Lucene search
K

9 matches found

Vulnrichment
Vulnrichment
added 2026/05/15 2:53 p.m.10 views

CVE-2026-45736 ws: Uninitialized memory disclosure

ws is an open source WebSocket client and server for Node.js. Prior to 8.20.1, the websocket.close implementation is vulnerable to uninitialized memory disclosure when a TypedArray is passed as the reason argument. This vulnerability is fixed in 8.20.1...

4.4CVSS5.8AI score0.00717EPSS
Exploits1References2
CNNVD
CNNVD
added 2026/02/09 12:0 a.m.5 views

Craft CMS SQL注入漏洞

Craft CMS is an open-source content management system developed by Craft CMS. Versions 4.0.0-RC1 to 4.16.17, and 5.0.0-RC1 to 5.8.21 of Craft CMS have SQL injection vulnerabilities. These vulnerabilities stem from improper cleaning of the criteriaorderBy parameter input, which may lead to SQL...

8.8CVSS5.9AI score0.00502EPSS
Exploits1References3
EUVD
EUVD
added 2026/02/08 1:9 a.m.20 views

EUVD-2026-5823

A security flaw has been discovered in WeKan up to 8.20. This vulnerability affects unknown code of the file server/methods/fixDuplicateLists.js of the component Administrative Repair Handler. Performing a manipulation results in improper access controls. It is possible to initiate the attack...

8.8CVSS6.1AI score0.00239EPSS
Exploits0References6
RedhatCVE
RedhatCVE
added 2026/02/06 1:25 a.m.4 views

CVE-2026-1896

A vulnerability has been found in WeKan up to 8.20. Affected by this vulnerability is the function ComprehensiveBoardMigration of the file server/migrations/comprehensiveBoardMigration.js of the component Migration Operation Handler. The manipulation of the argument boardId leads to improper acce...

6.5CVSS6AI score0.00276EPSS
Exploits0References1
OSV
OSV
added 2026/02/05 1:15 a.m.7 views

CVE-2026-1898

A vulnerability was determined in WeKan up to 8.20. This affects an unknown part of the file packages/wekan-ldap/server/syncUser.js of the component LDAP User Sync. This manipulation causes improper access controls. It is possible to initiate the attack remotely. Upgrading to version 8.21 is able...

6.3CVSS5.1AI score
Exploits0References6
SUSE CVE
SUSE CVE
added 2023/10/31 2:29 a.m.2 views

SUSE CVE-2020-14888

Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Optimizer. Supported versions that are affected are 8.0.21 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful...

4.9CVSS6.5AI score0.02293EPSS
Exploits0References2
SUSE CVE
SUSE CVE
added 2023/10/31 2:27 a.m.5 views

SUSE CVE-2021-2055

Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Optimizer. Supported versions that are affected are 8.0.21 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful...

4.9CVSS6.5AI score0.02157EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 2021/09/21 10:13 a.m.5 views

mysql: Server: Optimizer unspecified vulnerability (CPU Oct 2020)

Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Optimizer. Supported versions that are affected are 8.0.21 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful...

6.8CVSS7.2AI score0.02293EPSS
Exploits0References5
OSV
OSV
added 2020/10/21 3:15 p.m.2 views

UBUNTU-CVE-2020-14771

Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Security: LDAP Auth. Supported versions that are affected are 5.7.31 and prior and 8.0.21 and prior. Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to...

2.2CVSS6.6AI score0.01278EPSS
Exploits0References4
Rows per page
Query Builder