CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

51 matches found

GiveWP - Missing Authorization to Settings Update

GiveWP plugin through 2.5.9 for WordPress contains an unauthenticated settings change caused by insecure access in includes/gateways/stripe/includes/admin/admin-actions.php, letting attackers modify settings without authentication, exploit requires no authentication. id: CVE-2020-20627 info: name...

5.3CVSS6AI score0.02812EPSS

Exploits0References4

AstraLinux•added 2026/05/20 5:53 a.m.•4 views

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: Do not clone flow post-action attributes a second time. The code already clones post-action attributes in mlx5ecloneflowattrforpostact. Creating another copy in mlx5etcpostactadd is an error remaining from the original...

5.8AI score0.00021EPSS

Exploits0References1

NVD•added 2026/04/08 7:16 a.m.•1 views

CVE-2026-3480

The WP Blockade plugin for WordPress is vulnerable to Missing Authorization in all versions up to and including 0.9.14. The plugin registers an adminpost action hook 'wp-blockade-shortcode-render' that maps to the rendershortcodepreview function. This function lacks any capability check...

6.5CVSS0.00015EPSS

Exploits0References7

NVD•added 2026/03/24 6:16 p.m.•1 views

CVE-2026-33162

Craft CMS is a content management system CMS. From version 5.3.0 to before version 5.9.14, an authenticated control panel user with only accessCp can move entries across sections via POST /actions/entries/move-to-section, even when they do not have saveEntries:sectionUid permission for either...

7.1CVSS0.00013EPSS

Exploits0References3

RedhatCVE•added 2025/12/31 1:58 p.m.•1 views

CVE-2023-54262

In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: Don't clone flow post action attributes second time The code already clones post action attributes in mlx5ecloneflowattrforpostact. Creating another copy in mlx5etcpostactadd is a erroneous leftover from original...

5.8CVSS5.6AI score0.00021EPSS

Exploits0References4

SUSE CVE•added 2025/12/31 12:27 a.m.•1 views

SUSE CVE-2023-54262

7CVSS6.8AI score0.00021EPSS

Exploits0References6

Tenable Nessus•added 2025/12/31 12:0 a.m.•2 views

Linux Distros Unpatched Vulnerability : CVE-2023-54262

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - net/mlx5e: Don't clone flow post action attributes second time The code already clones post action attributes in mlx5ecloneflowattrforpostact. Creating another...

7.5AI score0.00021EPSS

Exploits0References3

EUVD•added 2025/12/30 3:30 p.m.•1 views

EUVD-2023-60379

6.3AI score0.00021EPSS

Exploits0References5

NVD•added 2025/12/30 1:16 p.m.•1 views

CVE-2023-54262

0.00021EPSS

Exploits0References4

UbuntuCve•added 2025/12/30 1:16 p.m.•1 views

CVE-2023-54262

5.7AI score0.00021EPSS

Exploits0References6

OSV•added 2025/12/30 1:16 p.m.•1 views

UBUNTU-CVE-2023-54262

5.7AI score0.00021EPSS

Exploits0References7

Cvelist•added 2025/12/30 12:15 p.m.•19 views

CVE-2023-54262 net/mlx5e: Don't clone flow post action attributes second time

0.00021EPSS

Exploits0References4

CVE•added 2025/12/30 12:15 p.m.•12 views

CVE-2023-54262

CVE-2023-54262 affects the Linux kernel’s mlx5 networking stack (net/mlx5e). The issue arises from cloning flow post-action attributes twice: mlx5e_clone_flow_attr_for_post_act() already clones, and mlx5e_tc_post_act_add() clones again, creating a double-copy that can lead to a use-after-free in ...

6.4AI score0.00021EPSS

Exploits0References4

Debian CVE•added 2025/12/30 12:15 p.m.•2 views

CVE-2023-54262

5.3AI score0.00021EPSS

Exploits0

OSV•added 2025/12/30 12:15 p.m.•1 views

CVE-2023-54262 net/mlx5e: Don't clone flow post action attributes second time

6.7AI score0.00021EPSS

Exploits0References7

Positive Technologies•added 2025/12/30 12:0 a.m.•1 views

PT-2025-54091

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contains an issue within the mlx5e module related to flow post action attributes. The code unnecessarily clones these attributes, leading to a use-after-free condition...

7.8CVSS7.7AI score0.00145EPSS

Exploits2References844

OSV•added 2025/12/24 1:16 p.m.•0 views

UBUNTU-CVE-2023-54074

In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: Use correct encap attribute during invalidation With introduction of post action infrastructure most of the users of encap attribute had been modified in order to obtain the correct attribute by calling...

5.7AI score0.00024EPSS

Exploits0References5

OSV•added 2025/12/24 12:23 p.m.•3 views

CVE-2023-54074 net/mlx5e: Use correct encap attribute during invalidation

6.3AI score0.00024EPSS

Exploits0References6

Cvelist•added 2025/12/24 12:23 p.m.•24 views

CVE-2023-54074 net/mlx5e: Use correct encap attribute during invalidation

0.00024EPSS

Exploits0References3

CVE•added 2025/12/24 8:2 a.m.•10 views

CVE-2025-64641

Mattermost contains a vulnerability where post actions invoking /share-issue-publicly are not verified to be created by the Jira plugin, enabling a malicious user to exfiltrate Jira tickets when victims interact with affected posts. Affected versions include Mattermost 11.1.x (<=11.1.0), 11.0....

4.1CVSS6.4AI score0.00029EPSS

Exploits0References1Affected Software1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by