CVE Watch
Every published CVE, mapped to engagement reality.
Crawled from cve.org every day. Each entry annotated with the QSearch coverage signal — how many of our agents, skills, and playbooks address the technique. Subscribe via RSS for SIEM pipe, or get the weekly digest by email.
The ReplaceText extension through 1.41 for MediaWiki has Incorrect Access Control
The ReplaceText extension through 1.41 for MediaWiki has Incorrect Access Control. When a user is blocked after submitting a replace job, the job is still run, even if it may be run at a later time (due to the job queue backlog)
mediawikiMediaWiki before 1.36.2 allows a denial of service (resource consumption because of lengthy query processing time)
MediaWiki before 1.36.2 allows a denial of service (resource consumption because of lengthy query processing time). ApiQueryBacklinks (action=query&list=backlinks) can cause a full table scan.
fedoraprojectmediawikiCWE-770Deno Standard Modules before 0.107.0 allows Code Injection via an untrusted YAML file in certain configurations
Deno Standard Modules before 0.107.0 allows Code Injection via an untrusted YAML file in certain configurations.
denoCWE-94HashiCorp Vault and Vault Enterprise 1.8.x through 1.8.4 may have an unexpected interaction between glob-related policies and the Google ...
HashiCorp Vault and Vault Enterprise 1.8.x through 1.8.4 may have an unexpected interaction between glob-related policies and the Google Cloud secrets engine. Users may, in some situations, have more privileges than intended, e.g., a user with read permission for the /gcp/roleset/* path may be able to issue Google Cloud service account credentials.
hashicorpCWE-269Gajim 1.2.x and 1.3.x before 1.3.3 allows remote attackers to cause a denial of service (crash) via a crafted XMPP Last Message Correctio...
Gajim 1.2.x and 1.3.x before 1.3.3 allows remote attackers to cause a denial of service (crash) via a crafted XMPP Last Message Correction (XEP-0308) message in multi-user chat, where the message ID equals the correction ID.
gajimVITEC Exterity IPTV products through 2021-04-30 allow privilege escalation to root
VITEC Exterity IPTV products through 2021-04-30 allow privilege escalation to root.
vitecCWE-1188HashiCorp Vault and Vault Enterprise through 1.7.4 and 1.8.3 allowed a user with write permission to an entity alias ID sharing a mount a...
HashiCorp Vault and Vault Enterprise through 1.7.4 and 1.8.3 allowed a user with write permission to an entity alias ID sharing a mount accessor with another user to acquire this other user’s policies by merging their identities. Fixed in Vault and Vault Enterprise 1.7.5 and 1.8.4.
hashicorpCWE-732TadTools special page is vulnerable to authorization bypass, thus remote attackers can use the specific parameter to delete arbitrary fil...
TadTools special page is vulnerable to authorization bypass, thus remote attackers can use the specific parameter to delete arbitrary files in the system without logging in.
tadtools_projectCWE-285CWE-306Tad Book3 editing book page does not perform identity verification
Tad Book3 editing book page does not perform identity verification. Remote attackers can use the vulnerability to view and modify arbitrary content of books without permission.
tad_book3_projectCWE-285CWE-306webTareas version 2.4 and earlier allows an unauthenticated user to perform Time and Boolean-based blind SQL Injection on the endpoint /i...
webTareas version 2.4 and earlier allows an unauthenticated user to perform Time and Boolean-based blind SQL Injection on the endpoint /includes/library.php, via the sor_cible, sor_champs, and sor_ordre HTTP POST parameters. This allows an attacker to access all the data in the database and obtain access to the webTareas application.
webtareas_projectCWE-89webTareas version 2.4 and earlier allows an authenticated user to arbitrarily upload potentially dangerous files without restrictions
webTareas version 2.4 and earlier allows an authenticated user to arbitrarily upload potentially dangerous files without restrictions. This is working by adding or replacing a personal profile picture. The affected endpoint is /includes/upload.php on the HTTP POST data. This allows an attacker to exploit the platform by injecting code or malware and, under certain conditions, to execute code on remote user browsers.
webtareas_projectCWE-434A Cross-Site Request Forgery (CSRF) vulnerability in webTareas version 2.4 and earlier allows a remote attacker to create a new administr...
A Cross-Site Request Forgery (CSRF) vulnerability in webTareas version 2.4 and earlier allows a remote attacker to create a new administrative profile and add a new user to the new profile. without the victim's knowledge, by enticing an authenticated admin user to visit an attacker's web page.
webtareas_projectCWE-352The file extension of the TadTools file upload function fails to filter, thus remote attackers can upload any types of files and execute ...
The file extension of the TadTools file upload function fails to filter, thus remote attackers can upload any types of files and execute arbitrary code without logging in.
tadtools_projectCWE-434Flatpak is a system for building, distributing, and running sandboxed desktop applications on Linux
Flatpak is a system for building, distributing, and running sandboxed desktop applications on Linux. In versions prior to 1.10.4 and 1.12.0, Flatpak apps with direct access to AF_UNIX sockets such as those used by Wayland, Pipewire or pipewire-pulse can trick portals and other host-OS services into treating the Flatpak app as though it was an ordinary, non-sandboxed host-OS process. They can do this by manipulating the VFS using recent mount-related syscalls that are not blocked by Flatpak's denylist seccomp filter, in order to substitute a crafted `/.flatpak-info` or make that file disappear entirely. Flatpak apps that act as clients for AF_UNIX sockets such as those used by Wayland, Pipewire or pipewire-pulse can escalate the privileges that the corresponding services will believe the Flatpak app has. Note that protocols that operate entirely over the D-Bus session bus (user bus), system bus or accessibility bus are not affected by this. This is due to the use of a proxy process `xdg-dbus-proxy`, whose VFS cannot be manipulated by the Flatpak app, when interacting with these buses. Patches exist for versions 1.10.4 and 1.12.0, and as of time of publication, a patch for version 1.8.2 is being planned. There are no workarounds aside from upgrading to a patched version.
debianfedoraprojectflatpakCWE-20A SQL injection vulnerability exists in Subrion CMS v4.2.1 in the visual-mode
A SQL injection vulnerability exists in Subrion CMS v4.2.1 in the visual-mode.
intelliantsCWE-89Zoho ManageEngine ADManager Plus before 7110 is vulnerable to blind XXE
Zoho ManageEngine ADManager Plus before 7110 is vulnerable to blind XXE.
zohocorpCWE-611Xshell before 7.0.0.76 allows attackers to cause a crash by triggering rapid changes to the title bar
Xshell before 7.0.0.76 allows attackers to cause a crash by triggering rapid changes to the title bar.
netsarangAn issue was discovered in Zammad before 4.1.1
An issue was discovered in Zammad before 4.1.1. SSRF can occur via GitHub or GitLab integration.
zammadCWE-918An issue was discovered in Zammad before 4.1.1
An issue was discovered in Zammad before 4.1.1. The Form functionality allows remote code execution because deserialization is mishandled.
zammadCWE-502An issue was discovered in Zammad before 4.1.1
An issue was discovered in Zammad before 4.1.1. The REST API discloses sensitive information.
zammadCWE-200
8.8 HIGH
9.8 CRITICAL
2.9 LOWWeekly digest
Get the curated CVE digest every Monday
One email a week, sent Monday morning CET. The CVEs published or modified in the last seven days, severity-ordered, with the QSearch coverage signal. Unsubscribe with one click — included in every send.
Pipe the CVE feed into your stack.
CVE Watch publishes RSS, Atom, and JSON feeds — wire them into your SIEM, Slack, Discord, or your RSS reader of choice. Or get the curated weekly digest by email.