753 matches found
CVE-2026-20692
A privacy issue was addressed with improved handling of user preferences. This issue is fixed in iOS 26.4 and iPadOS 26.4, macOS Sequoia 15.7.5, macOS Sonoma 14.8.5, macOS Tahoe 26.4. "Hide IP Address" and "Block All Remote Content" may not apply to all mail content...
Exploit for CVE-2024-2473
CVE-2024-2473 — WPS Hide Login Page Identifier A profession...
CVE-2026-33425
Discourse is an open-source discussion platform. Prior to versions 2026.3.0-latest.1, 2026.2.1, and 2026.1.2, unauthenticated users can determine whether a specific user is a member of a private group by observing changes in directory results when using the excludegroups parameter. Versions...
CVE-2026-33425 Discourse has inferable private group membership or existence via exclude_groups parameter
Discourse is an open-source discussion platform. Prior to versions 2026.3.0-latest.1, 2026.2.1, and 2026.1.2, unauthenticated users can determine whether a specific user is a member of a private group by observing changes in directory results when using the excludegroups parameter. Versions...
EUVD-2026-13332
Discourse is an open-source discussion platform. Prior to versions 2026.3.0-latest.1, 2026.2.1, and 2026.1.2, when a user has hideprofile enabled, their bio, location, and website were still exposed through the user onebox preview. An authenticated user could request a onebox for a hidden user's...
WordPress Hide My WP Ghost plugin < 7.0.00 - Open Redirection vulnerability
Open Redirection vulnerability discovered by Or Benit in WordPress Plugin Hide My WP Ghost versions 7.0.00...
CVE-2026-2410
CVE-2026-2410 refers to the WordPress plugin Disable Admin Notices – Hide Dashboard Notifications, vulnerable to Cross-Site Request Forgery (CSRF) up to version 1.4.2. The issue arises from missing nonce validation in the showPageContent() function, enabling unauthenticated attackers to craft req...
CVE-2026-21863
Valkey (distributed key-value DB) contains a bug in the clusterbus packet processing: before reading a clusterbus ping extension, the code may read outside the buffer if an invalid packet is sent to the clusterbus port. This can be exploited by a malicious actor with access to the clusterbus port...
BIT-GITLAB-2026-1094 Improper Validation of Unsafe Equivalence in Input in GitLab
GitLab has remediated an issue in GitLab CE/EE affecting all versions from 18.8 before 18.8.4 that could have allowed an authenticated developer to hide specially crafted file changes from the WebUI...
MAL-2026-898 Malicious code in magicwolf (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 3d4f256ccd65da42e297351fbc7c15d4f3b25789c362d0d3419d580c4e07bf34 The package is prepared to download a hardcoded executable and save it in %LOCALAPPDATA% under a very generic name, clearly aiming to hide its existence. Code ...
UBUNTU-CVE-2026-1094
GitLab has remediated an issue in GitLab CE/EE affecting all versions from 18.8 before 18.8.4 that could have allowed an authenticated developer to hide specially crafted file changes from the WebUI...
CVE-2026-1094
Removed by vendor...
GitLab 安全漏洞
GitLab is an end-to-end software development platform provided by the American company GitLab. It includes built-in features such as version control, issue tracking, code review, and CI/CD Continuous Integration and Delivery. Prior to GitLab CE/EE 18.8.4, there was a security vulnerability. This...
CVE-2026-1094
GitLab has remediated an issue in GitLab CE/EE affecting all versions from 18.8 before 18.8.4 that could have allowed an authenticated developer to hide specially crafted file changes from the WebUI...
CVE-2019-25273
Easy-Hide-IP 5.0.0.3 contains an unquoted service path vulnerability in the EasyRedirect service that allows local attackers to potentially execute arbitrary code. Attackers can exploit the unquoted path in 'C:\Program Files\Easy-Hide-IP\rdr\EasyRedirect.exe' to inject malicious executables and...
Edelino Commerce Easy-Hide-IP 代码问题漏洞
Edelino Commerce Easy-Hide-IP is a VPN proxy software developed by Edelino Commerce. Version 5.0.0.3 of Edelino Commerce Easy-Hide-IP contains a code vulnerability. This vulnerability stems from service paths in the EasyRedirect service that are not enclosed in quotes, allowing local attackers to...
CVE-2019-25273 Easy-Hide-IP 5.0.0.3 - 'EasyRedirect' Unquoted Service Path
Easy-Hide-IP 5.0.0.3 contains an unquoted service path vulnerability in the EasyRedirect service that allows local attackers to potentially execute arbitrary code. Attackers can exploit the unquoted path in 'C:\Program Files\Easy-Hide-IP\rdr\EasyRedirect.exe' to inject malicious executables and...
CVE-2019-25273
CVE-2019-25273 affects Easy-Hide-IP 5.0.0.3, where the EasyRedirect service runs from an unquoted Windows service path: C:\Program Files\Easy-Hide-IP\rdr\EasyRedirect.exe. This unquoted path can be exploited by local attackers to inject malicious executables and escalate privileges. The provided ...
CVE-2019-25273
Easy-Hide-IP 5.0.0.3 contains an unquoted service path vulnerability in the EasyRedirect service that allows local attackers to potentially execute arbitrary code. Attackers can exploit the unquoted path in 'C:\Program Files\Easy-Hide-IP\rdr\EasyRedirect.exe' to inject malicious executables and...
CVE-2019-25273 Easy-Hide-IP 5.0.0.3 - 'EasyRedirect' Unquoted Service Path
Easy-Hide-IP 5.0.0.3 contains an unquoted service path vulnerability in the EasyRedirect service that allows local attackers to potentially execute arbitrary code. Attackers can exploit the unquoted path in 'C:\Program Files\Easy-Hide-IP\rdr\EasyRedirect.exe' to inject malicious executables and...