15 matches found
WordPress OPEN-BRAIN plugin <= 0.5.0 - Cross-Site Request Forgery vulnerability
Cross-Site Request Forgery vulnerability discovered by Muhammad Nur Ibnu Hubab Ibnu - Pondok Teknologi in WordPress Plugin OPEN-BRAIN versions = 0.5.0...
CVE-2026-5007
A vulnerability was identified in kazuph mcp-docs-rag up to 0.5.0. Affected is the function cloneRepository of the file src/index.ts of the component addgitrepository/addtextfile. The manipulation leads to os command injection. The attack needs to be performed locally. The exploit is publicly...
PT-2026-7268
A vulnerability has been found in wasm3 up to 0.5.0. The affected element is the function NewCodePage. The manipulation leads to memory leak. The attack must be carried out locally. The exploit has been disclosed to the public and may be used. Unfortunately, the project has no active maintainer a...
WordPress Pushe Web Push Notification Plugin <= 0.5.0 - Cross Site Scripting (XSS) Vulnerability
Cross Site Scripting XSS Vulnerability discovered by Que Thanh Tuan in WordPress Plugin Pushe Web Push Notification versions = 0.5.0...
Guardrails 安全漏洞
Guardrails is a Python framework open-sourced by Guardrails AI. A security vulnerability exists in Guardrails versions 0.2.9 through 0.5.0 and earlier, which stems from its improper validation of an XML file, such that if a victim loads an XML file containing malicious Python code, the code will ...
PT-2024-10840 · Nescalante · Url-Regex
Name of the Vulnerable Software and Affected Versions: nescalante urlregex versions up to 0.5.0 Description: A vulnerability was found in the nescalante urlregex component, affecting some unknown processing of the file index.js of the Backtracking component. The manipulation leads to inefficient...
PT-2024-28438 · Toy-Blog · Toy-Blog
Name of the Vulnerable Software and Affected Versions: toy-blog versions 0.4.3 through 0.4.14 toy-blog versions prior to 0.4.14 Description: The administrative password is leaked through the command line parameter. This issue was patched in version 0.5.0. Recommendations: For versions 0.4.14 and...
CVE-2023-30226
An issue was discovered in function getgnuverneed in rizinorg Rizin prior to 0.5.0 verneedentry allows attackers to cause a denial of service via crafted elf file...
PT-2023-23710 · Unknown · Fossbilling
Name of the Vulnerable Software and Affected Versions: fossbilling versions prior to 0.5.0 Description: The issue is related to missing authorization in the GitHub repository fossbilling/fossbilling. Recommendations: For versions prior to 0.5.0, update to version 0.5.0 or later to resolve the iss...
PT-2023-23690 · Unknown · Fossbilling
Name of the Vulnerable Software and Affected Versions: fossbilling/fossbilling versions prior to 0.5.0 Description: The issue is related to insufficient granularity of access control. There is no information provided about the estimated number of potentially affected devices worldwide or real-wor...
CVE-2023-3229 Business Logic Errors in fossbilling/fossbilling
Business Logic Errors in GitHub repository fossbilling/fossbilling prior to 0.5.0...
PT-2023-23702 · Unknown · Fossbilling
Name of the Vulnerable Software and Affected Versions: fossbilling versions prior to 0.5.0 Description: The issue concerns Business Logic Errors in the GitHub repository fossbilling/fossbilling. Recommendations: For versions prior to 0.5.0, update to version 0.5.0 or later to resolve the issue...
CVE-2023-3227
CVE-2023-3227 targets fossbilling/fossbilling with insufficient granularity of access control prior to version 0.5.0. Affected component/condition: access-control checks lacking granularity (per multiple sources). Impact is described as insufficient access control, with remediation recommended to...
UBUNTU-CVE-2020-36627
A vulnerability was found in Macaron i18n. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file i18n.go. The manipulation leads to open redirect. The attack can be launched remotely. Upgrading to version 0.5.0 is able to address this issue. T...
PT-2021-14448 · Xmldom +2 · Xmldom +2
Name of the Vulnerable Software and Affected Versions: xmldom versions 0.4.0 and older Description: The issue arises when xmldom versions 0.4.0 and older fail to correctly preserve system identifiers, FPIs, or namespaces when repeatedly parsing and serializing maliciously crafted documents. This...