2242 matches found
CVE-2020-1001
An elevation of privilege vulnerability exists in the way the Windows Push Notification Service handles objects in memory, aka 'Windows Push Notification Service Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-0940, CVE-2020-1006, CVE-2020-1017...
CVE-2020-0940
An elevation of privilege vulnerability exists in the way the Windows Push Notification Service handles objects in memory, aka 'Windows Push Notification Service Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-1001, CVE-2020-1006, CVE-2020-1017...
CVE-2020-1006
An elevation of privilege vulnerability exists in the way the Windows Push Notification Service handles objects in memory, aka 'Windows Push Notification Service Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-0940, CVE-2020-1001, CVE-2020-1017...
Malicious code in @dailyapy-rn/rn-push-provisioning (npm)
--- -= Per source details. Do not edit below this line.=-...
CVE-2019-10803
push-dir through 0.4.1 allows execution of arbritary commands. Arguments provided as part of the variable "opt.branch" is not validated before being provided to the "git" command within "index.jsL139". This could be abused by an attacker to inject arbitrary commands...
CVE-2019-15723
An issue was discovered in GitLab Community and Enterprise Edition 11.9.x and 11.10.x before 11.10.1. Merge requests created by email could be used to bypass push rules in certain situations...
Malicious code in safe-array-push (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 49e28af59c0738d11c301ca9b1483179a08a52085b83b24da5b9bc0c551ab5cc Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2025-4017 Malicious code in safe-array-push (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 49e28af59c0738d11c301ca9b1483179a08a52085b83b24da5b9bc0c551ab5cc Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
CVE-2025-48127
Missing Authorization vulnerability in App Cheap Push notification for Mobile and Web app push-notification-mobile-and-web-app allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Push notification for Mobile and Web app: from n/a through = 2.0.3...
CVE-2024-6159
The Push Notification for Post and BuddyPress WordPress plugin before 1.9.4 does not properly sanitise and escape a parameter before using it in a SQL statement via an AJAX action available to unauthenticated users, leading to a SQL injection...
CVE-2025-48127
Missing Authorization vulnerability in App Cheap Push notification for Mobile and Web app push-notification-mobile-and-web-app allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Push notification for Mobile and Web app: from n/a through = 2.0.3...
CVE-2025-48127
CVE-2025-48127 is a Missing Authorization vulnerability in the WordPress plugin Push notification for Mobile and Web app , caused by misconfigured access control. Affected versions are listed as “from n/a through 2.0.3” (no public product/version details provided). The CVSS vector (AV:N/AC:L/PR:N...
WordPress Push notification for Mobile and Web app plugin <= 2.0.3 - Broken Access Control vulnerability
Broken Access Control vulnerability discovered by ch4r0n in WordPress Plugin Push notification for Mobile and Web app versions = 2.0.3...
WordPress plugin Push notification for Mobile and Web app 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A security vulnerability exists in WordPres...
PT-2025-21727 · Unknown · App Cheap Push Notification
Name of the Vulnerable Software and Affected Versions: App Cheap Push notification for Mobile and Web app versions n/a through 2.0.3 Description: The issue is related to a Missing Authorization vulnerability, which allows the exploitation of incorrectly configured access control security levels...
CVE-2024-6159
The Push Notification for Post and BuddyPress WordPress plugin before 1.9.4 does not properly sanitise and escape a parameter before using it in a SQL statement via an AJAX action available to unauthenticated users, leading to a SQL injection...
CVE-2024-6159
The Push Notification for Post and BuddyPress WordPress plugin before 1.9.4 does not properly sanitise and escape a parameter before using it in a SQL statement via an AJAX action available to unauthenticated users, leading to a SQL injection...
CVE-2024-6159
The CVE-2024-6159 issue affects the WordPress plugin Push Notification for Post and BuddyPress, vulnerable in all versions prior to 1.9.4 (≤1.93). The root cause is insufficient escaping/sanitization of user-supplied parameters in an AJAX action accessible to unauthenticated users, enabling SQL i...
CVE-2024-6159 Push Notification for Post and BuddyPress <=1.93 - Multiple Unauthenticated SQLi
The Push Notification for Post and BuddyPress WordPress plugin before 1.9.4 does not properly sanitise and escape a parameter before using it in a SQL statement via an AJAX action available to unauthenticated users, leading to a SQL injection...
CVE-2024-6159 Push Notification for Post and BuddyPress <=1.93 - Multiple Unauthenticated SQLi
The Push Notification for Post and BuddyPress WordPress plugin before 1.9.4 does not properly sanitise and escape a parameter before using it in a SQL statement via an AJAX action available to unauthenticated users, leading to a SQL injection...