Lucene search
K

10 matches found

Positive Technologies
Positive Technologies
added 2026/06/12 12:0 a.m.17 views

PT-2026-48988

Name of the Vulnerable Software and Affected Versions Discourse versions 2026.1.0 through 2026.1.3 Discourse versions 2026.3.0 Discourse versions 2026.4.0 Description When the SiteSetting.tags listed by group setting is enabled, the DetailedTagSerializertag group names function returns all tag...

5.3CVSS5.2AI score0.00216EPSS
Exploits0References6
CNNVD
CNNVD
added 2026/06/02 12:0 a.m.10 views

Google Chrome 输入验证错误漏洞

Google Chrome is a web browser developed by Google Inc. Versions of Google Chrome prior to 149.0.7827.53 had a vulnerability related to input validation errors. This vulnerability stemmed from insufficient validation of untrusted inputs during the tag group synchronization process. It could allow...

6.1CVSS6AI score0.00182EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2024-36564

Malicious code in bioql PyPI...

7.5CVSS6.4AI score0.00598EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2025/05/22 9:35 p.m.8 views

CVE-2021-43792

Discourse is an open source discussion platform. In affected versions a vulnerability affects users of tag groups who use the "Tags are visible only to the following groups" feature. A tag group may only allow a certain group e.g. staff to view certain tags. Users who were tracking or watching th...

4.3CVSS6.7AI score0.0083EPSS
Exploits0
OSV
OSV
added 2024/08/01 11:18 a.m.16 views

BIT-DISCOURSE-2024-37299 Discourse vulnerable to DoS via Tag Group

Discourse is an open source discussion platform. Prior to 3.2.5 and 3.3.0.beta5, crafting requests to submit very long tag group names can reduce the availability of a Discourse instance. This vulnerability is fixed in 3.2.5 and 3.3.0.beta5...

7.5CVSS5.8AI score0.00598EPSS
Exploits0References4
Cvelist
Cvelist
added 2024/07/30 2:22 p.m.34 views

CVE-2024-37299 Discourse vulnerable to DoS via Tag Group

Discourse is an open source discussion platform. Prior to 3.2.5 and 3.3.0.beta5, crafting requests to submit very long tag group names can reduce the availability of a Discourse instance. This vulnerability is fixed in 3.2.5 and 3.3.0.beta5...

4.9CVSS0.00598EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2024/07/30 2:22 p.m.16 views

CVE-2024-37299 Discourse vulnerable to DoS via Tag Group

Discourse is an open source discussion platform. Prior to 3.2.5 and 3.3.0.beta5, crafting requests to submit very long tag group names can reduce the availability of a Discourse instance. This vulnerability is fixed in 3.2.5 and 3.3.0.beta5...

4.9CVSS6.6AI score0.00598EPSS
Exploits0References3
CVE
CVE
added 2024/07/30 2:22 p.m.57 views

CVE-2024-37299

Discourse (open source forum platform) is vulnerable to DoS via crafting very long tag group names. Affects versions prior to 3.2.5 and 3.3.0.beta5; the issue reduces availability of a Discourse instance. Remediation: upgrade to 3.2.5 or 3.3.0.beta5 (fixed in those releases). Public details in th...

7.5CVSS4.9AI score0.00598EPSS
Exploits0References3Affected Software1
CNNVD
CNNVD
added 2024/07/30 12:0 a.m.6 views

Discourse 安全漏洞

Discourse is an open source community discussion platform from Discourse Open Source. The platform includes community, email, and chat room features. A security vulnerability exists in Discourse that stems from the fact that writing requests that submit very long tag group names may reduce the...

7.5CVSS6.6AI score0.00598EPSS
Exploits0References4
OSV
OSV
added 2017/08/02 5:29 a.m.3 views

CVE-2017-12199

The Etoile Ultimate Product Catalog plugin 4.2.11 for WordPress has SQL injection with these wp-admin/admin-ajax.php POST actions: catalogueupdateorder list-item, videoupdateorder video-item, imageupdateorder list-item, taggroupupdateorder listitem, categoryproductsupdateorder...

9.8CVSS5.9AI score0.01828EPSS
Exploits1References1
Rows per page
Query Builder