Lucene search
K

12 matches found

OSV
OSV
added 2026/05/18 1:26 p.m.11 views

CLEANSTART-2026-AN27706 Security fixes for CVE-2026-22815, CVE-2026-30922, CVE-2026-31958, CVE-2026-32597, CVE-2026-33175, CVE-2026-34052, CVE-2026-34073, CVE-2026-34513, CVE-2026-34514, CVE-2026-34515, CVE-2026-34516, CVE-2026-34517, CVE-2026-34518, CVE-2026-34519, CVE-2026-34520, CVE-2026-34525, CVE-2026-44431, CVE-2026-44432, ghsa-752w-5fwx-jx9f, ghsa-78cv-mqj4-43f7, ghsa-gc5v-m9x4-r6x2, ghsa-jr27-m4p2-rc6r, ghsa-m959-cc7f-wv43, ghsa-qjxf-f2mg-c6mc applied in versions: 4.3.2-r0, 4.3.2-r1, 4.3.2-r2, 4.3.2-r3

Multiple security vulnerabilities affect the jupyterhub-k8s-hub package. These issues are resolved in later releases. See references for individual vulnerability details...

9.1CVSS7.3AI score0.0068EPSS
Exploits2References43
Positive Technologies
Positive Technologies
added 2026/05/12 12:0 a.m.15 views

PT-2026-40268

WGDashboard is a dashboard for WireGuard VPN. Prior to 4.3.2, there are critical vulnerabilities affecting WGDashboard that, if exploited, could allow unauthorized parties to access the host file system without authentication. This vulnerability is fixed in 4.3.2...

9.3CVSS5.8AI score0.00434EPSS
Exploits0References3
CVE
CVE
added 2026/03/13 11:42 a.m.10 views

CVE-2026-32447

The CVE concerns the WordPress Atarim plugin (atarim-visual-collaboration) with versions up to and including 4.3.2. The issue is a Missing Authorization vulnerability caused by incorrectly configured access control security levels, enabling unauthorized exposure or actions. Affected scope: Atarim...

4.3CVSS5.8AI score0.00159EPSS
Exploits0References1
EUVD
EUVD
added 2026/03/12 2:22 a.m.6 views

EUVD-2026-11509

The LearnPress – WordPress LMS Plugin plugin for WordPress is vulnerable to unauthorized email notification triggering due to missing capability checks on all 10 functions in the SendEmailAjax class in all versions up to, and including, 4.3.2.8. The AbstractAjax::catchlpajax dispatcher verifies a...

4.3CVSS5.9AI score0.002EPSS
Exploits0References5
ATTACKERKB
ATTACKERKB
added 2026/02/19 8:35 p.m.4 views

CVE-2026-27327

Missing Authorization vulnerability in YayCommerce YayMail – WooCommerce Email Customizer yaymail allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects YayMail – WooCommerce Email Customizer: from n/a through = 4.3.2...

5.5AI score0.002EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/02/18 12:0 a.m.8 views

PT-2026-20294

The YayMail – WooCommerce Email Customizer plugin for WordPress is vulnerable to unauthorized license key deletion due to a missing authorization check on the /yaymail-license/v1/license/delete REST endpoint in versions up to, and including, 4.3.2. This makes it possible for authenticated...

5.3CVSS5.5AI score0.00307EPSS
Exploits0References5
CNNVD
CNNVD
added 2026/01/23 12:0 a.m.10 views

WordPress plugin Edwiser Bridge has a security vulnerability

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. The...

5.4CVSS5.8AI score0.00209EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/12/16 8:12 a.m.2 views

CVE-2025-66125 WordPress Ultimate Auction plugin <= 4.3.3 - Sensitive Data Exposure vulnerability

Insertion of Sensitive Information Into Sent Data vulnerability in Nitesh Ultimate Auction ultimate-auction allows Retrieve Embedded Sensitive Data.This issue affects Ultimate Auction : from n/a through = 4.3.3...

5.3CVSS5.2AI score0.0024EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/04/02 5:36 p.m.18 views

CVE-2025-31116

Mobile Security Framework MobSF is a pen-testing, malware analysis and security assessment framework capable of performing static and dynamic analysis. The mitigation for CVE-2024-29190 in validhost uses socket.gethostbyname, which is vulnerable to SSRF abuse using DNS rebinding technique. This...

9.8CVSS7.1AI score0.00712EPSS
Exploits2References1
Positive Technologies
Positive Technologies
added 2025/03/29 12:0 a.m.4 views

PT-2025-04: Partial Denial of Service (DoS) in Mobile Security Framework (MobSF)

The vulnerability was identified in Mobile Security Framework MobSF , versions 4.3.0. The discovered vulnerability allows an attacker to modify the Info.plist file and add special characters to the bundle identifier, resulting in a denial of service 500 error of the application. Vulnerability...

4.8CVSS6.6AI score0.00448EPSS
Exploits1References1
CNNVD
CNNVD
added 2023/06/22 12:0 a.m.5 views

Flask-AppBuilder 安全漏洞

Flask-AppBuilder is a simple and fast application development framework. A security vulnerability exists in Flask-AppBuilder versions prior to 4.3.2, which can be exploited by an attacker to trigger a database error by adding special characters to the Add, Edit user form...

2.7CVSS4.9AI score0.00676EPSS
Exploits0References5
CNVD
CNVD
added 2018/08/01 12:0 a.m.5 views

Apple iOS, tvOS and watchOS Kernel Local Information Disclosure Vulnerability

Apple iOS, tvOS, and watchOS are products of Apple Inc. Apple iOS is an operating system developed for mobile devices; tvOS is a smart TV operating system; and watchOS is a smart watch operating system. kernel is one of the kernel components. A security vulnerability exists in the Kernel componen...

5.5CVSS6.4AI score0.00349EPSS
Exploits0References1
Rows per page
Query Builder