Lucene search
K

9 matches found

EUVD
EUVD
added 2026/06/29 1:36 p.m.7 views

EUVD-2026-40112

Unauthenticated Insecure Direct Object References IDOR in Colissimo Officiel : Méthodes de livraison pour WooCommerce = 2.9.0 versions...

6.5CVSS5.8AI score0.00258EPSS
Exploits0References1
CVE
CVE
added 2026/06/24 7:21 p.m.10 views

CVE-2026-55583

Twenty, before version 2.9.0, is affected by a cross-workspace insecure direct object reference in the AI agent monitor’s Resolver (agent-turn.resolver.ts). The query paths agentTurns(agentId) and evaluateAgentTurn(turnId) retrieved rows by agentId or id without restricting workspaceId, and guard...

7.6CVSS5.9AI score0.00191EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/06/09 4:6 a.m.10 views

CVE-2026-26236 QuMagie

A missing authorization vulnerability has been reported to affect QuMagie. The remote attackers can then exploit the vulnerability to access unauthorized data or perform unauthorized actions. We have already fixed the vulnerability in the following version: QuMagie 2.9.0 and later...

8.7CVSS5.5AI score0.00322EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.2 views

Astra Linux – Vulnerability in freerdp2

FreeRDP is a free remote desktop protocol library and client. Versions of FreeRDP affected by this issue lack input length validation in the “drive” channel. A malicious server can trick a FreeRDP-based client into reading out-of-bound data and sending it back to the server. This issue has been...

4.6CVSS5.9AI score0.00719EPSS
Exploits0References2
Cvelist
Cvelist
added 2025/11/24 6:0 a.m.11 views

CVE-2024-14015 Studiocart <= 2.9.0 - Reflected XSS

The WordPress eCommerce Plugin WordPress plugin through 2.9.0 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin...

0.00368EPSS
Exploits0References1
vulnersOsv
vulnersOsv
added 2022/09/16 10:30 p.m.5 views

clip-jax (=0.0.5) potentially affected by CVE-2022-35984 via tensorflow-cpu (=2.9.0)

tensorflow-cpu PYPI version =2.9.0 is affected by a known vulnerability. The following packages have a transitive dependency on tensorflow-cpu and may be impacted: - clip-jax =0.0.5 Source cves: CVE-2022-35984 Source advisory: OSV:GHSA-P2XF-8HGM-HPW5...

7.5CVSS7.1AI score0.00396EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2022/09/16 10:14 p.m.6 views

clip-jax (=0.0.5) potentially affected by CVE-2022-35964 via tensorflow-cpu (=2.9.0)

tensorflow-cpu PYPI version =2.9.0 is affected by a known vulnerability. The following packages have a transitive dependency on tensorflow-cpu and may be impacted: - clip-jax =0.0.5 Source cves: CVE-2022-35964 Source advisory: OSV:GHSA-F7R5-Q7CX-H668...

7.5CVSS7.1AI score0.00409EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2022/09/16 9:19 p.m.6 views

aliby (>=0.1.18 <=0.1.55), aliby-baby (>=0.1.11 <=0.1.17) +29 more potentially affected by CVE-2022-35987 via tensorflow (>=2.9.0 <=2.9.0rc2)

tensorflow PYPI version =2.9.0, =0.1.18, =0.1.11, =0.30.0, =0.0.0, =1.3.0, =0.3.0, =1.0.1, =1.2.0, =0.0.6, =1.0.12, =0.1.0, =0.1.1 and more Source cves: CVE-2022-35987 Source advisory: OSV:GHSA-W62H-8XJM-FV49...

7.5CVSS7.1AI score0.00396EPSS
Exploits0
ATTACKERKB
ATTACKERKB
added 2022/06/02 2:15 p.m.10 views

CVE-2022-24701

An issue was discovered in WinAPRS 2.9.0. A buffer overflow in national.txt processing allows a local attacker to cause a denial of service or possibly achieve code execution. NOTE: This vulnerability only affects products that are no longer supported by the maintainer...

7.8CVSS6.1AI score0.00455EPSS
Exploits1References3
Rows per page
Query Builder