Lucene search
+L

355 matches found

Patchstack
Patchstack
added 2026/02/18 8:58 p.m.9 views

WordPress Booking Calendar plugin <= 10.14.14 - Insecure Direct Object Reference to Authenticated (Subscriber+) Arbitrary User Settings Modification vulnerability

Insecure Direct Object Reference to Authenticated Subscriber+ Arbitrary User Settings Modification vulnerability discovered by Tarcísio Luchesi De Almeida Silva Poystick in WordPress Plugin Booking Calendar versions = 10.14.14...

4.3CVSS5.5AI score0.0019EPSS
Exploits0References1Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/01/29 2:28 p.m.6 views

CVE-2020-37007

Liman 0.7 contains a cross-site request forgery vulnerability that allows attackers to manipulate user account settings without proper request validation. Attackers can craft malicious HTML forms to change user passwords or modify account information by tricking logged-in users into submitting...

5.3CVSS5.8AI score0.00162EPSS
Exploits1References3Affected Software1
RedhatCVE
RedhatCVE
added 2026/01/09 9:12 a.m.11 views

CVE-2022-0815

Improper access control vulnerability in McAfee WebAdvisor Chrome and Edge browser extensions up to 8.1.0.1895 allows a remote attacker to gain access to McAfee WebAdvisor settings and other details about the user’s system. This could lead to unexpected behaviors including; settings being changed...

7.5CVSS7AI score0.00982EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/12/22 3:24 p.m.5 views

CVE-2025-68384

A flaw was found in Elasticsearch. A low-privileged authenticated user can cause an excessive memory allocation via submission of oversized user settings data, resulting in a denial of service. Mitigation To mitigate this issue, make sure that only necessary and trusted users have authentication...

6.5CVSS6.2AI score0.0028EPSS
Exploits0References4
Github Security Blog
Github Security Blog
added 2025/12/19 12:31 a.m.12 views

Elasticsearch has Excessive Allocation of Resources via Submission of Oversized User Settings Data

Allocation of Resources Without Limits or Throttling CWE-770 in Elasticsearch can allow a low-privileged authenticated user to cause Excessive Allocation CAPEC-130 causing a persistent denial of service OOM crash via submission of oversized user settings data...

6.5CVSS6.7AI score0.0028EPSS
Exploits0References6Affected Software1
Snyk
Snyk
added 2025/12/18 8:46 p.m.5 views

Cross-site Scripting (XSS)

Overview Kentico.Xperience.Libraries.Web.UI is a runtime assemblies for Web Forms applications that use Kentico Xperience API Affected versions of this package are vulnerable to Cross-site Scripting XSS via the SaveUserSpecificDashboardSettings method in the UserSettingsJsonDashboardItemsLoader...

6.1CVSS5.3AI score0.00161EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2025/12/17 12:0 a.m.14 views

PT-2025-51869

Name of the Vulnerable Software and Affected Versions ChurchCRM versions prior to 6.5.3 Description ChurchCRM is an open-source church management system. A SQL injection issue exists in the src/UserEditor.php file. When an administrator saves a user’s configuration settings, the keys of the type...

7.2CVSS7.8AI score0.00359EPSS
Exploits1References3
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2021-11675

Malware in sbrugna...

8.8CVSS8.6AI score0.00644EPSS
Exploits2References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2014-1120

Malware in sbrugna...

10CVSS9.5AI score0.01252EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2018-17489

Malware in sbrugna...

8.8CVSS8.8AI score0.02712EPSS
Exploits5References3
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2021-21891

Malware in sbrugna...

6.8CVSS4.9AI score0.00886EPSS
Exploits0References4
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2006-5501

Malware in sbrugna...

4.3CVSS6.4AI score0.02532EPSS
Exploits1References12
EUVD
EUVD
added 2025/10/07 12:30 a.m.10 views

EUVD-2019-7295

Malware in sbrugna...

7.8CVSS7.6AI score0.04731EPSS
Exploits0References4
EUVD
EUVD
added 2025/10/07 12:30 a.m.8 views

EUVD-2014-1097

Malware in sbrugna...

6.8CVSS6.4AI score0.00785EPSS
Exploits1References3
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2012-5985

Malware in sbrugna...

5.5CVSS6.4AI score0.01177EPSS
Exploits1References4
EUVD
EUVD
added 2025/10/07 12:30 a.m.11 views

EUVD-2017-10618

Malware in sbrugna...

4.3CVSS4.8AI score0.01226EPSS
Exploits0References4
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2021-19517

Malware in sbrugna...

7.3CVSS6.3AI score0.00603EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2018-18313

Malware in sbrugna...

8.8CVSS8.8AI score0.02401EPSS
Exploits5References6
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2020-0403

Malware in sbrugna...

8.8CVSS8.6AI score0.0199EPSS
Exploits0References6
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2016-8295

Malware in sbrugna...

4.4CVSS4.8AI score0.00538EPSS
Exploits2References5
Rows per page
Query Builder