Lucene search
K

823 matches found

RedhatCVE
RedhatCVE
added 2026/01/09 9:5 a.m.12 views

CVE-2024-41565

JustEnoughItems JEI 19.5.0.33 and before contains an Improper Validation of Specified Index, Position, or Offset in Input vulnerability. The specific issue is a failure to validate slot index in JEI for Minecraft, which allows in-game item duplication...

5.3CVSS6.8AI score0.00311EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 9:4 a.m.5 views

CVE-2024-41564

EMI v.1.1.10 and before, fixed in v.1.1.11, contains an Improper Validation of Specified Index, Position, or Offset in Input vulnerability. The specific issue is a failure to validate slot index and decrement stack count in EMI mod for Minecraft, which allows in-game item duplication...

5.3CVSS6.8AI score0.00266EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 9:3 a.m.26 views

CVE-2024-39895

Directus is a real-time API and App dashboard for managing SQL database content. A denial of service DoS attack by field duplication in GraphQL is a type of attack where an attacker exploits the flexibility of GraphQL to overwhelm a server by requesting the same field multiple times in a single...

6.5CVSS7.3AI score0.00795EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2026/01/09 8:54 a.m.6 views

CVE-2021-41117

keypair is a a RSA PEM key generator written in javascript. keypair implements a lot of cryptographic primitives on its own or by borrowing from other libraries where possible, including node-forge. An issue was discovered where this library was generating identical RSA keys used in SSH. This wou...

9.1CVSS7.1AI score0.02993EPSS
Exploits1References1
EUVD
EUVD
added 2026/01/08 4:18 p.m.5 views

EUVD-2026-1517

This vulnerability allows a Backup or Tape Operator to write files as root...

9CVSS6.4AI score0.00608EPSS
Exploits0References2
EUVD
EUVD
added 2026/01/08 2:58 p.m.2 views

EUVD-2026-1571

An External Control of File Name or Path vulnerability in smb4k allowsl ocal users to perform a local root exploit via smb4k mounthelper if they can access and control the contents of a Samba shareThis issue affects smb4k: from ? before 4.0.5...

7.3CVSS6.1AI score0.00111EPSS
Exploits0References3
EUVD
EUVD
added 2026/01/06 6:31 a.m.3 views

EUVD-2026-1083

Not used...

6.4AI score
Exploits0References1
EUVD
EUVD
added 2026/01/02 6:30 p.m.4 views

EUVD-2026-0110

This CVE ID was rejected because it was reserved but not used for a vulnerability disclosure...

5.5AI score
Exploits0References1
EUVD
EUVD
added 2025/12/24 12:30 p.m.3 views

EUVD-2025-205127

In the Linux kernel, the following vulnerability has been resolved: wifi: iwlwifi: fix iwlmvmmaxamsdusize for MLO For MLO, we cannot use vif-bssconf.chandef.chan-band, since that will lead to a NULL-ptr dereference as bssconf isn't used. However, in case of real MLO, we also need to take both LMA...

6AI score0.00022EPSS
Exploits0References4
Cvelist
Cvelist
added 2025/12/16 1:57 p.m.30 views

CVE-2025-68215 ice: fix PTP cleanup on driver removal in error path

In the Linux kernel, the following vulnerability has been resolved: ice: fix PTP cleanup on driver removal in error path Improve the cleanup on releasing PTP resources in error path. The error case might happen either at the driver probe and PTP feature initialization or on PTP restart errors in...

0.00166EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2025/12/13 9:41 a.m.5 views

CVE-2025-14074

The PDF for Contact Form 7 + Drag and Drop Template Builder plugin for WordPress is vulnerable to unauthorized post duplication due to a missing capability check on the 'rednumberduplicate' function in all versions up to, and including, 6.3.3. This makes it possible for authenticated attackers,...

5.3CVSS5.5AI score0.00207EPSS
Exploits0References1
NVD
NVD
added 2025/12/12 10:15 a.m.4 views

CVE-2025-14074

The PDF for Contact Form 7 + Drag and Drop Template Builder plugin for WordPress is vulnerable to unauthorized post duplication due to a missing capability check on the 'rednumberduplicate' function in all versions up to, and including, 6.3.3. This makes it possible for authenticated attackers,...

4.3CVSS0.00207EPSS
Exploits0References4
CVE
CVE
added 2025/12/12 9:20 a.m.20 views

CVE-2025-14074

CVE-2025-14074 concerns the WordPress plugin PDF for Contact Form 7 + Drag and Drop Template Builder. Public sources confirm a vulnerability where an authenticated user (Subscriber or higher) can trigger unauthorized post duplication due to a missing capability check in the rednumber_duplicate fu...

4.3CVSS5.1AI score0.00207EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2025/12/12 9:20 a.m.5 views

CVE-2025-14074 PDF for Contact Form 7 + Drag and Drop Template Builder <= 6.3.3 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Post Duplication

The PDF for Contact Form 7 + Drag and Drop Template Builder plugin for WordPress is vulnerable to unauthorized post duplication due to a missing capability check on the 'rednumberduplicate' function in all versions up to, and including, 6.3.3. This makes it possible for authenticated attackers,...

4.3CVSS5.6AI score0.00207EPSS
Exploits0References4
EUVD
EUVD
added 2025/12/12 9:20 a.m.8 views

EUVD-2025-203072

The PDF for Contact Form 7 + Drag and Drop Template Builder plugin for WordPress is vulnerable to unauthorized post duplication due to a missing capability check on the 'rednumberduplicate' function in all versions up to, and including, 6.3.3. This makes it possible for authenticated attackers,...

5.3CVSS5AI score0.00207EPSS
Exploits0References5
Cvelist
Cvelist
added 2025/12/12 9:20 a.m.33 views

CVE-2025-14074 PDF for Contact Form 7 + Drag and Drop Template Builder <= 6.3.3 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Post Duplication

The PDF for Contact Form 7 + Drag and Drop Template Builder plugin for WordPress is vulnerable to unauthorized post duplication due to a missing capability check on the 'rednumberduplicate' function in all versions up to, and including, 6.3.3. This makes it possible for authenticated attackers,...

4.3CVSS0.00207EPSS
Exploits0References4
Patchstack
Patchstack
added 2025/12/12 12:19 a.m.7 views

WordPress PDF for Contact Form 7 + Drag and Drop Template Builder plugin <= 6.3.3 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Post Duplication vulnerability

Missing Authorization to Authenticated Subscriber+ Arbitrary Post Duplication vulnerability discovered by Legion Hunter in WordPress Plugin PDF for Contact Form 7 versions = 6.3.3...

5.3CVSS6.8AI score0.00207EPSS
Exploits0References1Affected Software1
Positive Technologies
Positive Technologies
added 2025/12/12 12:0 a.m.11 views

PT-2025-50912

The PDF for Contact Form 7 + Drag and Drop Template Builder plugin for WordPress is vulnerable to unauthorized post duplication due to a missing capability check on the 'rednumber duplicate' function in all versions up to, and including, 6.3.3. This makes it possible for authenticated attackers,...

5.3CVSS5.5AI score0.00207EPSS
Exploits0References5
SUSE CVE
SUSE CVE
added 2025/12/10 12:26 a.m.7 views

SUSE CVE-2025-40338

In the Linux kernel, the following vulnerability has been resolved: ASoC: Intel: avs: Do not share the name pointer between components By sharing 'name' directly, tearing down components may lead to use-after-free errors. Duplicate the name to avoid that. At the same time, update the order of...

5.2CVSS6.6AI score0.00188EPSS
Exploits0References20
CVE
CVE
added 2025/12/09 5:23 p.m.12 views

CVE-2025-13924

CVE-2025-13924 affects Advanced Product Fields (Product Addons) for WooCommerce. The vulnerability is a Cross-Site Request Forgery due to missing/incorrect nonce validation on the maybe_duplicate function, allowing unauthenticated attackers to duplicate and publish product field groups (including...

4.3CVSS4.9AI score0.00129EPSS
Exploits0References3
Rows per page
Query Builder