Lucene search
K

8 matches found

NVD
NVD
added 2026/06/09 11:17 p.m.10 views

CVE-2026-9741

A bug in query analysis processing of the $vectorSearch aggregation stage for Queryable Encryption QE or Client-Side Field Level Encryption CSFLE results in literal values for encrypted fields within the $vectorSearch stage filter expressions to be sent to the server as plaintext instead of...

7.1CVSS0.00103EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/03/30 5:3 p.m.2 views

CVE-2025-66038 OpenSC: `sc_compacttlv_find_tag` can return out-of-bounds pointers

OpenSC is an open source smart card tools and middleware. Prior to version 0.27.0, sccompacttlvfindtag searches a compact-TLV buffer for a given tag. In compact-TLV, a single byte encodes the tag high nibble and value length low nibble. With a 1-byte buffer 0x0A, the encoded element claims tag=0...

3.9CVSS5.9AI score0.00282EPSS
Exploits1References3
OSV
OSV
added 2026/01/29 8:16 p.m.5 views

AZL-76457 CVE-2025-63651 affecting package fluent-bit 3.0.6-6

A use-after-free in the mkstringcharsearch function mkcore/mkstring.c of monkey commit f37e984 allows attackers to cause a Denial of Service DoS via sending a crafted HTTP request to the server...

7.5CVSS5.8AI score0.00904EPSS
Exploits1References1
OSV
OSV
added 2025/10/16 8:0 p.m.4 views

GHSA-WVPG-4WRH-5889 PrestaShop Checkout Target PayPal merchant account hijacking from backoffice

Impact Wrong usage of the PHP arraysearch allows bypass of validation. Patches The problem has been patched in versions: - v4.4.1 for PrestaShop 1.7 build number: 7.4.4.1 - v4.4.1 for PrestaShop 8 build number: 8.4.4.1 - v5.0.5 for PrestaShop 1.7 build number: 7.5.0.5 - v5.0.5 for PrestaShop 8...

3.8CVSS6.9AI score0.00246EPSS
Exploits0References3
OSV
OSV
added 2025/10/16 5:33 p.m.5 views

CVE-2025-61924 PrestaShop Checkout Target PayPal merchant account hijacking from backoffice

PrestaShop Checkout is the PrestaShop official payment module in partnership with PayPal. In versions prior to 4.4.1 and 5.0.5, the Target PayPal merchant account hijacking from backoffice due to wrong usage of the PHP arraysearch. The vulnerability is fixed in versions 4.4.1 and 5.0.5. No known...

3.8CVSS6.8AI score0.00246EPSS
Exploits0References3
OSV
OSV
added 2022/03/15 9:10 a.m.23 views

ALSA-2022:0889 Low: 389-ds:1.4 security and bug fix update

389 Directory Server is an LDAP version 3 LDAPv3 compliant server. The base packages include the Lightweight Directory Access Protocol LDAP server and command-line utilities for server administration. Security Fixes: 389-ds-base: double free of the virtual attribute context in persistent search...

7.5CVSS7.5AI score0.01983EPSS
Exploits0References1
Openbugbounty
Openbugbounty
added 2015/07/27 8:30 a.m.10 views

allrecipes.com XSS vulnerability

Vulnerable URL: http://allrecipes.com/search/default.aspx?qt=k="'"=r=Home"...

6.9AI score
Exploits0
Atlassian
Atlassian
added 2014/10/01 1:24 a.m.18 views

Confluence search returns results from Questions, eventhough CQ does not have anonymous "can-use" permissions

panel:bgColor=e7f4fa NOTE: This bug report is for Confluence Server. Using Confluence Cloud? See the corresponding bug report|http://jira.atlassian.com/browse/CONFCLOUD-47841. panel h4.Steps to Reproduce: Install CQ "1.0.618" or "1.0.618.001" Make sure that CQ does not have anonymous access Brows...

1.6AI score
Exploits0
Rows per page
Query Builder