Lucene search
+L

7 matches found

EUVD
EUVD
added yesterday7 views

EUVD-2026-44884

The The Cache Purger plugin for WordPress is vulnerable to authorization bypass in all versions up to, and including, 2.3.20. This is due to the plugin not properly verifying that a user is authorized to perform an action. This makes it possible for authenticated attackers, with subscriber-level...

4.3CVSS6.1AI score0.00222EPSS
Exploits0References6
Snyk
Snyk
added 2026/07/02 9:12 a.m.8 views

Missing Authorization

Overview Affected versions of this package are vulnerable to Missing Authorization via the beforerequest handler in the trace API endpoints. An authenticated attacker can bypass access controls by sending trace read, search, delete, update, linking, or assessment requests for experiments they do...

8.8CVSS7.2AI score0.00348EPSS
Exploits1References2
Snyk
Snyk
added 2026/07/02 9:12 a.m.6 views

Missing Authorization

Overview mlflow is a platform to streamline machine learning development, including tracking experiments, packaging code into reproducible runs, and sharing and deploying models. Affected versions of this package are vulnerable to Missing Authorization via the beforerequest handler in the trace A...

8.8CVSS7.3AI score0.00348EPSS
Exploits1References2
ATTACKERKB
ATTACKERKB
added 2026/06/22 5:16 p.m.8 views

CVE-2026-54289

Hono is a Web application framework that provides support for any JavaScript runtime. Prior to 4.12.25, on AWS Lambda@Edge, CloudFront delivers a request header that appears more than once as several separate entries. The adapter writes each value with Headers.set instead of Headers.append, so...

4.8CVSS5.9AI score0.00114EPSS
Exploits0References2Affected Software1
Wiz blog
Wiz blog
added 2026/05/12 1:24 p.m.11 views

Introducing Wiz Audit History: Track Every Change Across your Environment

Wiz Audit History is now GA, providing a continuous, cross-cloud timeline of changes to resource configurations and findings to accelerate incident response and simplify compliance...

5.8AI score
Exploits0
GithubExploit
GithubExploit
added 2026/03/10 6:45 a.m.140 views

Metasploit-Project

MSF Cloud — Security Exploitation & Education Platform SSEP...

5.9AI score
Exploits0
RedhatCVE
RedhatCVE
added 2025/02/06 12:3 a.m.10 views

CVE-2022-29176

Rubygems is a package registry used to supply software for the Ruby language ecosystem. Due to a bug in the yank action, it was possible for any RubyGems.org user to remove and replace certain gems even if that user was not authorized to do so. To be vulnerable, a gem needed: one or more dashes i...

9.9CVSS6.7AI score0.01845EPSS
Exploits0References1
Rows per page
Query Builder