Lucene search
K

9 matches found

Positive Technologies
Positive Technologies
added 2026/06/03 12:0 a.m.14 views

PT-2026-46068

Name of the Vulnerable Software and Affected Versions Active IQ Config Advisor version 6.7.3 Description Hard-coded credentials exist within the software, which could allow an authenticated attacker with low privileges to perform unauthorized AutoSupport operations. Recommendations At the moment,...

8.8CVSS5.8AI score0.00237EPSS
Exploits0References6
EUVD
EUVD
added 2026/05/13 8:46 p.m.10 views

EUVD-2026-30175

CubeCart is an ecommerce software solution. Prior to 6.7.3, an admin with documents edit permission can save raw into the Invoice Editor. The next time any admin clicks Print on any order, the rendered template is written to files/print..php. files/.htaccess ships an explicit allow from all...

7.2CVSS5.8AI score0.00306EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/05/13 12:0 a.m.8 views

PT-2026-40814

Name of the Vulnerable Software and Affected Versions CubeCart versions prior to 6.7.3 Description An administrator with documents edit permission can save raw PHP code into the Invoice Editor. When any administrator clicks Print on an order, the rendered template is written to files/print..php...

7.2CVSS5.8AI score0.00306EPSS
Exploits0References4
Snyk
Snyk
added 2026/04/04 4:22 a.m.4 views

Interpretation Conflict

Overview parse-server is a version of the Parse backend that can be deployed to any infrastructure that can run Node.js. Affected versions of this package are vulnerable to Interpretation Conflict via the file upload process. An attacker can cause files to be served with an unintended Content-Typ...

5.4CVSS5.9AI score0.00162EPSS
Exploits0References2
UbuntuCve
UbuntuCve
added 2026/02/26 12:0 a.m.13 views

CVE-2026-27888

pypdf is a free and open-source pure-python PDF library. Prior to 6.7.3, an attacker who uses this vulnerability can craft a PDF which leads to the RAM being exhausted. This requires accessing the xfa property of a reader or writer and the corresponding stream being compressed using /FlateDecode...

8.7CVSS5.7AI score0.00348EPSS
Exploits1References5
CVE
CVE
added 2025/12/18 7:22 a.m.14 views

CVE-2025-64223

CVE-2025-64223 affects the WordPress PenNews plugin/theme and is a PHP Local File Inclusion vulnerability caused by improper control of the filename for include/require. The issue affects PenNews versions older than 6.7.3. Metrics indicate a high-severity impact (CVSS 3.1: base score 8.1) with ne...

8.1CVSS6.7AI score0.00415EPSS
Exploits0References1
OSV
OSV
added 2025/12/09 4:17 p.m.2 views

DEBIAN-CVE-2022-50673

In the Linux kernel, the following vulnerability has been resolved: ext4: fix use-after-free in ext4orphancleanup I caught a issue as follows: ================================================================== BUG: KASAN: use-after-free in listaddvalid+0x28/0x1a0 Read of size 8 at addr...

5.5AI score0.00211EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2024/06/25 12:0 a.m.5 views

PT-2024-28743

Name of the Vulnerable Software and Affected Versions Qt versions prior to 5.15.18 Qt versions 6.x prior to 6.2.13 Qt versions 6.3.x through 6.5.x prior to 6.5.7 Qt versions 6.6.x through 6.7.x prior to 6.7.3 Description An issue was discovered in HTTP2 in Qt where code to make security-relevant...

9.8CVSS7.5AI score0.01324EPSS
Exploits1References147
OSV
OSV
added 2020/04/29 4:15 p.m.1 views

UBUNTU-CVE-2020-12458

An information-disclosure flaw was found in Grafana through 6.7.3. The database directory /var/lib/grafana and database file /var/lib/grafana/grafana.db are world readable. This can result in exposure of sensitive information e.g., cleartext or encrypted datasource passwords...

5.5CVSS6.8AI score0.00465EPSS
Exploits1References4
Rows per page
Query Builder