CVE-2026-2306

The Ninja Tables – Easy Data Table Builder plugin for WordPress is vulnerable to unauthorized database table creation due to missing authorization checks on the createFluentCartTable function in all versions up to, and including, 5.2.6. This makes it possible for authenticated attackers, with...

CVE-2026-2306

The Ninja Tables – Easy Data Table Builder plugin for WordPress is vulnerable to unauthorized database table creation due to missing authorization checks on the createFluentCartTable function in all versions up to, and including, 5.2.6. This makes it possible for authenticated attackers, with...

CVE-2026-2306 Ninja Tables <= 5.2.6 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Table Creation

The Ninja Tables – Easy Data Table Builder plugin for WordPress is vulnerable to unauthorized database table creation due to missing authorization checks on the createFluentCartTable function in all versions up to, and including, 5.2.6. This makes it possible for authenticated attackers, with...

CVE-2026-2306

The Ninja Tables – Easy Data Table Builder plugin for WordPress is vulnerable to unauthorized database table creation due to missing authorization checks on the createFluentCartTable function in all versions up to, and including, 5.2.6. This makes it possible for authenticated attackers, with...

CVE-2025-13753

CVE-2025-13753 refers to the WP Table Builder – Drag & Drop Table Builder plugin for WordPress. The issue is an incorrect authorization check on save_table() , enabling authenticated users with Subscriber+ privileges to create new wptb-table posts in versions up to and including 2.0.19. The Wordf...

EUVD-2017-10166

Malware in sbrugna...

EUVD-2024-42141

Malicious code in bioql PyPI...

CVE-2024-46897

Incorrect permission assignment for critical resource issue exists in Exment v6.1.4 and earlier and Exment v5.0.11 and earlier. A logged-in user with the permission of table management may obtain and/or alter the information of the unauthorized table...

Dust: Unauthorized Table Creation by Member

A member user was able to create tables inside restricted company data spaces, despite the UI indicating that only workspace builders admins should be allowed. The "Add Data" button appeared disabled in the UI, but it was still interactable and functional, allowing the member to successfully crea...

CVE-2024-46897

Incorrect permission assignment for critical resource issue exists in Exment v6.1.4 and earlier and Exment v5.0.11 and earlier. A logged-in user with the permission of table management may obtain and/or alter the information of the unauthorized table...

CVE-2024-46897

Affected software: Exment (web app). Vulnerability: CVE-2024-46897 is an Incorrect Permission Assignment for a Critical Resource affecting Exment versions 6.1.4 and earlier and 5.0.11 and earlier. A logged-in user with the permission to manage tables may access and/or modify information in unauth...

CVE-2024-46897

Incorrect permission assignment for critical resource issue exists in Exment v6.1.4 and earlier and Exment v5.0.11 and earlier. A logged-in user with the permission of table management may obtain and/or alter the information of the unauthorized table...

Security Bulletin: Infosphere BigInsights is affected by a vulnerability in DB2 that allows users to truncate any table even though the owner of the table has not granted any privilege to any user/role/group (CVE-2015-5020).

Summary Infosphere BigInsights is affected by a vulnerability in DB2 that allows users to truncate any table even though the owner of the table has not granted any privilege to any user/role/group. CVE-2015-5020. The vulnerability exists in the Big SQL server component included in BigInsights...

SuSE 10 Security Update : MySQL (ZYPP Patch Number 5618)

Empty bit-strings in a query could crash the MySQL server. CVE-2008-3963 Due to another flaw users could access tables of other users. CVE-2008-4097 / CVE-2008-4098 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The text description of this plugin is C Novell, Inc. if NASLLEVEL 3000 exit0;...

DSA-1413-1 mysql - multiple

Bulletin has no description...

mysql -- erroneous access restrictions applied to table renames

A Red Hat advisory reports: Oleksandr Byelkin discovered that "ALTER TABLE ... RENAME" checked the CREATE/INSERT rights of the old table instead of the new one. Table access restrictions, on the affected MySQL servers, may accidently or intentially be bypassed due to this bug...

[SECURITY] New version of nis released

The nis package that was distributed with Debian GNU/Linux 2.1 has a couple of problems: ypserv allowed any machine in the NIS domain to insert new tables rpc.yppasswd had a bufferoverflow in its MD5 code rpc.yppasswd allowed users to change the GECOS and loginshell entries of other users This ha...