The Email Address Encoder WordPress plugin before 1.0.25, email-encoder-premium WordPress plugin before 0.3.12 does not properly handle email repla...
The Masteriyo LMS WordPress plugin before 2.2.1 does not perform authorization checks in a course-progress REST API controller, allowing unauthent...
An attacker can send a crafted EDNS OPT record that will be ignored by DNSdist’s filtering rules, but will be rewritten as a valid OPT record when ...
An attacker can send crafted DNS over HTTP/3 queries, triggering an exception that prevents some buffer from being freed right away. The buffer wil...
An out-of-bounds read might happen when SetMacAddrAction is used, potentially resulting in uninitialized memory being sent over the network or a cr...
An attacker might be able to cause outgoing TCP connections to backend to be stuck until a timeout occurs instead of being released immediately, by...
An attacker might be able to delay the processing of DoH3 queries by sending DoH3 GET queries with an invalid DATA frame.
An attacker sending a large number of crafted DNS queries might be able to trigger a dynamic block being inserted with a value causing invalid outp...
A malicious authoritative server can send a crafted zone via the ZoneToCache function that leads to cache poisoning.
Contributor Sensitive Data Exposure in Elementor Website Builder
AI-powered asset discovery, dark web monitoring, CVE alerting, and vulnerability scanning — all in one platform.
