CVE-2026-34743 affecting package rust for versions less than 1.75.0-28

CVE-2026-34743 affecting package rust for versions less than 1.75.0-28. A patched version of the package is available...

CVE-2025-68671

lakeFS is an open-source tool that transforms object storage into a Git-like repositories. LakeFS's S3 gateway does not validate timestamps in authenticated requests, allowing replay attacks. Prior to 1.75.0, an attacker who captures a valid signed request e.g., through network interception, logs...

CVE-2025-68671 lakeFS is Missing Timestamp Validation in S3 Gateway Authentication

lakeFS is an open-source tool that transforms object storage into a Git-like repositories. LakeFS's S3 gateway does not validate timestamps in authenticated requests, allowing replay attacks. Prior to 1.75.0, an attacker who captures a valid signed request e.g., through network interception, logs...

CVE-2025-68671 lakeFS is Missing Timestamp Validation in S3 Gateway Authentication

lakeFS is an open-source tool that transforms object storage into a Git-like repositories. LakeFS's S3 gateway does not validate timestamps in authenticated requests, allowing replay attacks. Prior to 1.75.0, an attacker who captures a valid signed request e.g., through network interception, logs...

CVE-2025-68671

lakeFS - S3 gateway vulnerability: missing timestamp validation in authenticated requests allows replay attacks. Attackers can reuse valid signed requests until credentials rotate; impact is limited to replay of previously captured requests. Affected: lakeFS S3 gateway; root cause is lack of time...

lakeFS is Missing Timestamp Validation in S3 Gateway Authentication

Impact LakeFS's S3 gateway does not validate timestamps in authenticated requests, allowing replay attacks. An attacker who captures a valid signed request e.g., through network interception, logs, or compromised systems can replay that request until credentials are rotated, even after the reques...

CVE-2025-58000

Missing Authorization vulnerability in memberful Memberful - Membership Plugin memberful-wp allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Memberful - Membership Plugin: from n/a through = 1.75.0...

CVE-2025-58000

Missing Authorization vulnerability in memberful Memberful - Membership Plugin memberful-wp allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Memberful - Membership Plugin: from n/a through = 1.75.0...

CVE-2025-58000 WordPress Memberful plugin <= 1.75.0 - Broken Access Control vulnerability

Missing Authorization vulnerability in memberful Memberful - Membership Plugin memberful-wp allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Memberful - Membership Plugin: from n/a through = 1.75.0...

WordPress plugin Memberful 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A security vulnerabili...

CVE-2025-53605 affecting package rust for versions less than 1.75.0-17

CVE-2025-53605 affecting package rust for versions less than 1.75.0-17. A patched version of the package is available...

Allocation of Resources Without Limits or Throttling

Overview Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling through the improper handling of concurrently active streams per connection. An attacker can cause resource exhaustion and disrupt service availability by rapidly sending crafted...

AZL-65565 CVE-2025-53605 affecting package rust for versions less than 1.75.0-17

The protobuf crate before 3.7.2 for Rust allows uncontrolled recursion in the protobuf::codedinputstream::CodedInputStream::skipgroup parsing of unknown fields in untrusted input...

CVE-2024-31852 affecting package rust for versions less than 1.75.0-9

CVE-2024-31852 affecting package rust for versions less than 1.75.0-9. A patched version of the package is available...

CVE-2022-32215 affecting package rust for versions less than 1.75.0-1

CVE-2022-32215 affecting package rust for versions less than 1.75.0-1. A patched version of the package is available...

CVE-2022-35256 affecting package rust for versions less than 1.75.0-1

CVE-2022-35256 affecting package rust for versions less than 1.75.0-1. A patched version of the package is available...

CVE-2022-32214 affecting package rust for versions less than 1.75.0-1

CVE-2022-32214 affecting package rust for versions less than 1.75.0-1. A patched version of the package is available...

CVE-2023-45853 affecting package rust for versions less than 1.75.0-1

CVE-2023-45853 affecting package rust for versions less than 1.75.0-1. A patched version of the package is available...

CVE-2023-50853

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Nasirahmed Advanced Form Integration – Connect WooCommerce and Contact Form 7 to Google Sheets and other platforms.This issue affects Advanced Form Integration – Connect WooCommerce and Contact For...

WordPress Advanced Form Integration Plugin <= 1.75.0 is vulnerable to SQL Injection

Software Advanced Form Integration Type Plugin Vulnerable versions = 1.75.0 Fixed in 1.76.0 OWASP Top 10 A3: Injection Classification SQL Injection CVE CVE-2023-50853 Patch priority Low CVSS severity Low 7.6 Developer Claim ownership PSID b0d2ea2b120c Credits Muhammad Daffa Required privilege...