6 matches found
SUSE CVE-2022-31022
Bleve is a text indexing library for go. Bleve includes HTTP utilities under bleve/http package, that are used by its sample application. These HTTP methods pave way for exploitation of a node's filesystem where the bleve index resides, if the user has used bleve's own HTTP bleve/http handlers fo...
WordPress AZIndex plugin <= 0.8.1 - Index Deletion via CSRF vulnerability
Index Deletion via CSRF vulnerability discovered by Bob Matyas in WordPress Plugin AZIndex versions = 0.8.1...
CVE-2024-7688 AZIndex <= 0.8.1 - Index Deletion via CSRF
The AZIndex WordPress plugin through 0.8.1 does not have CSRF checks in some places, which could allow attackers to make logged in admin delete arbitrary indexes via a CSRF attack...
CVE-2024-7688 AZIndex <= 0.8.1 - Index Deletion via CSRF
The AZIndex WordPress plugin through 0.8.1 does not have CSRF checks in some places, which could allow attackers to make logged in admin delete arbitrary indexes via a CSRF attack...
SUSE CVE-2018-12378
A use-after-free vulnerability can occur when an IndexedDB index is deleted while still in use by JavaScript code that is providing payload values to be stored. This results in a potentially exploitable crash. This vulnerability affects Firefox 62, Firefox ESR 60.2, and Thunderbird 60.2.1...
DEBIAN-CVE-2022-31022
Bleve is a text indexing library for go. Bleve includes HTTP utilities under bleve/http package, that are used by its sample application. These HTTP methods pave way for exploitation of a node’s filesystem where the bleve index resides, if the user has used bleve’s own HTTP bleve/http handlers fo...