13 matches found
CVE-2026-48832
action/cookie.php in ecrire in SPIP before 4.4.15 is prone to an open redirect vulnerability...
[SECURITY] [DSA 6296-1] spip security update
------------------------------------------------------------------------- Debian Security Advisory DSA-6296-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso May 25, 2026 https://www.debian.org/security/faq -...
CVE-2026-48832
action/cookie.php in ecrire in SPIP before 4.4.15 is prone to an open redirect vulnerability...
CVE-2026-48832
action/cookie.php in ecrire in SPIP before 4.4.15 is prone to an open redirect vulnerability...
CVE-2026-33869
Mastodon is a free, open-source social network server based on ActivityPub. In versions on the 4.5.x branch prior to 4.5.8 and on the 4.4.x branch prior to 4.4.15, an attacker that knows of a quote before it has reached a server can prevent it from being correctly processed on that server. The...
EUVD-2026-16785
Mastodon is a free, open-source social network server based on ActivityPub. In versions on the 4.5.x branch prior to 4.5.8 and on the 4.4.x branch prior to 4.4.15, an attacker that knows of a quote before it has reached a server can prevent it from being correctly processed on that server. The...
PT-2026-28106
Name of the Vulnerable Software and Affected Versions Mastodon versions prior to 4.5.8 Mastodon versions prior to 4.4.15 Mastodon versions prior to 4.3.21 Description Mastodon, a free and open-source social network server based on ActivityPub, contains an unauthenticated Open Redirect issue in th...
CVE-2023-41892
Craft CMS is a platform for creating digital experiences. This is a high-impact, low-complexity attack vector. Users running Craft installations before 4.4.15 are encouraged to update to at least that version to mitigate the issue. This issue has been fixed in Craft CMS 4.4.15...
PT-2023-5849
Name of the Vulnerable Software and Affected Versions Craft CMS versions prior to 4.4.15 Description This is a high-impact, low-complexity attack vector. Craft CMS is a platform for creating digital experiences. The issue is related to improper code generation control, which can allow a remote...
CVE-2023-40035 Craft CMS vulnerable to Remote Code Execution via validatePath bypass
Craft is a CMS for creating custom digital experiences on the web and beyond. Bypassing the validatePath function can lead to potential remote code execution. This vulnerability can lead to malicious control of vulnerable systems and data exfiltrations. Although the vulnerability is exploitable...
CVE-2023-40035 Craft CMS vulnerable to Remote Code Execution via validatePath bypass
Craft is a CMS for creating custom digital experiences on the web and beyond. Bypassing the validatePath function can lead to potential remote code execution. This vulnerability can lead to malicious control of vulnerable systems and data exfiltrations. Although the vulnerability is exploitable...
CVE-2023-40035 Craft CMS vulnerable to Remote Code Execution via validatePath bypass
Craft is a CMS for creating custom digital experiences on the web and beyond. Bypassing the validatePath function can lead to potential remote code execution. This vulnerability can lead to malicious control of vulnerable systems and data exfiltrations. Although the vulnerability is exploitable...
phpMyAdmin 4.0.10.x < 4.0.10.18 / 4.4.15.x < 4.4.15.9 / 4.6.x < 4.6.5 Multiple Vulnerabilities
Binary data 9830.prm...