Lucene search
K

1289 matches found

Fedora
Fedora
added 2026/04/16 11:42 p.m.10 views

[SECURITY] Fedora 44 Update: kf6-kcoreaddons-6.25.0-1.fc44

KCoreAddons provides classes built on top of QtCore to perform various tasks such as manipulating mime types, autosaving files, creating backup files, generating random sequences, performing text manipulations such as macro replacement, accessing user information and many more...

5.8AI score
Exploits0
SUSE CVE
SUSE CVE
added 2026/04/16 11:28 p.m.8 views

SUSE CVE-2026-33435

Weblate is a web based localization tool. In versions prior to 5.17, the project backup didn't filter Git and Mercurial configuration files which could lead to remote code execution under certain circumstances. This issue has been fixed in version 5.17. If developers are unable to update...

8CVSS6.4AI score0.00708EPSS
Exploits0References3
EUVD
EUVD
added 2026/04/16 8:41 p.m.4 views

EUVD-2026-23001

Weblate: Remote code execution during backup restoration...

8CVSS6.2AI score0.00708EPSS
Exploits0References3
OSV
OSV
added 2026/04/15 7:16 p.m.11 views

PYSEC-2026-154

Weblate is a web based localization tool. In versions prior to 5.17, the project backup didn't filter Git and Mercurial configuration files which could lead to remote code execution under certain circumstances. This issue has been fixed in version 5.17. If developers are unable to update...

8CVSS6.4AI score0.00708EPSS
Exploits0References2
PyPA
PyPA
added 2026/04/15 7:16 p.m.12 views

PYSEC-2026-154

Weblate is a web based localization tool. In versions prior to 5.17, the project backup didn't filter Git and Mercurial configuration files which could lead to remote code execution under certain circumstances. This issue has been fixed in version 5.17. If developers are unable to update...

8CVSS6.4AI score0.00708EPSS
Exploits0References2Affected Software1
NVD
NVD
added 2026/04/15 7:16 p.m.5 views

CVE-2026-33435

Weblate is a web based localization tool. In versions prior to 5.17, the project backup didn't filter Git and Mercurial configuration files which could lead to remote code execution under certain circumstances. This issue has been fixed in version 5.17. If developers are unable to update...

8CVSS0.00708EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/04/15 12:0 a.m.12 views

Weblate 安全漏洞

Weblate is an open-source, copyleft, web-based free software system for continuous localization. Versions of Weblate prior to 5.17 contained security vulnerabilities. These vulnerabilities stemmed from the project’s backup files containing unfiltered Git and Mercurial configuration files, which...

8CVSS6.2AI score0.00708EPSS
Exploits0References1
NVD
NVD
added 2026/04/10 2:16 a.m.12 views

CVE-2026-2712

The WP-Optimize plugin for WordPress is vulnerable to unauthorized access of functionality due to missing capability checks in the receiveheartbeat function in includes/class-wp-optimize-heartbeat.php in all versions up to, and including, 4.5.0. This is due to the Heartbeat handler directly...

5.4CVSS0.00427EPSS
Exploits0References5
Debian CVE
Debian CVE
added 2026/04/09 9:18 a.m.3 views

CVE-2026-34178

In Canonical LXD before 6.8, the backup import path validates project restrictions against backup/index.yaml in the supplied tar archive but creates the instance from backup/container/backup.yaml, a separate file in the same archive that is never checked against project restrictions. An...

9.1CVSS5.5AI score0.00424EPSS
Exploits1
SUSE CVE
SUSE CVE
added 2026/04/06 11:25 p.m.5 views

SUSE CVE-2026-33026

Nginx UI is a web user interface for the Nginx web server. Prior to version 2.3.4, the nginx-ui backup restore mechanism allows attackers to tamper with encrypted backup archives and inject malicious configuration during restoration. This issue has been patched in version 2.3.4...

9.4CVSS5.7AI score0.00328EPSS
Exploits1References3
Tenable Nessus
Tenable Nessus
added 2026/04/03 12:0 a.m.5 views

Cisco Nexus Dashboard Configuration Backup REST API Unauthorized Access (cisco-sa-nd-cbid-5YqkOSHu)

According to its self-reported version, Cisco Nexus Dashboard is affected by a vulnerability. - A vulnerability in the configuration backup feature of Cisco Nexus Dashboard could allow an attacker who has the encryption password and access to Full or Config-only backup files to access sensitive...

6.5CVSS6.1AI score0.00293EPSS
Exploits0References3
OSV
OSV
added 2026/04/02 6:42 p.m.5 views

GO-2026-4903 nginx-ui Backup Restore Allows Tampering with Encrypted Backups in github.com/0xJacky/Nginx-UI

nginx-ui Backup Restore Allows Tampering with Encrypted Backups in github.com/0xJacky/Nginx-UI...

9.4CVSS5.9AI score0.00328EPSS
Exploits1References2
Positive Technologies
Positive Technologies
added 2026/04/02 12:0 a.m.5 views

PT-2026-29916

The restoreTenant admin mutation is missing from the authorization middleware config admin.go:499-522, making it completely unauthenticated. Unlike the similar restore mutation which requires Guardian-of-Galaxy authentication, restoreTenant executes with zero middleware. This mutation accepts...

10CVSS6AI score
Exploits0References5
Positive Technologies
Positive Technologies
added 2026/04/02 12:0 a.m.4 views

PT-2026-29946

nginx-ui Backup Restore Allows Tampering with Encrypted Backups in github.com/0xJacky/Nginx-UI...

5.8AI score
Exploits0References3
NVD
NVD
added 2026/04/01 10:16 p.m.3 views

CVE-2026-34563

CI4MS is a CodeIgniter 4-based CMS skeleton that delivers a production-ready, modular architecture with RBAC authorization and theme support. Prior to version 0.31.0.0, the application fails to properly sanitize user-controlled input when handling backup uploads and processing backup metadata. An...

9.1CVSS0.00269EPSS
Exploits1References2
EUVD
EUVD
added 2026/04/01 6:36 p.m.2 views

EUVD-2026-17935

A vulnerability in the configuration backup feature of Cisco Nexus Dashboard could allow an attacker who has the encryption password and access to Full or Config-only backup files to access sensitive information. This vulnerability exists because authentication details are included in the encrypt...

6.5CVSS6.1AI score0.00293EPSS
Exploits0References2
NVD
NVD
added 2026/04/01 5:28 p.m.4 views

CVE-2026-20042

A vulnerability in the configuration backup feature of Cisco Nexus Dashboard could allow an attacker who has the encryption password and access to Full or Config-only backup files to access sensitive information. This vulnerability exists because authentication details are included in the encrypt...

6.5CVSS0.00293EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/04/01 4:27 p.m.3 views

CVE-2026-20042 Cisco Nexus Dashboard Configuration REST API Unauthorized Access Vulnerability

A vulnerability in the configuration backup feature of Cisco Nexus Dashboard could allow an attacker who has the encryption password and access to Full or Config-only backup files to access sensitive information. This vulnerability exists because authentication details are included in the encrypt...

6.5CVSS6.1AI score0.00293EPSS
Exploits0References1
CVE
CVE
added 2026/04/01 4:27 p.m.63 views

CVE-2026-20042

The CVE-2026-20042 issue affects Cisco Nexus Dashboard’s configuration backup feature. The root cause is that authentication details are stored in encrypted backup files, and an attacker with a valid backup file and the encryption password can decrypt the backup to retrieve sensitive information....

6.5CVSS6.1AI score0.00293EPSS
Exploits0References1
Cisco
Cisco
added 2026/04/01 4:0 p.m.15 views

Cisco Nexus Dashboard Configuration Backup REST API Unauthorized Access Vulnerability

A vulnerability in the configuration backup feature of Cisco Nexus Dashboard could allow an attacker who has the encryption password and access to Full or Config-only backup files to access sensitive information. This vulnerability exists because authentication details are included in the encrypt...

6.5CVSS6.1AI score0.00293EPSS
Exploits0References1
Rows per page
Query Builder