Lucene search
K

5 matches found

Cvelist
Cvelist
added 2026/04/21 7:6 p.m.30 views

CVE-2026-40870 Decidim's comments API allows access to all commentable resources

Decidim is a participatory democracy framework. Starting in version 0.0.1 and prior to versions 0.30.5 and 0.31.1, the root level commentable field in the API allows access to all commentable resources within the platform, without any permission checks. All Decidim instances are impacted that hav...

7.5CVSS0.00287EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/08/21 7:27 p.m.6 views

CVE-2025-55734

flaskBlog is a blog app built with Flask. In 2.8.0 and earlier, the code checks if the userRole is "admin" only when visiting the /admin page, but not when visiting its subroutes. Specifically, only the file routes/adminPanel.py checks the user role when a user is trying to access the admin page,...

6.9CVSS7.2AI score0.00341EPSS
Exploits1References1
SUSE CVE
SUSE CVE
added 2025/01/18 4:9 a.m.3 views

SUSE CVE-2023-44270

An issue was discovered in PostCSS before 8.4.31. The vulnerability affects linters using PostCSS to parse external untrusted CSS. An attacker can prepare CSS in such a way that it will contains parts parsed by PostCSS as a CSS comment. After processing by PostCSS, it will be included in the...

5.3CVSS7AI score0.00822EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2023/02/15 4:8 a.m.2 views

SUSE CVE-2019-15734

An issue was discovered in GitLab Community and Enterprise Edition 8.6 through 12.2.1. Under very specific conditions, commit titles and team member comments could become viewable to users who did not have permission to access these...

4.3CVSS4.7AI score0.00973EPSS
Exploits0References3
OpenVAS
OpenVAS
added 2020/06/15 12:0 a.m.43 views

WordPress Multiple Vulnerabilities (Jun 2020) - Windows

WordPress is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:wordpress:wordpress"; ifdescripti...

6.8CVSS5.3AI score0.03625EPSS
Exploits0References4
Rows per page
Query Builder