5175 matches found
Joomla! Component Address Book 1.5.0 - Local File Inclusion
A directory traversal vulnerability in the AddressBook comaddressbook component 1.5.0 for Joomla! allows remote attackers to read arbitrary files via a .. dot dot in the controller parameter to index.php. id: CVE-2010-1471 info: name: Joomla! Component Address Book 1.5.0 - Local File Inclusion...
W&B Weave Server - Remote Arbitrary File Leak
The Weave server API allows remote users to fetch files from a specific directory, but due to a lack of input validation, it is possible to traverse and leak arbitrary files remotely. In various common scenarios, this allows a low-privileged user to assume the role of the server admin. id:...
EUVD-2026-43139
The Themify Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via Map Module 'bwidthmap' Field in all versions up to, and including, 7.7.6 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with contributor-level...
CVE-2025-45422
Incorrect access control in Proximus b-box v8c.725A allows authenticated attackers to bypass normal restrictions and make arbitrary changes to port forwarding rules...
CVE-2025-45422
The CVE-2025-45422 entry concerns Proximus b-box v8c.725A and describes an Incorrect access control vulnerability. According to the sources, authenticated attackers can bypass normal restrictions and make arbitrary changes to port forwarding rules. The NVD metrics indicate a CVSS 3.1 base score o...
CVE-2025-45422
Incorrect access control in Proximus b-box v8c.725A allows authenticated attackers to bypass normal restrictions and make arbitrary changes to port forwarding rules...
CVE-2026-6901
CVE-2026-6901 affects B&R Industrial Automation GmbH APROL (pre-R 4.4-01P5). The vulnerability is described as an Untrusted Search Path issue. According to the provided metrics, the impact is high for confidentiality and integrity (CVSS v3.1: HIGH/C:H/I:H; LOCAL access, no user interaction) with ...
EUVD-2026-41868
Improper certificate validation vulnerability in B&R Industrial Automation GmbH APROL. This issue affects APROL: before R 4.4-01P5...
CVE-2026-11856
CVE-2026-11856 describes a cross-origin Digest authentication state leak in libcurl. When a transfer is performed to hostA using Digest auth and the origin is then changed to hostB while reusing the same handle, libcurl may forward the Authorization header intended for hostA to hostB. This is a h...
EUVD-2026-36965
Contributor Privilege Escalation in B Blocks = 2.0.31 versions...
CVE-2026-39579
Contributor Privilege Escalation in B Blocks = 2.0.31 versions...
CVE-2026-39579 WordPress B Blocks plugin <= 2.0.31 - Privilege Escalation vulnerability
Contributor Privilege Escalation in B Blocks = 2.0.31 versions...
CVE-2026-39579
CVE-2026-39579 affects the WordPress plugin B Blocks up to version 2.0.31 . The vulnerability is a privilege escalation in contributor level, with a high impact (CVE metrics: CVSS 3.1 base score 8.8, scope UNCHANGED, confidentiality/integrity/availability all HIGH). Affected component is the plug...
CVE-2026-39579 WordPress B Blocks plugin <= 2.0.31 - Privilege Escalation vulnerability
Contributor Privilege Escalation in B Blocks = 2.0.31 versions...
PT-2026-49400
Contributor Privilege Escalation in B Blocks = 2.0.31 versions...
CVE-2026-47672
epa4all-client is the Java Client for epa4all / ePA 3.0 in the Telematik Infrastruktur. In 1.2.4 and earlier, any network-reachable caller can write arbitrary documents to any patient's electronic health record accessible by the institution's SMC-B card. In a misconfigured deployment e.g.,...
CVE-2026-0259
An arbitrary File Read and Delete Vulnerability in Palo Alto Networks WildFire® WF-500 and WF-500-B appliances enables users to read sensitive information and delete arbitrary files. This vulnerability affects WF-500 and WF-500-B appliances running in the default non-FIPS configuration mode. The...
CVE-2026-45574
epa4all-client is the Java Client for epa4all / ePA 3.0 in the Telematik Infrastruktur. Prior to 1.2.2, an attacker on the network path between the ePA service and the Konnektor can present any TLS certificate self-signed, expired, wrong CN and intercept all SOAP traffic. This includes patient...
RecurGuard: Runtime Monitoring for Reasoning-Token Consumption Attacks
Reasoning-capable large language models can be induced to spend their generation budget on injected decoy tasks rather than answering the user's question, causing denial of service when no final answer is produced and denial of wallet when excess output tokens are billed. Input-side safety...
GHSA-C82X-F4XR-QV33 epa4all-client: Unauthenticated REST API for Patient Record Writes
Impact Any network-reachable caller can write arbitrary documents to any patient's electronic health record accessible by the institution's SMC-B card. In a misconfigured deployment e.g., following the production Docker example in the README, this is exploitable from the local network without...