Lucene search
K

11 matches found

EUVD
EUVD
added 2026/04/02 9:30 a.m.5 views

EUVD-2026-18136

The W3 Total Cache plugin for WordPress is vulnerable to information exposure in all versions up to, and including, 2.9.3. This is due to the plugin bypassing its entire output buffering and processing pipeline when the request's User-Agent header contains "W3 Total Cache", which causes raw...

7.5CVSS5.8AI score0.00956EPSS
Exploits0References4
ATTACKERKB
ATTACKERKB
added 2026/04/02 7:39 a.m.3 views

CVE-2026-5032

The W3 Total Cache plugin for WordPress is vulnerable to information exposure in all versions up to, and including, 2.9.3. This is due to the plugin bypassing its entire output buffering and processing pipeline when the request's User-Agent header contains "W3 Total Cache", which causes raw...

7.5CVSS6.4AI score0.00956EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2026/04/02 7:39 a.m.1 views

CVE-2026-5032 W3 Total Cache <= 2.9.3 - Unauthenticated Security Token Exposure via User-Agent Header

The W3 Total Cache plugin for WordPress is vulnerable to information exposure in all versions up to, and including, 2.9.3. This is due to the plugin bypassing its entire output buffering and processing pipeline when the request's User-Agent header contains "W3 Total Cache", which causes raw...

7.5CVSS5.8AI score0.00956EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/04/02 7:39 a.m.32 views

CVE-2026-5032 W3 Total Cache <= 2.9.3 - Unauthenticated Security Token Exposure via User-Agent Header

The W3 Total Cache plugin for WordPress is vulnerable to information exposure in all versions up to, and including, 2.9.3. This is due to the plugin bypassing its entire output buffering and processing pipeline when the request's User-Agent header contains "W3 Total Cache", which causes raw...

7.5CVSS0.00956EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/04/02 12:0 a.m.21 views

PT-2026-29688

Name of the Vulnerable Software and Affected Versions W3 Total Cache versions up to and including 2.9.3 Description The W3 Total Cache plugin for WordPress is susceptible to information disclosure. The plugin bypasses its output buffering and processing when the User-Agent header contains "W3 Tot...

7.5CVSS5.8AI score0.00956EPSS
Exploits0References6
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2025-29425

Malicious code in bioql PyPI...

6.6AI score
Exploits0References4
Github Security Blog
Github Security Blog
added 2025/08/26 6:45 p.m.10 views

GraphQL Armor Max-Depth Plugin Bypass via fragment caching

Summary A query depth restriction using the max-depth can be bypassed if ignoreIntrospection is enabled which is the default configuration by naming your query/fragment schema. Details In the countDepth function, we have the following code that calculates the depth of a used fragment: typescript...

7.1AI score
Exploits0References4Affected Software1
Snyk
Snyk
added 2025/08/26 6:45 p.m.3 views

Allocation of Resources Without Limits or Throttling

Overview @escape.tech/graphql-armor-max-depth is a Limit the depth allowed in a GraphQL query. Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling via the countDepth function. An attacker can cause excessive resource consumption by crafting...

6.9CVSS6.9AI score
Exploits0References2
OSV
OSV
added 2025/08/26 6:45 p.m.5 views

GHSA-224P-V68G-5G8F GraphQL Armor Max-Depth Plugin Bypass via fragment caching

Summary A query depth restriction using the max-depth can be bypassed if ignoreIntrospection is enabled which is the default configuration by naming your query/fragment schema. Details In the countDepth function, we have the following code that calculates the depth of a used fragment: typescript...

5.3CVSS7.1AI score
Exploits0References4
securityvulns
securityvulns
added 2001/04/09 12:0 a.m.50 views

Уязвимость ipfilter &#40;fragment caching filter bypass&#41;

При проверке фрагментированного пакета не проверяются порты и флаги пакета, только адреса и ip id, если ip id имеется в кэше...

0.8AI score
Exploits0References2Affected Software1
securityvulns
securityvulns
added 2001/04/07 12:0 a.m.41 views

Serious bug in IPFilter

A VERY serious bug has been brought to my attention in IPFilter. In 10 words or less, fragment caching with can let through "any" packet. Ok, so that's 8. Cause ===== When matching a fragment, only srcip, dstip and IP ID are checked and the fragment cache is checked before any rules are checked. ...

7.3AI score
Exploits0
Rows per page
Query Builder