Lucene search
K

11 matches found

NVD
NVD
added 2026/06/15 9:17 p.m.6 views

CVE-2026-48873

Unauthenticated Broken Access Control in Montonio for WooCommerce = 10.1.2 versions...

7.5CVSS0.00238EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/04/15 10:21 a.m.6 views

CVE-2026-40744

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Beaver Builder Beaver Builder beaver-builder-lite-version allows Blind SQL Injection.This issue affects Beaver Builder: from n/a through = 2.10.1.2...

5.9AI score0.0022EPSS
Exploits0References2
EUVD
EUVD
added 2026/04/02 6:31 p.m.3 views

EUVD-2025-209190

Apache Traffic Server allows request smuggling if chunked messages are malformed. This issue affects Apache Traffic Server: from 9.0.0 through 9.2.12, from 10.0.0 through 10.1.1. Users are recommended to upgrade to version 9.2.13 or 10.1.2, which fix the issue...

7.5CVSS5.8AI score0.00428EPSS
Exploits0References2
OSV
OSV
added 2026/04/02 5:16 p.m.2 views

DEBIAN-CVE-2025-58136

A bug in POST request handling causes a crash under a certain condition. This issue affects Apache Traffic Server: from 10.0.0 through 10.1.1, from 9.0.0 through 9.2.12. Users are recommended to upgrade to version 10.1.2 or 9.2.13, which fix the issue. A workaround for older versions is to...

7.5CVSS7.6AI score0.00673EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/04/02 3:55 p.m.14 views

CVE-2025-65114 Apache Traffic Server: Malformed chunked message body allows request smuggling

Apache Traffic Server allows request smuggling if chunked messages are malformed. This issue affects Apache Traffic Server: from 9.0.0 through 9.2.12, from 10.0.0 through 10.1.1. Users are recommended to upgrade to version 9.2.13 or 10.1.2, which fix the issue...

0.00428EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/04/02 3:54 p.m.14 views

CVE-2025-58136 Apache Traffic Server: A simple legitimate POST request causes a crash

A bug in POST request handling causes a crash under a certain condition. This issue affects Apache Traffic Server: from 10.0.0 through 10.1.1, from 9.0.0 through 9.2.12. Users are recommended to upgrade to version 10.1.2 or 9.2.13, which fix the issue. A workaround for older versions is to...

0.00673EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2025/03/11 6:15 p.m.2 views

CVE-2025-24451

Substance3D - Painter versions 10.1.2 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...

7.8CVSS6.3AI score0.00236EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2025/03/11 6:15 p.m.1 views

CVE-2025-24450

Substance3D - Painter versions 10.1.2 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...

7.8CVSS6.3AI score0.00236EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2023/11/17 6:15 a.m.3 views

CVE-2023-38316

An issue was discovered in OpenNDS Captive Portal before version 10.1.2. When the custom unescape callback is enabled, attackers can execute arbitrary OS commands by inserting them into the URL portion of HTTP GET requests. Affected OpenNDS Captive Portal before version 10.1.2 fixed in OpenWrt...

9.8CVSS7.7AI score0.01083EPSS
Exploits0References4
OSV
OSV
added 2023/11/17 6:15 a.m.1 views

UBUNTU-CVE-2023-38315

An issue was discovered in OpenNDS Captive Portal before version 10.1.2. It has a trytoauthenticate NULL pointer dereference that can be triggered with a crafted GET HTTP with a missing client token query string parameter. Triggering this issue results in crashing OpenNDS a Denial-of-Service...

7.5CVSS7.1AI score0.00964EPSS
Exploits0References4
OSV
OSV
added 2023/11/17 6:15 a.m.2 views

UBUNTU-CVE-2023-38313

An issue was discovered in OpenNDS Captive Portal before 10.1.2. it has a dobinauth NULL pointer dereference that can be triggered with a crafted GET HTTP request with a missing client redirect query string parameter. Triggering this issue results in crashing openNDS a Denial-of-Service condition...

7.5CVSS7.1AI score0.00956EPSS
Exploits0References4
Rows per page
Query Builder