|
3111
|
6.3 |
MEDIUM
Network
|
-
|
-
|
A vulnerability was detected in vanna-ai vanna up to 2.0.2. Affected by this vulnerability is the function ask of the file vanna\legacy\base\base.py. Performing a manipulation results in sql injectio…
|
CWE-74
CWE-89
Injection
SQL Injection
|
CVE-2026-4513
|
2026-04-25 01:27 |
2026-03-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3112
|
6.3 |
MEDIUM
Network
|
-
|
-
|
Una vulnerabilidad fue detectada en vanna-ai vanna hasta 2.0.2. Afectada por esta vulnerabilidad es la función ask del archivo vanna\legacy\base\base.py. Realizar una manipulación resulta en inyecció…
|
CWE-74
CWE-89
Injection
SQL Injection
|
CVE-2026-4513
|
2026-04-25 01:27 |
2026-03-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3113
|
7.5 |
HIGH
Network
|
-
|
-
|
The JetFormBuilder plugin for WordPress is vulnerable to arbitrary file read via path traversal in all versions up to, and including, 3.5.6.2. This is due to the 'Uploaded_File::set_from_array' metho…
|
CWE-36
Absolute Path Traversal
|
CVE-2026-4373
|
2026-04-25 01:27 |
2026-03-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3114
|
7.5 |
HIGH
Network
|
-
|
-
|
El plugin JetFormBuilder para WordPress es vulnerable a la lectura arbitraria de archivos a través de salto de ruta en todas las versiones hasta la 3.5.6.2, inclusive. Esto se debe a que el método 'U…
|
CWE-36
Absolute Path Traversal
|
CVE-2026-4373
|
2026-04-25 01:27 |
2026-03-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3115
|
6.3 |
MEDIUM
Network
|
-
|
-
|
A flaw has been found in PbootCMS up to 3.2.12. Affected by this issue is some unknown functionality of the file apps/admin/controller/system/UserController.php of the component Backend. Executing a …
|
CWE-266
CWE-284
Incorrect Privilege Assignment
Improper Access Control
|
CVE-2026-4514
|
2026-04-25 01:27 |
2026-03-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3116
|
6.3 |
MEDIUM
Network
|
-
|
-
|
Se ha encontrado una vulnerabilidad en PbootCMS hasta la versión 3.2.12. Se ve afectada por este problema alguna funcionalidad desconocida del archivo apps/admin/controller/system/UserController.PHP …
|
CWE-266
CWE-284
Incorrect Privilege Assignment
Improper Access Control
|
CVE-2026-4514
|
2026-04-25 01:27 |
2026-03-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3117
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
net/sched: ets: fix divide by zero in the offload path
Offloading ETS requires computing each class' WRR weight: this is done by
…
|
CWE-369
Divide By Zero
|
CVE-2026-23379
|
2026-04-25 01:24 |
2026-03-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3118
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
En el kernel de Linux, la siguiente vulnerabilidad ha sido resuelta:
net/sched: ets: corregir división por cero en la ruta de descarga
La descarga de ETS requiere calcular el peso WRR de cada clase…
|
CWE-369
Divide By Zero
|
CVE-2026-23379
|
2026-04-25 01:24 |
2026-03-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3119
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
ice: change XDP RxQ frag_size from DMA write length to xdp.frame_sz
The only user of frag_size field in XDP RxQ info is
bpf_xdp_f…
|
NVD-CWE-noinfo
|
CVE-2026-23377
|
2026-04-25 01:23 |
2026-03-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3120
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
En el kernel de Linux, la siguiente vulnerabilidad ha sido resuelta:
ice: cambiar frag_size de XDP RxQ de la longitud de escritura DMA a xdp.frame_sz
El único usuario del campo frag_size en la info…
|
NVD-CWE-noinfo
|
CVE-2026-23377
|
2026-04-25 01:23 |
2026-03-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
