Lucene search
K

649 matches found

EUVD
EUVD
added 2026/05/19 10:28 p.m.12 views

EUVD-2026-31001

Joplin is an open source note-taking and to-do application that organises notes and lists into notebooks. Versions 3.5.2 and prior contain a logic error in the delta API that allows share recipients to download notes that are no longer shared with them, related to but not fully fixed by the prior...

5.7CVSS5.8AI score0.00267EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/05/14 3:27 a.m.65 views

CVE-2026-7648 LearnPress – WordPress LMS Plugin for Create and Sell Online Courses <= 4.3.5 - Authenticated (Subscriber+) Payment Bypass to Free Course Enrollment via 'quantity' Parameter

The LearnPress – WordPress LMS Plugin for Create and Sell Online Courses plugin for WordPress is vulnerable to payment bypass through user-controlled key in all versions up to, and including, 4.3.5. This is due to improper handling of user-supplied request parameters in the REST API endpoint, whi...

4.3CVSS0.00423EPSS
Exploits0References8
Positive Technologies
Positive Technologies
added 2026/05/14 12:0 a.m.17 views

PT-2026-40851

The LearnPress – WordPress LMS Plugin for Create and Sell Online Courses plugin for WordPress is vulnerable to payment bypass through user-controlled key in all versions up to, and including, 4.3.5. This is due to improper handling of user-supplied request parameters in the REST API endpoint, whi...

4.3CVSS5.8AI score0.00423EPSS
Exploits0References9
Microsoft Security Update
Microsoft Security Update
added 2026/05/12 5:0 p.m.20 views

2026-05 Cumulative Update for .NET Framework 3.5 and 4.8.1 for Microsoft server operating system, version 23H2 for x64 (KB5087052)

2026-05 Cumulative Update for .NET Framework 3.5 and 4.8.1 for Microsoft server operating system, version 23H2 for x64 KB5087052...

5.8AI score
Exploits0
Microsoft KB
Microsoft KB
added 2026/05/12 2:0 p.m.41 views

May 12, 2026-KB5087066 Cumulative Update for .NET Framework 3.5 and 4.8 for Windows 10, version 1809 and Windows Server 2019

May 12, 2026-KB5087066 Cumulative Update for .NET Framework 3.5 and 4.8 for Windows 10, version 1809 and Windows Server 2019 Release Date: May 12, 2026 Version: .NET Framework 3.5 and 4.8 The May 12, 2026 update for Windows 10, version 1809 and Windows Server 2019 includes security and cumulative...

7.3CVSS5.9AI score0.00662EPSS
Exploits0
Microsoft KB
Microsoft KB
added 2026/05/12 12:0 a.m.19 views

May 12, 2026-Security and Quality Rollup for .NET Framework 3.5, 4.6.2, 4.7, 4.7.1, 4.7.2, 4.8 for Windows Server 2012 (KB5088860)

May 12, 2026-Security and Quality Rollup for .NET Framework 3.5, 4.6.2, 4.7, 4.7.1, 4.7.2, 4.8 for Windows Server 2012 KB5088860 Applies to: Microsoft .NET Framework 3.5 Microsoft .NET Framework 4.6.2 Microsoft .NET Framework 4.7 Microsoft .NET Framework 4.7.1 Microsoft .NET Framework 4.7.2...

7.3CVSS5.9AI score0.00662EPSS
Exploits0
Microsoft KB
Microsoft KB
added 2026/05/12 12:0 a.m.41 views

May 12, 2026-KB5087077 Cumulative Update for .NET Framework 3.5 for Windows 11, version 26H1 (build 28000) and later

May 12, 2026-KB5087077 Cumulative Update for .NET Framework 3.5 for Windows 11, version 26H1 build 28000 and later Release Date: May 12, 2026 Version: .NET Framework 3.5 The May 12, 2026 update installs the complete .NET Framework 3.5 product for Windows 11, version 26H1 build version 28000 and...

7.3CVSS5.8AI score0.00662EPSS
Exploits0
Microsoft KB
Microsoft KB
added 2026/05/12 12:0 a.m.23 views

May 12, 2026-KB5088859 Cumulative Update for .NET Framework 3.5, 4.8 and 4.8.1 for Windows 10 Version 21H2

May 12, 2026-KB5088859 Cumulative Update for .NET Framework 3.5, 4.8 and 4.8.1 for Windows 10 Version 21H2 Release Date: May 12, 2026 Version: .NET Framework 3.5, 4.8 and 4.8.1 Summary This article describes the security and cumulative update for 3.5, 4.8 and 4.8.1 for Windows 10 Version 21H2...

7.3CVSS5.8AI score0.00662EPSS
Exploits0
Positive Technologies
Positive Technologies
added 2026/05/06 12:0 a.m.12 views

PT-2026-37961

Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Serialization. Supported versions that are affected are Oracle Java SE: 8u351, 8u351-perf; Oracle GraalVM Enterprise Edition: 20.3.8 and 21.3.4. Easily exploitable vulnerability allows...

5.3CVSS6.5AI score0.01058EPSS
Exploits0References6
EUVD
EUVD
added 2026/05/05 7:34 p.m.19 views

EUVD-2026-27091

Prometheus: Remote read endpoint allows denial of service via crafted snappy payload...

7.5CVSS5.8AI score0.00761EPSS
Exploits0References6
ATTACKERKB
ATTACKERKB
added 2026/05/04 8:11 p.m.5 views

CVE-2026-42222

Nginx UI is a web user interface for the Nginx web server. In version 2.3.5, an unauthenticated bootstrap takeover exists in nginx-ui during the initial installation window exposed by POST /api/install. At time of publication no public patches are available...

8.1CVSS5.8AI score0.00339EPSS
Exploits1References2
ATTACKERKB
ATTACKERKB
added 2026/05/04 6:13 p.m.8 views

CVE-2026-42154

Prometheus is an open-source monitoring system and time series database. Prior to versions 3.5.3 and 3.11.3, the remote read endpoint /api/v1/read does not validate the declared decoded length in a snappy-compressed request body before allocating memory. An unauthenticated attacker can send a sma...

7.5CVSS5.8AI score0.00761EPSS
Exploits0References6Affected Software1
CVE
CVE
added 2026/04/27 12:0 a.m.15 views

CVE-2026-38934

CVE-2026-38934 affects diskoverdata diskover-community v2.3.5 and earlier. The issue is a Cross-Site Request Forgery vulnerability in public/settings_process.php that permits a remote attacker to escalate privileges and access sensitive information. The CVE details provide a high-severity impact ...

8.8CVSS5.3AI score0.00226EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/04/27 12:0 a.m.11 views

CVE-2026-38935

A reflected cross-site scripting XSS vulnerability exists in diskover-community = 2.3.5 in public/view.php via the doctype parameter...

6.1CVSS4.8AI score0.00194EPSS
Exploits0References4
Cvelist
Cvelist
added 2026/04/27 12:0 a.m.31 views

CVE-2026-38934

Cross Site Request Forgery vulnerability in diskoverdata diskover-community v.2.3.5. and before allows a remote attacker to escalate privileges and obtain sensitive information via the public/settingsprocess.php...

0.00226EPSS
Exploits0References1
EUVD
EUVD
added 2026/04/24 6:49 p.m.6 views

EUVD-2026-25612

4ga Boards is a boards system for realtime project management. Prior to 3.3.5, 4ga Boards is vulnerable to user enumeration via a timing side-channel in the login endpoint POST /api/access-tokens. When an invalid username/email is provided, the server responds immediately 17ms average. When a val...

5.3CVSS5.3AI score0.00197EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/04/24 12:0 a.m.6 views

PT-2026-35063

Name of the Vulnerable Software and Affected Versions 4ga Boards versions prior to 3.3.5 Description 4ga Boards is a boards system for realtime project management. The software allows user enumeration through a timing side-channel in the login endpoint '/api/access-tokens'. The server responds...

5.3CVSS5.2AI score0.00197EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2026/04/23 4:0 a.m.4 views

CVE-2026-41988

uuid before 14.0.0 can make unexpected writes when external output buffers are used, and the UUID version is 3, 5, or 6. In particular, UUID version 4, which is very commonly used, is unaffected by this issue...

3.2CVSS5.7AI score0.00138EPSS
Exploits0References2
Microsoft Security Update
Microsoft Security Update
added 2026/04/14 5:0 p.m.20 views

2026-04 .NET Framework 3.5 Security Update (KB5084165)

2026-04 Cumulative Update for .NET Framework 3.5 for Windows 11, version 26H1 for arm64...

5.8AI score
Exploits0
Microsoft Security Update
Microsoft Security Update
added 2026/04/14 5:0 p.m.8 views

2026-04 Cumulative Update for .NET Framework 3.5, 4.8 and 4.8.1 for Windows 10 Version 21H2 (KB5084067)

2026-04 Cumulative Update for .NET Framework 3.5, 4.8 and 4.8.1 for Windows 10 Version 21H2 KB5084067...

5.8AI score
Exploits0
Rows per page
Query Builder