Lucene search
K

39 matches found

EUVD
EUVD
added 2026/06/19 7:35 p.m.14 views

EUVD-2026-36542

parse-server: Relation $relatedTo query bypasses protectedFields and owning-object ACL...

6.9CVSS5.8AI score0.00276EPSS
Exploits0References4
CVE
CVE
added 2026/06/12 6:37 p.m.32 views

CVE-2026-53726

Parse Server contains a vulnerability in the relation query operator $relatedTo. Before versions 8.6.80 and 9.9.1-alpha.6, an unauthenticated client with public API credentials could read membership of a Relation field protected by protectedFields or object ACLs, potentially enumerating objects l...

6.9CVSS5.3AI score0.00276EPSS
Exploits0References3
CVE
CVE
added 2026/04/13 4:57 a.m.8 views

CVE-2026-21003

CVE-2026-21003 describes improper input validation of data related to network restrictions before SMR Apr-2026 Release 1, enabling physical attackers to bypass those restrictions. The impact in the provided metrics shows no confidentiality impact, high integrity and availability impact, with phys...

6.8CVSS5.8AI score0.00162EPSS
Exploits0References1Affected Software1
OSV
OSV
added 2026/03/13 7:57 a.m.3 views

MINI-858M-99WX-9MRX

Bulletin has no description...

5.9CVSS5.7AI score0.0035EPSS
Exploits0
OSV
OSV
added 2026/03/01 2:23 a.m.3 views

MINI-G4CP-8885-94CP

Bulletin has no description...

7CVSS5.8AI score0.00157EPSS
Exploits0
OSV
OSV
added 2026/01/22 10:16 a.m.4 views

CVE-2025-4763

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Aida Computer Information Technology Inc. Hotel Guest Hotspot allows Reflected XSS.This issue affects Hotel Guest Hotspot: through 22012026. NOTE: The vendor was contacted early about this...

6.1CVSS5.8AI score0.00208EPSS
Exploits0References1
OSV
OSV
added 2026/01/13 2:40 p.m.1 views

MINI-58CF-QRX4-9V85

Bulletin has no description...

3.1CVSS6.9AI score0.00521EPSS
Exploits0
OSV
OSV
added 2025/11/05 5:6 p.m.2 views

CGA-QFF9-CVQP-78P6

Bulletin has no description...

5.3CVSS7AI score0.00443EPSS
Exploits0
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2007-2732

Malware in sbrugna...

6.8CVSS6.3AI score0.01034EPSS
Exploits0References6
Vulnrichment
Vulnrichment
added 2024/12/09 11:32 a.m.10 views

CVE-2024-54224 WordPress ElementsReady Addons for Elementor plugin <= 6.4.7 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in QuomodoSoft ElementsReady Addons for Elementor allows DOM-Based XSS.This issue affects ElementsReady Addons for Elementor: from n/a through 6.4.7...

6.5CVSS7AI score0.00316EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2023/06/06 12:0 a.m.14 views

CVE-2023-27126

The AES Key-IV pair used by the TP-Link TAPO C200 camera V3 EU on firmware version 1.1.22 Build 220725 is reused across all cameras. An attacker with physical access to a camera is able to extract and decrypt sensitive data containing the Wifi password and the TP-LINK account credential of the...

6.8AI score0.0035EPSS
Exploits1References3
SUSE CVE
SUSE CVE
added 2023/02/15 6:1 a.m.5 views

SUSE CVE-2009-4538

drivers/net/e1000e/netdev.c in the e1000e driver in the Linux kernel 2.6.32.3 and earlier does not properly check the size of an Ethernet frame that exceeds the MTU, which allows remote attackers to have an unspecified impact via crafted packets, a related issue to CVE-2009-4537...

10CVSS6.8AI score0.0838EPSS
Exploits1References9
SUSE CVE
SUSE CVE
added 2023/02/15 4:43 a.m.3 views

SUSE CVE-2017-11146

DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not an independently fixable security issue relative to CVE-2017-11145. Notes: none...

8.5AI score
Exploits0References8
Openbugbounty
Openbugbounty
added 2022/08/15 12:6 p.m.18 views

aterteramo.it Cross Site Scripting vulnerability OBB-2848491

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

6.2AI score
Exploits0
Openbugbounty
Openbugbounty
added 2022/06/28 9:7 a.m.15 views

joybike.de Cross Site Scripting vulnerability OBB-2690644

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

Exploits0
ATTACKERKB
ATTACKERKB
added 2022/04/21 11:15 p.m.4 views

CVE-2022-28366

Certain Neko-related HTML parsers allow a denial of service via crafted Processing Instruction PI input that causes excessive heap memory consumption. In particular, this issue exists in HtmlUnit-Neko through 2.26, and is fixed in 2.27. This issue also exists in CyberNeko HTML through 1.9.22 also...

7.5CVSS7.1AI score0.02114EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2022/01/24 12:0 a.m.46 views

RHEL 7 : java-11-openjdk (RHSA-2022:0204)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2022:0204 advisory. The java-11-openjdk packages provide the OpenJDK 11 Java Runtime Environment and the OpenJDK 11 Java Software Development Kit. Security Fixe...

5.3CVSS6.5AI score0.08346EPSS
Exploits0References34
Openbugbounty
Openbugbounty
added 2021/11/05 8:50 p.m.11 views

americadourada.ba.gov.br Cross Site Scripting vulnerability OBB-2239270

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

6.1AI score
Exploits0
VulnCheck KEV
VulnCheck KEV
added 2020/11/02 12:0 a.m.5 views

VulnCheck KEV: CVE-2020-14882

Oracle WebLogic Server contains an unspecified vulnerability, which is assessed to allow for remote code execution, based on this vulnerability being related to CVE-2020-14750...

10CVSS7.7AI score0.99997EPSS
Exploits43References1
Openbugbounty
Openbugbounty
added 2020/08/08 1:30 a.m.11 views

shivanandavidyalaya.org Cross Site Scripting vulnerability OBB-1253609

Following coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: &nbsp&nbsp&nbsp&nbsp&nbsp&nbspa. verified the vulnerability and confirmed its existence; &nbsp&nbsp&nbsp&nbsp&nbsp&nbspb. notified the website operator about its existence...

Exploits0
Rows per page
Query Builder