11 matches found
CVE-2026-39641
Cross-Site Request Forgery CSRF vulnerability in Skywarrior Blackfyre blackfyre allows Cross Site Request Forgery.This issue affects Blackfyre: from n/a through = 2.5.4...
EUVD-2025-35555
Missing Authorization vulnerability in DELUCKS DELUCKS SEO delucks-seo allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects DELUCKS SEO: from n/a through = 2.5.9...
WordPress Maspik plugin <= 2.5.6 - Authenticated (Subscriber+) Missing Authorization to Spam Log Export vulnerability
Authenticated Subscriber+ Missing Authorization to Spam Log Export vulnerability discovered by Dmitrii Ignatyev in WordPress Plugin Maspik – Spam blacklist versions = 2.5.6...
Nextcloud Security Breach
Nextcloud is an open source suite of self-hosted file synchronization and sharing communication application platform from Nextcloud, Germany. A security vulnerability exists in Nextcloud that stems from improper handling of request URLs, which allows users to load unallowed application pages...
UBUNTU-CVE-2020-35357
A buffer overflow can occur when calculating the quantile value using the Statistics Library of GSL GNU Scientific Library, versions 2.5 and 2.6. Processing a maliciously crafted input data for gslstatsquantilefromsorteddata of the library may lead to unexpected application termination or arbitra...
SUSE CVE-2004-0796
SpamAssassin 2.5x, and 2.6x before 2.64, allows remote attackers to cause a denial of service via certain malformed messages...
SUSE CVE-2005-0173
squidldapauth in Squid 2.5 and earlier allows remote authenticated users to bypass username-based Access Control Lists ACLs via a username with a space at the beginning or end, which is ignored by the LDAP server...
PT-2021-23187 · Google · Tensorflow
Name of the Vulnerable Software and Affected Versions: TensorFlow versions prior to 2.7.0 TensorFlow versions 2.6.0 through 2.6.0 will be fixed in 2.6.1 TensorFlow versions 2.5.0 through 2.5.1 will be fixed in 2.5.2 TensorFlow versions 2.4.0 through 2.4.3 will be fixed in 2.4.4 Description: The...
CVE-2017-1727
IBM Tivoli Key Lifecycle Manager 2.5, 2.6, and 2.7 discloses sensitive information in error messages that could aid an attacker in further attacks against the system. IBM X-Force ID: 134869...
Apache Struts Denial of Service Vulnerability (CNVD-2017-23348)
Apache Struts is the United States Apache Apache Software Foundation is responsible for maintaining an open source project , is a set of open source MVC framework for creating enterprise-class Java Web applications , mainly provides two versions of the framework products , Struts 1 and Struts 2...
UBUNTU-CVE-2012-5882
Cross-site scripting XSS vulnerability in the Flash component infrastructure in YUI 2.5.0 through 2.9.0 allows remote attackers to inject arbitrary web script or HTML via vectors related to uploader.swf, a similar issue to CVE-2010-4208...