Lucene search
K

5 matches found

NVD
NVD
added 2026/05/29 4:16 p.m.13 views

CVE-2026-33384

QuickCMS allows a user's session identifier to be set before authentication. The value of this session ID stays the same after authentication. This behaviour enables an attacker to fix a session ID for a victim and later hijack the authenticated session. This issue was fixed in a patch to version...

4.8CVSS0.00154EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/04/02 5:31 p.m.5 views

CVE-2026-34584

listmonk is a standalone, self-hosted, newsletter and mailing list manager. From version 4.1.0 to before version 6.1.0, bugs in list permission checks allows users in a multi-user environment to access to lists which they don't have access to under different scenarios. This only affects multi-use...

5.4CVSS5.8AI score0.00171EPSS
Exploits0References4Affected Software1
Positive Technologies
Positive Technologies
added 2026/03/31 12:0 a.m.8 views

PT-2026-29405

iccDEV provides a set of libraries and tools for working with ICC color management profiles. Prior to version 2.3.1.6, there is a heap-buffer-overflow HBO in icAnsiToUtf8 in the XML conversion path. The issue is triggered by a crafted ICC profile which causes icAnsiToUtf8std::string&, char const ...

6.2CVSS5.9AI score0.00156EPSS
Exploits1References5
ATTACKERKB
ATTACKERKB
added 2026/03/27 7:46 p.m.2 views

CVE-2026-33765

Pi-hole Admin Interface is a web interface for managing Pi-hole, a network-level ad and internet tracker blocking application. Versions prior to 6.0 have a critical OS Command Injection vulnerability in the savesettings.php file. The application takes the user-controlled $POST'webtheme' parameter...

9.3CVSS6AI score0.01088EPSS
Exploits0References2Affected Software1
Positive Technologies
Positive Technologies
added 2025/10/25 12:0 a.m.5 views

PT-2025-44019

Name of the Vulnerable Software and Affected Versions Pi-hole Admin Interface versions 6.2.1 and earlier Description The Pi-hole Admin Interface, a web interface for managing the Pi-hole network-level advertisement and internet tracker blocking application, is susceptible to reflected cross-site...

7.5CVSS6.3AI score0.00564EPSS
Exploits2References7
Rows per page
Query Builder