Lucene search
K

4 matches found

ATTACKERKB
ATTACKERKB
added 2026/03/20 2:23 a.m.3 views

CVE-2026-32889

tinytag is a Python library for reading audio file metadata. Version 2.2.0 allows an attacker who can supply MP3 files for parsing to trigger a non-terminating loop while the library parses an ID3v2 SYLT synchronized lyrics frame. In server-side deployments that automatically parse...

6.5CVSS5.7AI score0.0041EPSS
Exploits1References5Affected Software1
RedhatCVE
RedhatCVE
added 2026/02/24 7:29 a.m.7 views

CVE-2026-2976

A weakness has been identified in FastApiAdmin up to 2.2.0. Affected by this issue is the function downloadcontroller of the file /backend/app/api/v1/modulecommon/file/controller.py of the component Download Endpoint. This manipulation of the argument filepath causes information disclosure. It is...

6.5CVSS4.8AI score0.0031EPSS
Exploits1References1
Patchstack
Patchstack
added 2024/11/15 12:0 a.m.12 views

WordPress SimpleForm Plugin <= 2.2.0 is vulnerable to Cross Site Scripting (XSS)

Software SimpleForm Type Plugin Vulnerable versions = 2.2.0 Fixed in N/A OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-10883 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID c9428f96f6e1 Credits Peter Thaleikis Required...

6.1CVSS5.9AI score0.00363EPSS
Exploits0References2Affected Software1
Positive Technologies
Positive Technologies
added 2024/10/30 12:0 a.m.5 views

PT-2024-39629 · WordPress · Wpglobus Translate Options

Name of the Vulnerable Software and Affected Versions: WPGlobus Translate Options plugin for WordPress versions up to, and including, 2.2.0 Description: The issue is due to missing or incorrect nonce validation on the on translate options page function, making it possible for unauthenticated...

6.1CVSS7.1AI score0.00158EPSS
Exploits0References6
Rows per page
Query Builder