9 matches found
CVE-2026-4683
The Smartcat Translator for WPML plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'routeData' REST endpoint in all versions up to, and including, 3.1.77. This makes it possible for unauthenticated attackers to overwrite the plugin's...
CVE-2026-4683 Smartcat Translator for WPML <= 3.1.77 - Missing Authorization to Unauthenticated Plugin Settings Update
The Smartcat Translator for WPML plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'routeData' REST endpoint in all versions up to, and including, 3.1.77. This makes it possible for unauthenticated attackers to overwrite the plugin's...
EUVD-2024-15855
Malicious code in bioql PyPI...
CVE-2024-0052
In multiple functions of healthconnect, there is a possible leakage of exercise route data due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation...
CVE-2024-0052
In multiple functions of healthconnect, there is a possible leakage of exercise route data due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation...
frr: crash from specially crafted MP_UNREACH_NLRI-containing BGP UPDATE message
A flaw was found in frr. A crash can occur when processing a crafted BGP UPDATE message with a MPUNREACHNLRI attribute and additional NLRI data that lacks mandatory path attributes...
PT-2022-5533 · D Link · D-Link Dir-1935
Name of the Vulnerable Software and Affected Versions: D-Link DIR-1935 version 1.03 Description: The issue is related to the handling of SetStaticRouteIPv4Settings requests in the web management portal, specifically when parsing subelements within the StaticRouteIPv4Data element. The process does...
UBUNTU-CVE-2021-3761
Any CA issuer in the RPKI can trick OctoRPKI prior to 1.3.0 into emitting an invalid VRP "MaxLength" value, causing RTR sessions to terminate. An attacker can use this to disable RPKI Origin Validation in a victim network for example AS 13335 - Cloudflare prior to launching a BGP hijack which...
Washington State Marijuana Tracking System Hacked to Steal Route Data
By Waqas Problems for Washington Marijuana Industry Twofold After New Marijuana-Tracking Software This is a post from HackRead.com Read the original post: Washington State Marijuana Tracking System Hacked to Steal Route Data...