Lucene search
K

4 matches found

CVE
CVE
added 2026/02/25 2:19 a.m.16 views

CVE-2026-27610

In Parse Dashboard, versions 7.3.0-alpha.42 through 9.0.0-alpha.7 have a vulnerability where the ConfigKeyCache uses the same cache key for both the master key and the read-only master key when resolving function-typed keys. Under specific timing conditions, this can allow a read-only user to obt...

7CVSS5.4AI score0.00337EPSS
Exploits0References3Affected Software1
Prion
Prion
added 2023/05/02 8:15 a.m.20 views

Design/Logic Flaw

The Download Manager WordPress plugin before 6.3.0 leaks master key information without the need for a password, allowing attackers to download arbitrary password-protected package files...

5CVSS7.5AI score0.00738EPSS
Exploits2References1Affected Software1
WPVulnDB
WPVulnDB
added 2023/04/10 12:0 a.m.43 views

Download Manager Pro < 6.3.0 - Unauthenticated Sensitive Information Disclosure

The plugin leaks master key information without the need for a password, allowing attackers to download arbitrary password-protected package files. PoC - Create a password protected package containing one or more files. - Navigate to the download page of the package e.g. /download/package1 -...

7.5CVSS7.7AI score0.00738EPSS
Exploits2Affected Software1
Positive Technologies
Positive Technologies
added 2015/03/23 12:0 a.m.5 views

PT-2016-1330 · Openssl +6 · Openssl +7

Name of the Vulnerable Software and Affected Versions: OpenSSL versions prior to 0.9.8zf OpenSSL versions prior to 1.0.0r OpenSSL versions prior to 1.0.1m OpenSSL versions prior to 1.0.2a Description: The issue allows man-in-the-middle attackers to determine the MASTER-KEY value and decrypt TLS...

10CVSS8.7AI score0.98685EPSS
Exploits3References166
Rows per page
Query Builder