Lucene search
K

753 matches found

Cvelist
Cvelist
added 2026/03/25 12:31 a.m.22 views

CVE-2026-20692

A privacy issue was addressed with improved handling of user preferences. This issue is fixed in iOS 26.4 and iPadOS 26.4, macOS Sequoia 15.7.5, macOS Sonoma 14.8.5, macOS Tahoe 26.4. "Hide IP Address" and "Block All Remote Content" may not apply to all mail content...

0.00424EPSS
Exploits0References4
GithubExploit
GithubExploit
added 2026/03/23 6:32 p.m.242 views

Exploit for CVE-2024-2473

CVE-2024-2473 — WPS Hide Login Page Identifier A profession...

5.3CVSS5.8AI score0.01235EPSS
Exploits1
NVD
NVD
added 2026/03/21 12:16 a.m.4 views

CVE-2026-33425

Discourse is an open-source discussion platform. Prior to versions 2026.3.0-latest.1, 2026.2.1, and 2026.1.2, unauthenticated users can determine whether a specific user is a member of a private group by observing changes in directory results when using the excludegroups parameter. Versions...

6.9CVSS0.00207EPSS
Exploits0References1
OSV
OSV
added 2026/03/20 11:12 p.m.7 views

CVE-2026-33425 Discourse has inferable private group membership or existence via exclude_groups parameter

Discourse is an open-source discussion platform. Prior to versions 2026.3.0-latest.1, 2026.2.1, and 2026.1.2, unauthenticated users can determine whether a specific user is a member of a private group by observing changes in directory results when using the excludegroups parameter. Versions...

6.9CVSS5.9AI score0.00207EPSS
Exploits0References3
EUVD
EUVD
added 2026/03/19 9:52 p.m.6 views

EUVD-2026-13332

Discourse is an open-source discussion platform. Prior to versions 2026.3.0-latest.1, 2026.2.1, and 2026.1.2, when a user has hideprofile enabled, their bio, location, and website were still exposed through the user onebox preview. An authenticated user could request a onebox for a hidden user's...

4.3CVSS5.8AI score0.00302EPSS
Exploits0References1
Patchstack
Patchstack
added 2026/03/18 10:12 a.m.4 views

WordPress Hide My WP Ghost plugin < 7.0.00 - Open Redirection vulnerability

Open Redirection vulnerability discovered by Or Benit in WordPress Plugin Hide My WP Ghost versions 7.0.00...

5.9AI score0.00201EPSS
Exploits0Affected Software1
CVE
CVE
added 2026/02/25 9:26 a.m.13 views

CVE-2026-2410

CVE-2026-2410 refers to the WordPress plugin Disable Admin Notices – Hide Dashboard Notifications, vulnerable to Cross-Site Request Forgery (CSRF) up to version 1.4.2. The issue arises from missing nonce validation in the showPageContent() function, enabling unauthenticated attackers to craft req...

4.3CVSS5.5AI score0.00131EPSS
Exploits0References4
CVE
CVE
added 2026/02/23 7:41 p.m.23 views

CVE-2026-21863

Valkey (distributed key-value DB) contains a bug in the clusterbus packet processing: before reading a clusterbus ping extension, the code may read outside the buffer if an invalid packet is sent to the clusterbus port. This can be exploited by a malicious actor with access to the clusterbus port...

7.5CVSS5.7AI score0.00552EPSS
Exploits0References8Affected Software1
OSV
OSV
added 2026/02/16 4:30 p.m.3 views

BIT-GITLAB-2026-1094 Improper Validation of Unsafe Equivalence in Input in GitLab

GitLab has remediated an issue in GitLab CE/EE affecting all versions from 18.8 before 18.8.4 that could have allowed an authenticated developer to hide specially crafted file changes from the WebUI...

4.6CVSS5.6AI score0.00162EPSS
Exploits0References4
OSV
OSV
added 2026/02/14 2:2 a.m.6 views

MAL-2026-898 Malicious code in magicwolf (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 3d4f256ccd65da42e297351fbc7c15d4f3b25789c362d0d3419d580c4e07bf34 The package is prepared to download a hardcoded executable and save it in %LOCALAPPDATA% under a very generic name, clearly aiming to hide its existence. Code ...

6.5AI score
Exploits0References6
OSV
OSV
added 2026/02/11 12:16 p.m.3 views

UBUNTU-CVE-2026-1094

GitLab has remediated an issue in GitLab CE/EE affecting all versions from 18.8 before 18.8.4 that could have allowed an authenticated developer to hide specially crafted file changes from the WebUI...

4.6CVSS5.8AI score0.00162EPSS
Exploits0References5
Debian CVE
Debian CVE
added 2026/02/11 11:4 a.m.6 views

CVE-2026-1094

Removed by vendor...

4.6CVSS5.8AI score0.00162EPSS
Exploits0
CNNVD
CNNVD
added 2026/02/11 12:0 a.m.9 views

GitLab 安全漏洞

GitLab is an end-to-end software development platform provided by the American company GitLab. It includes built-in features such as version control, issue tracking, code review, and CI/CD Continuous Integration and Delivery. Prior to GitLab CE/EE 18.8.4, there was a security vulnerability. This...

4.6CVSS5.9AI score0.00162EPSS
Exploits0References4
UbuntuCve
UbuntuCve
added 2026/02/11 12:0 a.m.3 views

CVE-2026-1094

GitLab has remediated an issue in GitLab CE/EE affecting all versions from 18.8 before 18.8.4 that could have allowed an authenticated developer to hide specially crafted file changes from the WebUI...

4.6CVSS5.9AI score0.00162EPSS
Exploits0References4
NVD
NVD
added 2026/02/05 12:15 a.m.5 views

CVE-2019-25273

Easy-Hide-IP 5.0.0.3 contains an unquoted service path vulnerability in the EasyRedirect service that allows local attackers to potentially execute arbitrary code. Attackers can exploit the unquoted path in 'C:\Program Files\Easy-Hide-IP\rdr\EasyRedirect.exe' to inject malicious executables and...

8.5CVSS0.0015EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/02/05 12:0 a.m.8 views

Edelino Commerce Easy-Hide-IP 代码问题漏洞

Edelino Commerce Easy-Hide-IP is a VPN proxy software developed by Edelino Commerce. Version 5.0.0.3 of Edelino Commerce Easy-Hide-IP contains a code vulnerability. This vulnerability stems from service paths in the EasyRedirect service that are not enclosed in quotes, allowing local attackers to...

8.5CVSS7.7AI score0.0015EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/02/04 11:15 p.m.33 views

CVE-2019-25273 Easy-Hide-IP 5.0.0.3 - 'EasyRedirect' Unquoted Service Path

Easy-Hide-IP 5.0.0.3 contains an unquoted service path vulnerability in the EasyRedirect service that allows local attackers to potentially execute arbitrary code. Attackers can exploit the unquoted path in 'C:\Program Files\Easy-Hide-IP\rdr\EasyRedirect.exe' to inject malicious executables and...

8.5CVSS0.0015EPSS
Exploits0References3
CVE
CVE
added 2026/02/04 11:15 p.m.12 views

CVE-2019-25273

CVE-2019-25273 affects Easy-Hide-IP 5.0.0.3, where the EasyRedirect service runs from an unquoted Windows service path: C:\Program Files\Easy-Hide-IP\rdr\EasyRedirect.exe. This unquoted path can be exploited by local attackers to inject malicious executables and escalate privileges. The provided ...

8.5CVSS5.7AI score0.0015EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2026/02/04 11:15 p.m.4 views

CVE-2019-25273

Easy-Hide-IP 5.0.0.3 contains an unquoted service path vulnerability in the EasyRedirect service that allows local attackers to potentially execute arbitrary code. Attackers can exploit the unquoted path in 'C:\Program Files\Easy-Hide-IP\rdr\EasyRedirect.exe' to inject malicious executables and...

8.5CVSS5.7AI score0.0015EPSS
Exploits0References3Affected Software1
Vulnrichment
Vulnrichment
added 2026/02/04 11:15 p.m.2 views

CVE-2019-25273 Easy-Hide-IP 5.0.0.3 - 'EasyRedirect' Unquoted Service Path

Easy-Hide-IP 5.0.0.3 contains an unquoted service path vulnerability in the EasyRedirect service that allows local attackers to potentially execute arbitrary code. Attackers can exploit the unquoted path in 'C:\Program Files\Easy-Hide-IP\rdr\EasyRedirect.exe' to inject malicious executables and...

8.5CVSS5.7AI score0.0015EPSS
Exploits0References3
Rows per page
Query Builder