Lucene search
K

4 matches found

CVE
CVE
added 2026/04/14 10:23 a.m.11 views

CVE-2025-13822

CVE-2025-13822 concerns MCPHub versions below 0.11.0, where authentication bypass exists due to endpoints lacking authentication middleware. An unauthenticated attacker could perform actions in the name of other users with their privileges. The provided metrics indicate low impact on confidential...

5.3CVSS5.8AI score0.00353EPSS
Exploits0References2Affected Software1
Tenable Nessus
Tenable Nessus
added 2026/01/16 12:0 a.m.5 views

MiracleLinux 4 : curl-7.19.7-37.AXS4.3 (AXSA:2014-397:01)

The remote MiracleLinux 4 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2014-397:01 advisory. cURL is a tool for getting files from HTTP, FTP, FILE, LDAP, LDAPS, DICT, TELNET and TFTP servers, using any of the supported protocols. cURL is...

6.4CVSS6.7AI score0.05599EPSS
Exploits1References3
OSV
OSV
added 2024/11/15 10:15 a.m.3 views

CVE-2024-10311

The External Database Based Actions plugin for WordPress is vulnerable to authentication bypass in versions up to, and including, 0.1. This is due to a missing capability check in the 'edbaadminhandle' function. This makes it possible for authenticated attackers, with subscriber-level permissions...

8.8CVSS5.8AI score0.00433EPSS
Exploits0References2
Prion
Prion
added 2019/03/27 1:29 p.m.19 views

Design/Logic Flaw

A vulnerability was found in moodle before versions 3.6.3, 3.5.5, 3.4.8 and 3.1.17. Users with the "login as other users" capability such as administrators/managers can access other users' Dashboards, but the JavaScript those other users may have added to their Dashboard was not being escaped whe...

3.5CVSS4.9AI score0.02266EPSS
Exploits0References3Affected Software1
Rows per page
Query Builder