Lucene search
K

14 matches found

SUSE CVE
SUSE CVE
added 2026/04/16 11:28 p.m.6 views

SUSE CVE-2026-33214

Weblate is a web based localization tool. In versions prior to 5.17, the translation memory API exposed unintended endpoints, which in turn didn't enforce proper access control. This issue has been fixed in version 5.17. If users are unable to update immediately, they can work around this issue b...

4.3CVSS5.7AI score0.00236EPSS
Exploits0References3
CVE
CVE
added 2026/03/18 7:53 p.m.11 views

CVE-2026-31970

Summary: HTSlib’s GZI index loading path (bgzf_index_load_hfile) may overflow a heap buffer due to an integer overflow, causing a heap buffer overflow. This can crash the application, corrupt data, or potentially allow arbitrary code execution when a crafted GZI file is opened. Affected component...

8.1CVSS6.4AI score0.00451EPSS
Exploits0References3Affected Software1
RedhatCVE
RedhatCVE
added 2026/01/29 9:21 p.m.7 views

CVE-2026-21865

Discourse is an open source discussion platform. In versions prior to 3.5.4, 2025.11.2, 2025.12.1, and 2026.1.0, moderators can convert some personal messages to public topics when they shouldn't have access. This issue is patched in versions 3.5.4, 2025.11.2, 2025.12.1, and 2026.1.0. As a...

6.5CVSS5.7AI score0.00222EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/08/26 4:6 p.m.51 views

CVE-2025-57813 Insertion of Sensitive Information into Log File in github.com/traPtitech/traQ

traQ is a messenger application built for Digital Creators Club traP. Prior to version 3.25.0, a vulnerability exists where sensitive information, such as OAuth tokens, are recorded in log files when an error occurs during the execution of an SQL query. An attacker could intentionally trigger an...

5.9CVSS0.00388EPSS
Exploits0References3
NVD
NVD
added 2025/05/30 6:15 a.m.18 views

CVE-2025-48881

Valtimo is a platform for Business Process Automation. In versions starting from 11.0.0.RELEASE to 11.3.3.RELEASE and 12.0.0.RELEASE to 12.12.0.RELEASE, all objects for which an object-management configuration exists can be listed, viewed, edited, created or deleted by unauthorised users. If...

8.3CVSS0.00291EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2025/01/22 12:0 a.m.5 views

PT-2025-5189 · Unknown · Menus Plus+

Name of the Vulnerable Software and Affected Versions: Menus Plus+ versions 1.9.6 and earlier Description: The issue is related to improper neutralization of special elements used in an SQL command, which allows SQL Injection. This means that an attacker could potentially inject malicious SQL cod...

8.5CVSS9.6AI score0.00454EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2024/12/03 12:0 a.m.4 views

PT-2024-9578 · Ruijie · Ruijie Reyee Os

Name of the Vulnerable Software and Affected Versions: Ruijie Reyee OS versions 2.206.x through 2.319.x Description: The issue is related to a weak credential mechanism used in the Ruijie Reyee OS, which could allow an attacker to easily calculate MQTT credentials. This could potentially permit a...

8.7CVSS7AI score0.00474EPSS
Exploits0References8
Positive Technologies
Positive Technologies
added 2024/05/16 12:0 a.m.5 views

PT-2024-33408 · Sourcecodester · Sourcecodester Simple Online Bidding System

Name of the Vulnerable Software and Affected Versions: SourceCodester Simple Online Bidding System version 1.0 Description: A critical issue has been found in the system, affecting an unknown functionality of the file /simple-online-bidding-system/admin/ajax.php?action=save product. This issue...

9.8CVSS7.5AI score0.00787EPSS
Exploits1References9
Positive Technologies
Positive Technologies
added 2024/04/10 12:0 a.m.6 views

PT-2024-24000 · Solwin Infotech · Solwin Infotech User Activity Log

Name of the Vulnerable Software and Affected Versions: Solwin Infotech User Activity Log versions 1.8 and earlier Description: The issue is related to an SQL Injection vulnerability due to improper neutralization of special elements used in an SQL command. This allows for potential exploitation b...

7.6CVSS9.9AI score0.00515EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2023/01/11 12:0 a.m.5 views

PT-2023-10581 · Insteon · Insteon Hub

Name of the Vulnerable Software and Affected Versions: Insteon Hub version 1012 Description: Multiple exploitable buffer overflow vulnerabilities exist in the PubNub message handler for the "cc" channel of Insteon Hub. Specially crafted commands sent through the PubNub service can cause a...

9.9CVSS8.9AI score0.00673EPSS
Exploits0References4
OSV
OSV
added 2022/05/24 7:19 p.m.1 views

GHSA-929W-Q433-4H9X Multiple vulnerabilities allow bypassing path filtering of agent-to-controller access control in Jenkins

The agent-to-controller security subsystem limits which files on the Jenkins controller can be accessed by agent processes. Multiple vulnerabilities in the file path filtering implementation of Jenkins 2.318 and earlier, LTS 2.303.2 and earlier allow agent processes to read and write arbitrary...

9CVSS7.2AI score0.01505EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2021/04/08 12:0 a.m.5 views

PT-2021-4584 · Exiv2 +8 · Exiv2 +8

Name of the Vulnerable Software and Affected Versions: Exiv2 version 0.27.3 Description: The issue is related to an integer overflow in the CrwMap::encode0x1810 function of Exiv2, which can be exploited by attackers to trigger a heap-based buffer overflow, causing a denial of service DOS via...

7.8CVSS6.2AI score0.04296EPSS
Exploits11References174
Positive Technologies
Positive Technologies
added 2009/10/16 12:0 a.m.5 views

PT-2009-5970 · Httpdx · Httpdx

Name of the Vulnerable Software and Affected Versions: httpdx versions 1.4 through 1.4.3 Description: The issue is a stack-based buffer overflow in the h handlepeer function, located in http.cpp. This can be triggered by remote attackers sending a long HTTP GET request, potentially causing a deni...

10CVSS7.2AI score0.63909EPSS
Exploits3References12
Packet Storm
Packet Storm
added 2007/05/08 12:0 a.m.1576 views

ag-traverse.txt

netVigilance Security Advisory 13 Advanced Guestbook version 2.4.2 Directory Traversal Vulnerability Description: Advanced Guestbook is a PHP-based guestbook script. It includes many useful features such as preview, templates, e-mail notification, picture upload, page spanning , html tags handlin...

5.1CVSS6.7AI score0.07506EPSS
Exploits2
Rows per page
Query Builder