CVE Search Engine - Security Vulnerabilities and Exploits Search Tool | Vulners.com

🔥 Daily Hot!

💪🏽 CPE Enhanced Advisories

🕶 Shadow Exploits

🕵🏼 Vulners CPE

🔐 Security news

💻 Exploit updates

📑 Blogs review

🐧 Linux vulnerabilities

🤖 AI High Score

show all

8 matches found

Github Security Blog•added 2026/04/09 8:28 p.m.•5 views

Gramps Web API: Private Sub-Object Data in Non-Private Objects Exposed to Guest Users

Summary Users with the Guest role could receive private sub-object data e.g. private alternate names, private addresses, private note/citation/media handles through list API endpoints such as GET /api/people/, GET /api/places/, GET /api/events/, and all other object list endpoints. This does not...

Exploits0References3Affected Software1

Snyk•added 2026/04/09 8:28 p.m.•2 views

Information Exposure

Overview gramps-webapi is an A RESTful web API for the Gramps genealogical database. Affected versions of this package are vulnerable to Information Exposure in the iter process. An attacker can access private sub-object data attached to otherwise-public objects by querying list API endpoints as ...

6.9CVSS5.8AI score

Exploits0References2

EUVD•added 2025/10/07 12:30 a.m.•1 views

EUVD-2011-0027

Malware in sbrugna...

9.3CVSS6.4AI score0.01098EPSS

Exploits8References9

NVD•added 2011/10/10 10:55 a.m.•20 views

CVE-2011-4030

The CMFEditions component 2.x in Plone 4.0.x through 4.0.9, 4.1, and 4.2 through 4.2a2 does not prevent the KwAsAttributes classes from being publishable, which allows remote attackers to access sub-objects via unspecified vectors, a different vulnerability than CVE-2011-3587...

9.3CVSS6.4AI score0.01098EPSS

Exploits8References5

OSV•added 2011/10/10 10:55 a.m.•6 views

PYSEC-2011-27

The CMFEditions component 2.x in Plone 4.0.x through 4.0.9, 4.1, and 4.2 through 4.2a2 does not prevent the KwAsAttributes classes from being publishable, which allows remote attackers to access sub-objects via unspecified vectors, a different vulnerability than CVE-2011-3587...

Exploits0References5

Prion•added 2011/10/10 10:55 a.m.•25 views

Design/Logic Flaw

The CMFEditions component 2.x in Plone 4.0.x through 4.0.9, 4.1, and 4.2 through 4.2a2 does not prevent the KwAsAttributes classes from being publishable, which allows remote attackers to access sub-objects via unspecified vectors, a different vulnerability than CVE-2011-3587...

9.3CVSS6.8AI score0.90462EPSS

Exploits15References5Affected Software2

PyPA•added 2011/10/10 10:55 a.m.•5 views

PYSEC-2011-27

The CMFEditions component 2.x in Plone 4.0.x through 4.0.9, 4.1, and 4.2 through 4.2a2 does not prevent the KwAsAttributes classes from being publishable, which allows remote attackers to access sub-objects via unspecified vectors, a different vulnerability than CVE-2011-3587...

9.3CVSS7.1AI score0.90462EPSS

Exploits15References5Affected Software1

Cvelist•added 2011/10/10 10:0 a.m.•24 views

CVE-2011-4030

The CMFEditions component 2.x in Plone 4.0.x through 4.0.9, 4.1, and 4.2 through 4.2a2 does not prevent the KwAsAttributes classes from being publishable, which allows remote attackers to access sub-objects via unspecified vectors, a different vulnerability than CVE-2011-3587...

6.4AI score0.01098EPSS

Exploits8References5

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by