Lucene search
K

12 matches found

NVD
NVD
added 2026/06/17 1:20 p.m.10 views

CVE-2026-39595

Author Broken Access Control in W3 Total Cache = 2.9.1 versions...

4.7CVSS0.0021EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:33 p.m.11 views

CVE-2026-45413

MaxKB is an open-source AI assistant for enterprise. Prior to 2.9.1, user passwords are stored using unsalted MD5 hashes, making them trivially crackable via rainbow tables or GPU-accelerated brute force hashcat. This vulnerability is fixed in 2.9.1...

6.9CVSS5.5AI score0.00083EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/05/26 8:12 p.m.37 views

CVE-2026-45413 MaxKB: Unsalted MD5 Password Hashing

MaxKB is an open-source AI assistant for enterprise. Prior to 2.9.1, user passwords are stored using unsalted MD5 hashes, making them trivially crackable via rainbow tables or GPU-accelerated brute force hashcat. This vulnerability is fixed in 2.9.1...

6.9CVSS0.00083EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/03/06 7:54 a.m.10 views

CVE-2026-27384

Improper Validation of Specified Quantity in Input vulnerability in BoldGrid W3 Total Cache w3-total-cache allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects W3 Total Cache: from n/a through = 2.9.1...

9CVSS5.8AI score0.00304EPSS
Exploits1References1
GithubExploit
GithubExploit
added 2026/02/20 8:26 p.m.257 views

Exploit for CVE-2025-2304

CVE-2025-2304-Camaleon-C...

9.4CVSS5.3AI score0.00566EPSS
Exploits17
CVE
CVE
added 2026/02/09 7:16 p.m.33 views

CVE-2026-25057

CVE-2026-25057 affects MarkUs prior to version 2.9.1. Instructors can upload a zip file to create an assignment from an exported configuration, and the zip entry names are used to construct paths for writing files to disk without validating those paths. This can allow arbitrary path usage during ...

9.1CVSS5.6AI score0.00469EPSS
Exploits0References3Affected Software1
CNNVD
CNNVD
added 2026/02/09 12:0 a.m.8 views

MarkUs 安全漏洞

MarkUs is an open-source Ruby on Rails and React web application used for submitting and grading student assignments. Versions of MarkUs prior to 2.9.1 contained a security vulnerability due to insufficient file path checking, which could allow arbitrary file writing...

9.1CVSS5.9AI score0.00469EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2025/05/22 7:41 a.m.5 views

CVE-2019-19664

A CSRF vulnerability exists in the Web Settings of Web File Manager in Rumpus FTP 8.2.9.1. Exploitation of this vulnerability can result in manipulation of Server Web settings at RAPR/WebSettingsGeneralSet.html...

7.1CVSS7AI score0.00372EPSS
Exploits0References1
CNNVD
CNNVD
added 2024/12/18 12:0 a.m.6 views

laravel-filemanager 代码注入漏洞

laravel-filemanager is an open source tool from UniSharp. A security vulnerability exists in laravel-filemanager versions prior to 2.9.1 that stems from vulnerability to remote code execution attacks and allows attackers to execute malicious code...

9.8CVSS7.8AI score0.0128EPSS
Exploits1References4
PyPA
PyPA
added 2024/05/14 4:17 p.m.10 views

PYSEC-2024-264

Apache Airflow version 2.9.0 has a vulnerability that allows an authenticated attacker to inject malicious data into the task instance logs.Users are recommended to upgrade to version 2.9.1, which fixes this issue...

5.4CVSS6AI score0.01559EPSS
Exploits0References4Affected Software1
Positive Technologies
Positive Technologies
added 2023/01/09 12:0 a.m.9 views

PT-2023-15896 · Kaltura · Kaltura Mwembed

Name of the Vulnerable Software and Affected Versions: kaltura mwEmbed versions up to 2.91 Description: A problem was found in the Share Plugin component, specifically in the file modules/KalturaSupport/components/share/share.js. The issue allows for cross site scripting through the manipulation ...

4.7CVSS4AI score0.00555EPSS
Exploits0References8
Positive Technologies
Positive Technologies
added 2021/04/28 12:0 a.m.12 views

PT-2021-23681 · Babel +8 · Babel +8

Name of the Vulnerable Software and Affected Versions: Babel versions prior to 2.9.1 Description: The issue is related to errors in input validation when handling directory traversal sequences in locale .dat files within Babel.Locale. This can allow an attacker to load arbitrary locale .dat files...

9.8CVSS7.1AI score0.35963EPSS
Exploits8References145
Rows per page
Query Builder