11 matches found
EUVD-2026-36948
Unauthenticated Broken Access Control in Easy Digital Downloads = 3.6.5 versions...
WordPress Easy Digital Downloads plugin <= 3.6.5 - Broken Access Control vulnerability
Broken Access Control vulnerability discovered by Jakub Herman in WordPress Plugin Easy Digital Downloads versions = 3.6.5...
UBUNTU-CVE-2026-25834
Mbed TLS v3.3.0 up to 3.6.5 and 4.0.0 allows Algorithm Downgrade...
CVE-2026-28411 WeGIA Vulnerable to Authentication Bypass via `extract($_REQUEST)`
WeGIA is a web manager for charitable institutions. Prior to version 3.6.5, an unsafe use of the extract function on the $REQUEST superglobal allows an unauthenticated attacker to overwrite local variables in multiple PHP scripts. This vulnerability can be leveraged to completely bypass...
EUVD-2017-16954
Malware in sbrugna...
CVE-2023-47507
Deserialization of Untrusted Data vulnerability in Master Slider Master Slider Pro.This issue affects Master Slider Pro: from n/a through 3.6.5...
Design/Logic Flaw
A vulnerability was found in Moodle where javaScript injection was possible in some Mustache templates via recursive rendering from contexts. Mustache helper tags that were included in template contexts were not being escaped before that context was injected into another Mustache helper, which...
DEBIAN-CVE-2020-5211
In NetHack before 3.6.5, an invalid extended command in value for the AUTOCOMPLETE configuration file option can cause a buffer overflow resulting in a crash or remote code execution/privilege escalation. This vulnerability affects systems that have NetHack installed suid/sgid and shared systems...
DEBIAN-CVE-2020-5210
In NetHack before 3.6.5, an invalid argument to the -w command line option can cause a buffer overflow resulting in a crash or remote code execution/privilege escalation. This vulnerability affects systems that have NetHack installed suid/sgid and shared systems that allow users to influence...
UBUNTU-CVE-2020-5213
In NetHack before 3.6.5, too long of a value for the SYMBOL configuration file option can cause a buffer overflow resulting in a crash or remote code execution/privilege escalation. This vulnerability affects systems that have NetHack installed suid/sgid and shared systems that allow users to...
Joomla! cross-site scripting vulnerability (CNVD-2017-06581)
Joomla! is the U.S. Open Source Matters team of a set of PHP and MySQL development using open source , cross-platform content management system CMS. A cross-site scripting vulnerability exists in Joomla! versions 3.2.0 through 3.6.5. The vulnerability arises due to insufficient escaping of file a...