Lucene search
K

5 matches found

CNNVD
CNNVD
added 2026/01/16 12:0 a.m.5 views

WeGIA input validation error vulnerability

WeGIA is a network manager for the welfare organization developed by Nilson Lazarin. Versions of WeGIA prior to 3.6.2 contained a vulnerability related to input validation errors. This vulnerability stemmed from the lack of validation or restrictions on the nextPage parameter, which could lead to...

6.1CVSS5.8AI score0.00212EPSS
Exploits1References4
OSV
OSV
added 2025/11/25 10:3 p.m.6 views

JLSEC-2025-237 In libarchive before 3.6.2, the software does not check for an error after calling calloc function t...

In libarchive before 3.6.2, the software does not check for an error after calling calloc function that can return with a NULL pointer if the function fails, which leads to a resultant NULL pointer dereference. NOTE: the discoverer cites this CWE-476 remark but third parties dispute the...

9.8CVSS7AI score0.01936EPSS
Exploits0References13
ATTACKERKB
ATTACKERKB
added 2021/11/19 7:20 p.m.4 views

CVE-2021-23433

The package algoliasearch-helper before 3.6.2 are vulnerable to Prototype Pollution due to use of the merge function in src/SearchParameters/index.jsSearchParameters.parseNumbers without any protection against prototype properties. Note that this vulnerability is only exploitable if the...

9.8CVSS5.6AI score0.01561EPSS
Exploits1References4
CNVD
CNVD
added 2020/06/22 12:0 a.m.5 views

Unspecified Vulnerability in Mattermost Server

Mattermost Server is the United States Mattermost company's set of open source messaging platform. A security vulnerability exists in the WebSocket functionality in Mattermost Server versions prior to 3.6.2, which stems from the program not following the same-origin policy. No details of the...

9.8CVSS6.8AI score0.01239EPSS
Exploits0References1
CNVD
CNVD
added 2018/12/18 12:0 a.m.3 views

Bolt CMS Cross-Site Scripting Vulnerability (CNVD-2019-05670)

Bolt is a simple CMS written in PHP. A cross-site scripting vulnerability exists in Bolt CMS versions prior to 3.6.2, which can be exploited by remote attackers to inject arbitrary web script or HTML via the preview function in text input pages...

6.1CVSS7.8AI score0.03466EPSS
Exploits5References1
Rows per page
Query Builder