Lucene search
K

10 matches found

ATTACKERKB
ATTACKERKB
added 4 days ago6 views

CVE-2026-54261

Wagtail is an open source content management system built on Django. In versions prior to 7.0.8, 7.3.3 and 7.4.2, due to a missing permission check on the image preview endpoint, a user with access to the Wagtail admin can preview any image. The existing data of the image object itself is not...

6.5CVSS5.6AI score0.00201EPSS
Exploits0References2Affected Software1
Malwarebytes
Malwarebytes
added 2026/04/07 10:45 a.m.8 views

Support platform breach exposes Hims & Hers customer data

Healthcare companies handle some of the most personal data imaginable. That makes them a magnet for hackers. And when those companies outsource their customer support to third-party platforms, every one of those platforms becomes another door someone can try to kick in. Telehealth giant Hims & He...

5.8AI score
Exploits0
EUVD
EUVD
added 2025/12/19 9:29 a.m.6 views

EUVD-2025-204523

The myCred – Points Management System For Gamification, Ranks, Badges, and Loyalty Program plugin for WordPress is vulnerable to Missing Authorization in versions up to, and including, 2.9.7.1. This is due to the plugin not properly verifying that a user is authorized to perform an action. This...

4.3CVSS5AI score0.00208EPSS
Exploits0References4
NVD
NVD
added 2025/10/22 4:15 p.m.7 views

CVE-2025-62607

Nautobot Single Source of Truth SSoT is an app for Nautobot. Prior to version 3.10.0, an unauthenticated attacker could access this page to view the Service Now public instance name e.g. companyname.service-now.com. This is considered low-value information. This does not expose the Secret, the...

5.3CVSS0.00268EPSS
Exploits0References3
OSV
OSV
added 2025/04/28 9:31 a.m.5 views

GHSA-RC42-6C7J-7H5R Spring Boot EndpointRequest.to() creates wrong matcher if actuator endpoint is not exposed

EndpointRequest.to creates a matcher for null/ if the actuator endpoint, for which the EndpointRequest has been created, is disabled or not exposed. Your application may be affected by this if all the following conditions are met: You use Spring Security EndpointRequest.to has been used in a Spri...

7.3CVSS7AI score0.00358EPSS
Exploits0References4
Spring Security Advisories
Spring Security Advisories
added 2025/04/24 12:0 a.m.9 views

Spring Boot EndpointRequest.to() creates wrong matcher if actuator endpoint is not exposed

EndpointRequest.to creates a matcher for null/ if the actuator endpoint, for which the EndpointRequest has been created, is disabled or not exposed. Your application may be affected by this if all the following conditions are met: You are not affected if any of the following is true:...

7.3CVSS6.9AI score0.00358EPSS
Exploits0References1Affected Software1
Positive Technologies
Positive Technologies
added 2022/09/14 12:0 a.m.6 views

PT-2022-7401 · Glpi +2 · Glpi +2

Name of the Vulnerable Software and Affected Versions: GLPI versions prior to 10.0.3 Description: The issue concerns the exposure of private information defined in the setup of GLPI, such as smtp or cas hosts, to unauthorized individuals. This exposure can be exploited remotely, allowing attacker...

10CVSS6.3AI score0.99628EPSS
Exploits40References205
The Hacker News
The Hacker News
added 2018/08/24 10:55 a.m.4 views

T-Mobile Hacked — 2 Million Customers' Personal Data Stolen

T-Mobile today confirmed that the telecom giant suffered a security breach on its US servers on August 20 that may have resulted in the leak of "some" personal information of up to 2 million T-Mobile customers. The leaked information includes customers' name, billing zip code, phone number, email...

6.4AI score
Exploits0
UbuntuCve
UbuntuCve
added 2015/10/06 5:59 p.m.21 views

CVE-2015-3862

mediaserver in Android before 5.1.1 LMY48T allows attackers to cause a denial of service process crash via unspecified vectors, aka internal bug 22954006...

5CVSS5.9AI score0.00463EPSS
Exploits0References3
RedHat Linux
RedHat Linux
added 2014/07/22 5:59 p.m.3 views

Mozilla: Out of bounds write in NSPR (MFSA 2014-55)

An out-of-bounds write flaw was found in NSPR. A remote attacker could potentially use this flaw to crash an application using NSPR or, possibly, execute arbitrary code with the privileges of the user running that application. This NSPR flaw was not exposed to web content in any shipped version o...

10CVSS7.3AI score0.06381EPSS
Exploits0References5
Rows per page
Query Builder