CVE Vulnerability Catalog
Translated CVE descriptions from NVD NIST - in English
CISA KEV catalog updated: (v2026.07.10)
GitLab has remediated an issue in GitLab CE/EE affecting all versions from 15.10 before 18.10.8, 18.11 before 18.11.5, and 19.0 before 19.0.2. Under certain conditions, an authenticated user with developer-role permissions could modify hidden merge requests due to incorrect authorization enforcements.
Cerebrate before version 1.37 exposed credential data from self-registration requests. User passwords are stored in message data and can be returned in API responses, creating a risk of disclosure.
A vulnerability in the membraneframework membrane_mp4_plugin allows unauthenticated denial-of-service via BEAM atom table exhaustion. The MP4 box header parser does not validate box names, leading to permanent atom allocations.
GitLab has remediated an issue in GitLab CE/EE affecting all versions from 17.10 before 18.10.8, 18.11 before 18.11.5, and 19.0 before 19.0.2. Under certain conditions, an authenticated user could have caused denial of service due to uncontrolled resource consumption when processing a specially crafted file upload.
GitLab has remediated an issue in GitLab CE/EE affecting all versions from 17.0 before 18.10.8, 18.11 before 18.11.5, and 19.0 before 19.0.2. This issue could have allowed an authenticated user to cause denial of service on the CI/CD Catalog page due to improper sanitization.
MetroStore has a missing authorization vulnerability that allows exploiting incorrectly configured access control security levels.
CVE-2023-25969 describes a missing authorization vulnerability in the ThemeHunk Contact Form & Lead Form Elementor Builder, allowing exploitation of incorrectly configured access control security levels.
CSRF vulnerability in weDevs WooCommerce Conversion Tracking allows Cross-Site Request Forgery. This issue affects versions from n/a through 2.0.10.
CVE-2022-45813 is a vulnerability in the BeRocket Advanced AJAX Product Filters plugin that has a missing authorization issue, allowing exploitation of incorrectly configured access control security levels.
Cerebrate before version 1.37 allowed the id primary key field to be supplied through request input during CRUD edit operations and certain custom entity patching flows. This enabled an authenticated attacker to craft edit requests that could modify unrelated records.
An integer underflow vulnerability was found in the berval2tl_data() function in MIT krb5, which can lead to out-of-bounds memory reads. The issue occurs when the buffer length (bv_len) is 0 or 1, causing incorrect calculations and reading up to 65534 bytes from a 0-1 byte buffer.
CVE-2025-7064 affects the ABB Freelance system and allows authentication bypass due to a primary weakness. It impacts Freelance versions from 2013 to 2024.
CSRF vulnerability in YITH WooCommerce Product Slider Carousel allows Cross Site Request Forgery. This affects versions from n/a through 1.16.0.
TemplateHouse Soledad has a missing authorization vulnerability that allows access to functionality not properly constrained by access control lists (ACLs). This issue affects Soledad from n/a through 8.2.5.
CVE-2024-32110 describes a Cross-Site Request Forgery (CSRF) vulnerability in Magepeople inc.'s WpEvently, allowing for CSRF attacks.
CVE-2023-40200 is a vulnerability in the WP Logo Showcase Responsive Slider and Carousel plugin that allows authorization bypass through a user-controlled key. This issue affects versions from n/a to 3.6.
Spring Boot uses a fixed, static path for the embedded Artemis message broker's data directory when no explicit path is configured. A local attacker can pre-create this predictable directory or place a symlink before the application starts.
Several Spring WS integration paths with Spring Security could expose detailed account state information, such as locked or disabled user accounts, through exception messages or callback outcomes. This behavior assists remote attackers in distinguishing valid accounts from invalid ones.
Wss4jSecurityInterceptor defaulted allowRSA15KeyTransportAlgorithm to true, overriding Apache WSS4J's safer default for validation RequestData. Inbound WS-Security decryption could therefore accept RSA PKCS#1 v1.5 encrypted key material unless operators explicitly reconfigured the flag.
X509AuthenticationProvider could issue a fully authenticated X509AuthenticationToken for a certificate mapped to UserDetails, without applying Spring Security's standard account lifecycle checks.

