23 matches found
CVE-2026-28553
Vulnerability of improper permission control in the theme setting module. Impact: Successful exploitation of this vulnerability may affect service confidentiality...
Insecure Default Initialization of Resource
Overview Affected versions of this package are vulnerable to Insecure Default Initialization of Resource due to insecure default SSH server configuration, which advertises weak or deprecated key exchange, MAC, and host key algorithms. An attacker can compromise the confidentiality and integrity o...
EUVD-2026-21791
Vulnerability of improper permission control in the theme setting module. Impact: Successful exploitation of this vulnerability may affect service confidentiality...
CVE-2026-28553
Vulnerability of improper permission control in the theme setting module. Impact: Successful exploitation of this vulnerability may affect service confidentiality...
CVE-2026-28553
Vulnerability of improper permission control in the theme setting module. Impact: Successful exploitation of this vulnerability may affect service confidentiality...
CVE-2026-28553
Vulnerability of improper permission control in the theme setting module. Impact: Successful exploitation of this vulnerability may affect service confidentiality...
CVE-2026-28553
CVE-2026-28553 describes an improper permission control in the theme setting module. The vulnerability is reported as affecting confidentiality with a CVSS v3.1 base score of 6.9 (MEDIUM). Exploitation requires local access and user interaction, with high attack complexity and no privileges requi...
CVE-2022-31757
The setting module has a vulnerability of improper use of APIs. Successful exploitation of this vulnerability may affect data confidentiality...
EUVD-2025-17089
Malicious code in bioql PyPI...
CVE-2025-48902
Vulnerability of uncontrolled system resource applications in the setting module Impact: Successful exploitation of this vulnerability may affect availability...
CVE-2025-48902
Vulnerability of uncontrolled system resource applications in the setting module Impact: Successful exploitation of this vulnerability may affect availability...
CVE-2025-48902
CVE-2025-48902 affects Huawei HarmonyOS/EMUI and is described as a vulnerability in the setting module leading to potential availability impact. Public documentation in connected sources provides CVSS metrics (AV:L, AC:H, PR:L, UI:R, S:C, C:L/I:L/A:H) and notes exploitation is not detailed in the...
CVE-2025-48902
Vulnerability of uncontrolled system resource applications in the setting module Impact: Successful exploitation of this vulnerability may affect availability...
CVE-2025-48902
Vulnerability of uncontrolled system resource applications in the setting module Impact: Successful exploitation of this vulnerability may affect availability...
Cross site scripting on setting module
Description pimcore is vulnerable to XSS in translate module. Proof of Concept Step to Reproduce. 1. Go to https://11.x-dev.pimcore.fun/admin/ and login. 2. In the left menu bar, go to Settings - Document Types and click on Add button to add a new record. 3. Now click on translate. Add XSS payloa...
CVE-2021-46741
The basic framework and setting module have defects, which were introduced during the design. Successful exploitation of this vulnerability may affect system integrity...
CVE-2021-46741
The basic framework and setting module have defects, which were introduced during the design. Successful exploitation of this vulnerability may affect system integrity...
CVE-2021-46741
The basic framework and setting module have defects, which were introduced during the design. Successful exploitation of this vulnerability may affect system integrity...
PT-2022-12912 · Huawei · Emui +2
Name of the Vulnerable Software and Affected Versions: No specific software or versions mentioned. Description: The issue is related to defects in the basic framework and setting module, which were introduced during the design phase. Successful exploitation of this issue may impact system...
CVE-2022-31757
The setting module has a vulnerability of improper use of APIs. Successful exploitation of this vulnerability may affect data confidentiality...