Lucene search
K

7 matches found

EUVD
EUVD
added 2026/06/26 10:59 p.m.8 views

EUVD-2026-39492

pnpm Vulnerable to Arbitrary File Write/Delete via Malicious Patch File Path Traversal...

7.3CVSS5.8AI score0.0027EPSS
Exploits1References2
ATTACKERKB
ATTACKERKB
added 2026/06/25 4:50 p.m.6 views

CVE-2026-50573

pnpm is a package manager. Prior to 10.34.0 and 11.4.0, pnpm install in non-frozen mode can accept new remote package content after detecting that the downloaded tarball does not match the integrity recorded in pnpm-lock.yaml. When a package is already locked with an integrity value, and the...

6.8CVSS5.9AI score0.00113EPSS
Exploits1References2Affected Software1
Positive Technologies
Positive Technologies
added 2025/12/09 12:0 a.m.15 views

PT-2025-49879

Cross-Site Request Forgery CSRF vulnerability in Dimitri Grassi Salon booking system salon-booking-system allows Cross Site Request Forgery.This issue affects Salon booking system: from n/a through = 10.30.3...

8.8CVSS6.9AI score0.00139EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2023/07/26 12:0 a.m.4 views

PT-2023-14300 · Gx · Xperiencentral

Name of the Vulnerable Software and Affected Versions: GX Software XperienCentral versions 10.36.0 and earlier Description: The issue allows unauthorized users to post data to the server by sending POST requests to the /web/mvc endpoint if they can bypass other security filters. Recommendations:...

6.5CVSS6.5AI score0.00392EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2023/01/16 12:0 a.m.6 views

PT-2023-14175 · WordPress · Subscribe2

Name of the Vulnerable Software and Affected Versions: Subscribe2 WordPress plugin versions prior to 10.38 Description: The issue allows attackers to make a logged-in admin delete arbitrary users by knowing their email via a CSRF attack, due to the lack of a CSRF check when deleting users...

3.1CVSS7.3AI score0.00238EPSS
Exploits1References4
OSV
OSV
added 2021/07/12 11:15 a.m.4 views

CVE-2021-35037

Jamf Pro before 10.30.1 allows for an unvalidated URL redirect vulnerability affecting Jamf Pro customers who host their environments on-premises. An attacker may craft a URL that appears to be for a customer's Jamf Pro instance, but when clicked will forward a user to an arbitrary URL that may b...

6.1CVSS5.8AI score0.00587EPSS
Exploits0References2
CNVD
CNVD
added 2020/02/17 12:0 a.m.4 views

PCRE Buffer Overflow Vulnerability

PCRE Perl Compatible Regular Expressions is a software developer Philip Hazel developed a use of C language written in open source regular expression library. A buffer overflow vulnerability exists in versions of PCRE prior to 10.34. The vulnerability stems from a networked system or product...

7.5CVSS8.7AI score0.01561EPSS
Exploits1References1
Rows per page
Query Builder