Lucene search
K

78 matches found

OSV
OSV
added 2026/03/13 6:58 p.m.3 views

GHSA-9VVH-2768-C8VP OpenClaw: Discord guild reaction ingress could bypass users and roles allowlists

Summary In affected versions of openclaw, Discord reaction ingestion for guild channels did not enforce the same member users and roles allowlist checks used for normal inbound guild messages. A non-allowlisted guild member could still trigger reaction events that were accepted and queued as...

5.4CVSS5.8AI score
Exploits0References3
Github Security Blog
Github Security Blog
added 2026/03/13 6:58 p.m.14 views

OpenClaw: Discord guild reaction ingress could bypass users and roles allowlists

Summary In affected versions of openclaw, Discord reaction ingestion for guild channels did not enforce the same member users and roles allowlist checks used for normal inbound guild messages. A non-allowlisted guild member could still trigger reaction events that were accepted and queued as...

5.8AI score
Exploits0References3Affected Software1
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2000-0636

Malware in sbrugna...

7.5CVSS6.4AI score0.07068EPSS
Exploits1References5
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2020-0165

Malware in sbrugna...

7.7CVSS7.4AI score0.01065EPSS
Exploits0References6
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2024-45647

Malicious code in bioql PyPI...

6.5CVSS8.6AI score0.00374EPSS
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/07/01 10:34 a.m.6 views

Malicious code in guild-rotator (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 9a65fe418eb6f3e397826f4b880e1a87b1966ddc4813ed73c05697b831d23e31 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

6.9AI score
Exploits0References1
OSV
OSV
added 2025/07/01 10:34 a.m.3 views

MAL-2025-5500 Malicious code in guild-rotator (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 9a65fe418eb6f3e397826f4b880e1a87b1966ddc4813ed73c05697b831d23e31 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

7AI score
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 6:40 a.m.4 views

CVE-2024-51850

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in bchristopeit WoW Guild Armory Roster guild-armory-roster allows Stored XSS.This issue affects WoW Guild Armory Roster: from n/a through = 0.5.5...

6.5CVSS7.2AI score0.00374EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 5:1 p.m.6 views

CVE-2020-27384

The Gw2-64.exe in Guild Wars 2 launcher version 106916 suffers from an elevation of privileges vulnerability which can be used by an "Authenticated User" to modify the existing executable file with a binary of his choice. The vulnerability exist due to the improper permissions, with the 'F' flag...

7.8CVSS6.9AI score0.0032EPSS
Exploits1
RedhatCVE
RedhatCVE
added 2025/02/05 2:58 p.m.7 views

CVE-2020-15278

Red Discord Bot before version 3.4.1 has an unauthorized privilege escalation exploit in the Mod module. This exploit allows Discord users with a high privilege level within the guild to bypass hierarchy checks when the application is in a specific condition that is beyond that user's control. By...

7.7CVSS6.9AI score0.01065EPSS
Exploits0
NVD
NVD
added 2024/11/19 5:15 p.m.8 views

CVE-2024-51850

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in bchristopeit WoW Guild Armory Roster guild-armory-roster allows Stored XSS.This issue affects WoW Guild Armory Roster: from n/a through = 0.5.5...

6.5CVSS0.00374EPSS
Exploits0References1
CVE
CVE
added 2024/11/19 4:31 p.m.40 views

CVE-2024-51850

CVE-2024-51850 is a Stored Cross-Site Scripting (XSS) vulnerability in the WordPress plugin WoW Guild Armory Roster (bchristopeit) affecting versions 0.5.5 and earlier. The issue arises from improper neutralization of user input during web page generation, enabling stored XSS via input that is re...

6.5CVSS7.2AI score0.00374EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/11/19 4:31 p.m.10 views

CVE-2024-51850 WordPress WoW Guild Armory Roster plugin <= 0.5.5 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in bchristopeit WoW Guild Armory Roster guild-armory-roster allows Stored XSS.This issue affects WoW Guild Armory Roster: from n/a through = 0.5.5...

6.5CVSS8.6AI score0.00374EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/11/19 4:31 p.m.15 views

CVE-2024-51850 WordPress WoW Guild Armory Roster plugin <= 0.5.5 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in bchristopeit WoW Guild Armory Roster guild-armory-roster allows Stored XSS.This issue affects WoW Guild Armory Roster: from n/a through = 0.5.5...

6.5CVSS0.00374EPSS
Exploits0References1
CNNVD
CNNVD
added 2024/11/19 12:0 a.m.2 views

WordPress plugin WoW Guild Armory Roster 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site scripting vulnerability exists...

6.5CVSS7.6AI score0.00374EPSS
Exploits0References1
Patchstack
Patchstack
added 2024/11/08 2:8 p.m.3 views

WordPress WoW Guild Armory Roster plugin <= 0.5.5 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by SOPROBRO Patchstack Alliance in WordPress Plugin WoW Guild Armory Roster versions = 0.5.5...

6.5CVSS6.1AI score0.00374EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2024/11/08 12:0 a.m.8 views

WordPress WoW Guild Armory Roster Plugin <= 0.5.5 is vulnerable to Cross Site Scripting (XSS)

Software WoW Guild Armory Roster Type Plugin Vulnerable versions = 0.5.5 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-51850 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 56dc451178b5 Credits SOPROBRO Required privilege...

6.5CVSS6.9AI score0.00374EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2024/09/03 7:1 p.m.9 views

CVE-2024-45307 SudoBot missing authorization check in `-config` command

SudoBot, a Discord moderation bot, is vulnerable to privilege escalation and exploit of the -config command in versions prior to 9.26.7. Anyone is theoretically able to update any configuration of the bot and potentially gain control over the bot's settings. Every version of v9 before v9.26.7 is...

8.8CVSS8AI score0.00299EPSS
Exploits0References2
CVE
CVE
added 2024/09/03 7:1 p.m.57 views

CVE-2024-45307

SudoBot (Discord moderation bot) contains a privilege escalation flaw in the -config command due to missing authorization checks. Any user could update bot configurations and potentially take control of settings on affected installations. Affected versions are all v9 before 9.26.7; v8 and newer 9...

9.8CVSS9.5AI score0.00299EPSS
Exploits0References2Affected Software1
Packet Storm
Packet Storm
added 2024/08/31 12:0 a.m.174 views

Guild FTPd 0.999.8.11/0.999.14 Heap Corruption

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Guild FTPd 0.999.8.11/0.999.14 Heap Corruption', 'Description' = %q Guild FTPd 0.999.8.11 and 0.999.14 are vulnerable to heap corruption. You nee...

10CVSS7AI score0.60692EPSS
Exploits2
Rows per page
Query Builder