An issue was discovered in SpeedExam Online Examination System SaaS after v.FEV2026. It allows Broken Access Control via the ReviewAnswerDetails ASP.NET PageMethod. Authenticated attackers can bypass client-side restrictions and invoke this method directly to retrieve the full answer key. The...
SpeedExam Online Examination System 安全漏洞
The SpeedExam Online Examination System is an online examination and assessment system developed by the Indian company SpeedExam. Versions of the SpeedExam Online Examination System after v.FEV2026 have security vulnerabilities. These vulnerabilities stem from access control flaws in the...
CVE-2026-30707
CVE-2026-30707 — SpeedExam Online Examination System (SaaS) Affected: SpeedExam Online Examination System (SaaS) after v.FEV2026.Vulnerability: Broken Access Control via the ReviewAnswerDetails ASP.NET PageMethod. Authenticated users can bypass client-side restrictions and invoke the method direc...
Malicious Package
Overview sap-answer is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package authorship...
Malicious code in open-answer-engine-frontend (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c367c12ff794a5b5d5562c0a1a8ab6225007fc76fc23310d8ddc33dda56b8112 The package open-answer-engine-frontend was found to contain malicious code. Source: ghsa-malware...
Malicious Package
Overview open-answer-engine-frontend is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this...
MAL-2026-886 Malicious code in open-answer-engine-frontend (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c367c12ff794a5b5d5562c0a1a8ab6225007fc76fc23310d8ddc33dda56b8112 The package open-answer-engine-frontend was found to contain malicious code. Source: ghsa-malware...
SUSE CVE-2026-24735
Exposure of Private Personal Information to an Unauthorized Actor vulnerability in Apache Answer. This issue affects Apache Answer: through 1.7.1. An unauthenticated API endpoint incorrectly exposes full revision history for deleted content. This allows unauthorized user to retrieve restricted or...
CVE-2026-24735
Exposure of Private Personal Information to an Unauthorized Actor vulnerability in Apache Answer. This issue affects Apache Answer: through 1.7.1. An unauthenticated API endpoint incorrectly exposes full revision history for deleted content. This allows unauthorized user to retrieve restricted or...
GO-2026-4421 Apache Answer Exposure of Private Personal Information to an Unauthorized Actor vulnerability in github.com/apache/answer
Apache Answer Exposure of Private Personal Information to an Unauthorized Actor vulnerability in github.com/apache/answer. NOTE: The source advisory for this report contains additional versions that could not be automatically mapped to standard Go module versions. If this is causing false-positiv...
PT-2026-6525
Apache Answer Exposure of Private Personal Information to an Unauthorized Actor vulnerability in github.com/apache/answer. NOTE: The source advisory for this report contains additional versions that could not be automatically mapped to standard Go module versions. If this is causing false-positiv...