Lucene search
K

9 matches found

Patchstack
Patchstack
added 2026/03/31 10:55 a.m.5 views

WordPress WooPayments plugin <= 10.5.1 - Missing Authorization to Unauthenticated Plugin Settings Update via save_upe_appearance_ajax vulnerability

Missing Authorization to Unauthenticated Plugin Settings Update via saveupeappearanceajax vulnerability discovered by Dmitrii Ignatyev - CleanTalk Inc in WordPress Plugin WooCommerce Payments versions = 10.5.1...

6.5CVSS5.9AI score0.00267EPSS
Exploits0References1Affected Software1
EUVD
EUVD
added 2026/03/25 6:31 p.m.2 views

EUVD-2026-15483

Incorrect privilege assignment vulnerability in HYPR Server allows Privilege Escalation.This issue affects HYPR Server: from 10.5.1 before 10.7...

8.8CVSS5.8AI score0.00289EPSS
Exploits0References2
NVD
NVD
added 2026/03/25 5:16 p.m.5 views

CVE-2026-1712

Incorrect privilege assignment vulnerability in HYPR Server allows Privilege Escalation.This issue affects HYPR Server: from 10.5.1 before 10.7...

8.8CVSS0.00289EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/03/25 4:56 p.m.23 views

CVE-2026-1712

Incorrect privilege assignment vulnerability in HYPR Server allows Privilege Escalation.This issue affects HYPR Server: from 10.5.1 before 10.7...

8.8CVSS0.00289EPSS
Exploits0References1
CVE
CVE
added 2026/03/25 4:56 p.m.8 views

CVE-2026-1712

CVE-2026-1712 describes an incorrect privilege assignment in HYPR Server that enables privilege escalation. The issue affects HYPR Server versions starting at 10.5.1 and prior to 10.7, i.e., 10.5.1 through 10.6.x. The root cause is a faulty privilege allocation mechanism, leading to elevation of ...

8.8CVSS5.8AI score0.00289EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/03/25 12:0 a.m.4 views

PT-2026-28065

Incorrect privilege assignment vulnerability in HYPR Server allows Privilege Escalation.This issue affects HYPR Server: from 10.5.1 before 10.7...

8.8CVSS5.8AI score0.00289EPSS
Exploits0References2
SUSE CVE
SUSE CVE
added 2025/04/24 3:24 a.m.2 views

SUSE CVE-2025-24839

Mattermost versions 10.5.x = 10.5.1, 10.4.x = 10.4.3, 9.11.x = 9.11.9 fail to prevent Wrangler posts from triggering AI responses. This vulnerability allows users without access to the AI bot to activate it by attaching the activateai override property to a post via the Wrangler plugin, provided...

4.3CVSS4AI score0.00181EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2025/04/24 3:24 a.m.1 views

SUSE CVE-2025-32093

Mattermost versions 10.5.x = 10.5.1, 10.4.x = 10.4.3, 9.11.x = 9.11.9 fail to restrict certain operations on system admins to only other system admins, which allows delegated granular administration users with the "Edit Other Users" permission to perform unauthorized modifications to system...

4.9CVSS6.9AI score0.00198EPSS
Exploits0References3
OSV
OSV
added 2018/09/18 9:29 p.m.1 views

CVE-2018-6693

An unprivileged user can delete arbitrary files on a Linux system running ENSLTP 10.5.1, 10.5.0, and 10.2.3 Hotfix 1246778 and earlier. By exploiting a time of check to time of use TOCTOU race condition during a specific scanning sequence, the unprivileged user is able to perform a privilege...

5.3CVSS5.9AI score0.00182EPSS
Exploits0References1
Rows per page
Query Builder