Lucene search
K

14 matches found

EUVD
EUVD
added 2026/03/25 6:31 p.m.3 views

EUVD-2026-15651

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in NooTheme Jobmonster noo-jobmonster allows Blind SQL Injection.This issue affects Jobmonster: from n/a through 4.8.4...

5.9AI score0.00283EPSS
Exploits0References2
CVE
CVE
added 2026/03/25 4:14 p.m.13 views

CVE-2026-25340

CVE-2026-25340 affects WordPress/NooTheme Jobmonster plugin/theme versions prior to 4.8.4. The issue is an SQL Injection (Blind) caused by improper neutralization of SQL commands, enabling an attacker to perform blind queries. Exposure is described as affecting Jobmonster from unspecified version...

9.3CVSS5.9AI score0.00283EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/03/07 7:59 a.m.5 views

CVE-2026-27605

Chartbrew is an open-source web application that can connect directly to databases and APIs and use the data to create charts. Prior to version 4.8.4, the application allows uploading files project logos without validating the file type or content. It trusts the extension provided by the user...

6.3CVSS5.7AI score0.00211EPSS
Exploits1References1
Cvelist
Cvelist
added 2026/03/06 4:7 a.m.28 views

CVE-2026-27603 Chartbrew: Unauthenticated Chart Filter Endpoint: POST /project/:project_id/chart/:chart_id/filter missing verifyToken + checkPermissions

Chartbrew is an open-source web application that can connect directly to databases and APIs and use the data to create charts. Prior to version 4.8.4, the chart filter endpoint POST /project/:projectid/chart/:chartid/filter is missing both verifyToken and checkPermissions middleware, allowing...

8.7CVSS0.0042EPSS
Exploits1References2
Patchstack
Patchstack
added 2025/09/25 11:38 p.m.4 views

WordPress ShopEngine plugin <= 4.8.3 - Insufficient Authorization to Authenticated (Editor+) Settings Update vulnerability

Insufficient Authorization to Authenticated Editor+ Settings Update vulnerability discovered by Jonas Benjamin Friedli in WordPress Plugin ShopEngine versions = 4.8.3...

2.7CVSS6.8AI score0.00208EPSS
Exploits0References1Affected Software1
RedHat Linux
RedHat Linux
added 2025/09/15 8:25 a.m.4 views

Moderate: Red Hat Security Advisory: RHACS 4.8.4 security and bug fix update

Updated images are now available for Red Hat Advanced Cluster Security RHACS, which typically include new features, bug fixes, and/or security patches. See the release notes link in the references section for a description of the fixes and enhancements in this particular release...

9.4CVSS6.8AI score0.01735EPSS
Exploits1References3
IBM Security Bulletins
IBM Security Bulletins
added 2025/08/27 2:39 a.m.3 views

Security Bulletin: IBM watsonx Orchestrate Cartridge affected by vulnerability in axios-1.6.1.tgz

Summary IBM watsonx Orchestrate Cartridge contains a vulnerable version of axios-1.6.1.tgz Vulnerability Details CVEID:CVE-2025-27152 DESCRIPTION: axios is a promise based HTTP client for the browser and node.js. The issue occurs when passing absolute URLs rather than protocol-relative URLs to...

8.7CVSS9.2AI score0.00759EPSS
Exploits1Affected Software1
OSV
OSV
added 2024/06/24 10:15 p.m.2 views

UBUNTU-CVE-2023-45195

Adminer and AdminerEvo are vulnerable to SSRF via database connection fields. This could allow an unauthenticated remote attacker to enumerate or access systems the attacker would not otherwise have access to. Adminer is no longer supported, but this issue was fixed in AdminerEvo version 4.8.4...

6.9CVSS5.8AI score0.00412EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2024/04/24 12:0 a.m.3 views

PT-2024-24052 · Unknown · Roamwifi R10

Name of the Vulnerable Software and Affected Versions: RoamWiFi R10 versions prior to 4.8.45 Description: The issue is related to active debug code, allowing a network-adjacent unauthenticated attacker with access to the device to perform unauthorized operations. Recommendations: For RoamWiFi R10...

8.8CVSS7.2AI score0.00326EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2023/03/29 12:0 a.m.5 views

PT-2023-2254 · Samba +6 · Samba +6

Name of the Vulnerable Software and Affected Versions: Samba versions prior to 4.6.16 Samba versions prior to 4.7.9 Samba versions prior to 4.8.4 Samba versions prior to 4.9.7 Description: The issue is related to insufficient protection of service data, which may allow a remote attacker to disclo...

9.8CVSS6.4AI score0.74265EPSS
Exploits14References140
CNNVD
CNNVD
added 2021/02/01 12:0 a.m.8 views

Atlassian Fisheye and Crucible Information Disclosure Vulnerabilities

Atlassian Fisheye and Crucible are both products of Atlassian Australia.Atlassian Fisheye is a suite of source code deep viewing software.Crucible is a suite of code review tools. A security vulnerability exists in versions of Atlassian Fisheye and Crucible prior to 4.8.4 that allows remote...

4.3CVSS5.9AI score0.00868EPSS
Exploits0References3
OSV
OSV
added 2020/11/25 10:15 p.m.3 views

CVE-2020-14191

Affected versions of Atlassian Fisheye/Crucible allow remote attackers to impact the application's availability via a Denial of Service DoS vulnerability in the MessageBundleResource within Atlassian Gadgets. The affected versions are before version 4.8.4...

7.5CVSS7.2AI score0.01212EPSS
Exploits0References2
OSV
OSV
added 2018/12/11 5:29 p.m.4 views

DEBIAN-CVE-2018-19968

An attacker can exploit phpMyAdmin before 4.8.4 to leak the contents of a local file because of an error in the transformation feature. The attacker must have access to the phpMyAdmin Configuration Storage tables, although these can easily be created in any database to which the attacker has...

6.5CVSS9.2AI score0.03254EPSS
Exploits0References1
OSV
OSV
added 2018/08/14 12:0 a.m.3 views

UBUNTU-CVE-2018-10918

A null pointer dereference flaw was found in the way samba checked database outputs from the LDB database layer. An authenticated attacker could use this flaw to crash a samba server in an Active Directory Domain Controller configuration. Samba versions before 4.7.9 and 4.8.4 are vulnerable...

6.5CVSS6.7AI score0.02546EPSS
Exploits0References4
Rows per page
Query Builder