27 matches found
Sonatype Nexus Repository Manager 3 - Local File Inclusion
Path Traversal in Sonatype Nexus Repository 3 allows an unauthenticated attacker to read system files. Fixed in version 3.68.1. id: CVE-2024-4956 info: name: Sonatype Nexus Repository Manager 3 - Local File Inclusion author: ritikchaddha severity: high description: | Path Traversal in Sonatype...
BIT-MLFLOW-2026-2611 Improper Origin Validation in mlflow/mlflow
In MLflow version 3.9.0, the MLflow Assistant feature introduced improper origin validation in its /ajax-api endpoints. This vulnerability allows a remote attacker to exploit cross-origin requests from a malicious webpage to interact with the MLflow Assistant running on a victim's local machine. ...
CVE-2026-45053
CubeCart is an ecommerce software solution. Prior to 6.7.0, an Authenticated Arbitrary File Upload vulnerability exists in the REST API File Manager endpoint POST /api/v1/files of CubeCart. The endpoint allows any holder of an API key with files:rw permission to upload PHP source files into the...
CVE-2026-44714
The bitcoinj library is a Java implementation of the Bitcoin protocol. Prior to 0.17.1, ScriptExecution.correctlySpends contains two fast-path verification bugs for standard P2PKH and native P2WPKH spends in core/src/main/java/org/bitcoinj/script/ScriptExecution.java. In both branches, bitcoinj...
EUVD-2026-26283
Insufficient option length validation in the IPv6 Router Advertisement parser in FreeRTOS-Plus-TCP before V4.2.6 and V4.4.1 allows an adjacent network actor to cause a denial of service device crash by sending a crafted Router Advertisement with a truncated PREFIXINFORMATION option that is smalle...
CVE-2026-33207
DataEase (open-source data visualization/analytics) contains a SQL injection in versions ≤ 2.10.20 at the /datasource/getTableField endpoint. The getTableFiledSql method concatenates the tableName into SQL via String.format without parameterization, and validation in DatasourceServer.py can be by...
PT-2026-31321
Name of the Vulnerable Software and Affected Versions CI4MS versions prior to 0.31.4.0 Description CI4MS, a CodeIgniter 4-based CMS, is susceptible to arbitrary configuration injection via the .env file. The Install::index controller does not validate the host POST parameter before passing it to...
CVE-2026-33750
The brace-expansion library generates arbitrary strings containing a common prefix and suffix. Prior to versions 5.0.5, 3.0.2, 2.0.3, and 1.1.13, a brace pattern with a zero step value e.g., 1..2..0 causes the sequence generation loop to run indefinitely, making the process hang for seconds and...
CVE-2025-53598
CVE-2025-53598 describes a NULL pointer dereference affecting Qsync Central. A remote attacker who has a user account can trigger a DoS condition. Affected software: Qsync Central prior to 5.0.0.4. The vendor fixed the vulnerability in Qsync Central 5.0.0.4 and later (released 2026-01-20). The av...
CVE-2025-66310 Grav vulnerable to Cross-Site Scripting (XSS) Stored endpoint `/admin/pages/[page]` parameter `data[header][template]` in Advanced Tab
This admin plugin for Grav is an HTML user interface that provides a convenient way to configure Grav and easily create and modify pages. Prior to 1.11.0-beta.1, a Stored Cross-Site Scripting XSS vulnerability was identified in the /admin/pages/page endpoint of the Grav application. This...
EUVD-2019-1916
Malware in sbrugna...
CVE-2025-54153
An SQL injection vulnerability has been reported to affect Qsync Central. If a remote attacker gains a user account, they can then exploit the vulnerability to execute unauthorized code or commands. We have already fixed the vulnerability in the following version: Qsync Central 5.0.0.2 2025/07/31...
CVE-2025-29901
A NULL pointer dereference vulnerability has been reported to affect File Station 5. If a remote attacker gains a user account, they can then exploit the vulnerability to launch a denial-of-service DoS attack. We have already fixed the vulnerability in the following version: File Station 5...
CVE-2025-53628
cpp-httplib is a C++11 single-file header-only cross platform HTTP/HTTPS library. Prior to 0.20.1, cpp-httplib does not have a limit for a unique line, permitting an attacker to explore this to allocate memory arbitrarily. This vulnerability is fixed in 0.20.1. NOTE: This vulnerability is related...
WordPress Gwolle Guestbook plugin <= 4.9.2 - Unauthenticated Stored Cross-Site Scripting via `gwolle_gb_content` Parameter vulnerability
Unauthenticated Stored Cross-Site Scripting via gwollegbcontent Parameter vulnerability discovered by zer0gh0st in WordPress Plugin Gwolle Guestbook versions = 4.9.2...
WordPress ANON::form embedded secure form plugin <= 1.7 - Cross Site Scripting (XSS) Vulnerability
Cross Site Scripting XSS Vulnerability discovered by Peter Thaleikis in WordPress Plugin ANON::form embedded secure form versions = 1.7...
WordPress POEditor plugin <= 0.9.10 - CSRF to Arbitrary File Deletion vulnerability
CSRF to Arbitrary File Deletion vulnerability discovered by Nguyen Xuan Chien in WordPress Plugin POEditor versions = 0.9.10...
WordPress Tournamatch plugin <= 4.6.1 - Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability
Authenticated Contributor+ Stored Cross-Site Scripting vulnerability discovered by Chuck in WordPress Plugin Tournamatch versions = 4.6.1...
WordPress Verge3D plugin <= 4.9.0 - Cross Site Request Forgery (CSRF) vulnerability
Cross Site Request Forgery CSRF vulnerability discovered by Nabil Irawan Patchstack Alliance in WordPress Plugin Verge3D versions = 4.9.0...
CVE-2025-32383
MaxKB Max Knowledge Base is an open source knowledge base question-answering system based on a large language model and retrieval-augmented generation RAG. A reverse shell vulnerability exists in the module of function library. The vulnerability allow privileged users to create a reverse shell...