Lucene search
K

11 matches found

NVD
NVD
added 2026/06/17 1:19 p.m.7 views

CVE-2025-69162

Unauthenticated Local File Inclusion in Grecko = 5.17 versions...

8.1CVSS0.00435EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:46 p.m.9 views

CVE-2026-33212

Weblate is a web based localization tool. In versions prior to 5.17, the tasks API didn't verify user access for pending tasks. This could expose logs of in-progress operations to users who don't have access to given scope. The attacker needs to brute-force the random UUID of the task, so...

3.1CVSS5.5AI score0.00221EPSS
Exploits0References1
SUSE CVE
SUSE CVE
added 2026/04/16 11:28 p.m.6 views

SUSE CVE-2026-34244

Weblate is a web based localization tool. In versions prior to 5.17, a user with the project.edit permission granted by the per-project "Administration" role can configure machine translation service URLs pointing to arbitrary internal network addresses. During configuration validation, Weblate...

5CVSS5.8AI score0.0024EPSS
Exploits0References3
Snyk
Snyk
added 2026/04/16 8:43 p.m.4 views

Incorrect Authorization

Overview weblate is an A web-based continuous localization system with tight version control integration Affected versions of this package are vulnerable to Incorrect Authorization in the user API endpoint due to insufficient restriction on the scope of edits. An attacker can gain elevated...

8.8CVSS5.8AI score0.00391EPSS
Exploits0References2
Snyk
Snyk
added 2026/04/16 8:43 p.m.3 views

Server-side Request Forgery (SSRF)

Overview weblate is an A web-based continuous localization system with tight version control integration Affected versions of this package are vulnerable to Server-side Request Forgery SSRF in the project.edit permission. A user can access internal network resources and obtain up to 200 character...

5.3CVSS5.8AI score0.0024EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/04/15 12:0 a.m.11 views

Weblate 安全漏洞

Weblate is an open-source, copyleft, web-based free software system for continuous localization. Versions of Weblate prior to 5.17 contained security vulnerabilities. These vulnerabilities stemmed from the task API not verifying user access permissions, which could allow unauthorized users to...

3.1CVSS5.8AI score0.00221EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/02/24 2:32 a.m.23 views

CVE-2025-13942

A command injection vulnerability in the UPnP function of the Zyxel EX3510-B0 firmware versions through 5.17ABUP.15.1C0 could allow a remote attacker to execute operating system OS commands on an affected device by sending specially crafted UPnP SOAP requests...

9.8CVSS0.0106EPSS
Exploits0References1
Patchstack
Patchstack
added 2025/01/31 8:32 a.m.6 views

WordPress Ninja Tables plugin < 5.0.17 - Admin+ Stored XSS vulnerability

Admin+ Stored XSS vulnerability discovered by tnt24 in WordPress Plugin Ninja Tables versions 5.0.17...

6.1CVSS6.1AI score0.0032EPSS
Exploits1References1Affected Software1
Snyk
Snyk
added 2022/10/21 8:50 p.m.6 views

Denial of Service (DoS)

Overview Microsoft.AspNetCore.App.Runtime.linux-musl-arm is a package providing a default set of APIs for building an ASP.NET Core application. Contains assets used for self-contained deployments. Affected versions of this package are vulnerable to Denial of Service DoS via excess memory...

7.5CVSS7.1AI score0.05041EPSS
Exploits0References2
OSV
OSV
added 2022/03/10 5:44 p.m.3 views

UBUNTU-CVE-2022-0433

A NULL pointer dereference flaw was found in the Linux kernel's BPF subsystem in the way a user triggers the mapgetnextkey function of the BPF bloom filter. This flaw allows a local user to crash the system. This flaw affects Linux kernel versions prior to 5.17-rc1...

5.5CVSS6.7AI score0.00287EPSS
Exploits0References3
BDU FSTEC
BDU FSTEC
added 2015/04/28 12:0 a.m.3 views

The vulnerability of the Gentoo Linux operating system, which allows a malicious intruder to compromise the accessibility of protected information

The vulnerability of the file package in the Gentoo Linux operating system up to version 5.17 can lead to the compromise of protected information. This vulnerability can be exploited remotely...

5CVSS7.3AI score0.0507EPSS
Exploits0References3Affected Software1
Rows per page
Query Builder