Skip to main content

CWE-688

Function Call With Incorrect Variable or Reference as Argument

3 CVEs Avg CVSS 5.6 MITRE
0
CRITICAL
0
HIGH
3
MEDIUM
0
LOW
0
POC
0
KEV

Monthly

CVE-2026-12311 MEDIUM PATCH This Month

Information disclosure, sandbox escape in the Security: Process Sandboxing component. This vulnerability was fixed in Firefox 152 and Firefox ESR 140.12.

Mozilla Information Disclosure Red Hat Suse
NVD VulDB
CVSS 3.1
4.7
EPSS
0.2%
CVE-2026-33549 MEDIUM PATCH This Month

SPIP versions 4.4.10 through 4.4.12 contain a privilege escalation vulnerability that allows authenticated users with limited permissions to assign administrator privileges to themselves or other accounts through improper handling of the STATUT field during author data structure editing. An attacker with login credentials and user interaction can exploit this to gain full administrative control, leading to complete compromise of the CMS instance. The vulnerability was patched in version 4.4.13.

Information Disclosure Spip
NVD VulDB
CVSS 3.1
6.7
EPSS
0.0%
CVE-2021-33713 MEDIUM This Month

A vulnerability has been identified in JT Utilities (All versions < V13.0.2.0). Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Jt Utilities
NVD
CVSS 3.1
5.5
EPSS
0.2%
EPSS 0% CVSS 4.7
MEDIUM PATCH This Month

Information disclosure, sandbox escape in the Security: Process Sandboxing component. This vulnerability was fixed in Firefox 152 and Firefox ESR 140.12.

Mozilla Information Disclosure Red Hat +1
NVD VulDB
EPSS 0% CVSS 6.7
MEDIUM PATCH This Month

SPIP versions 4.4.10 through 4.4.12 contain a privilege escalation vulnerability that allows authenticated users with limited permissions to assign administrator privileges to themselves or other accounts through improper handling of the STATUT field during author data structure editing. An attacker with login credentials and user interaction can exploit this to gain full administrative control, leading to complete compromise of the CMS instance. The vulnerability was patched in version 4.4.13.

Information Disclosure Spip
NVD VulDB
EPSS 0% CVSS 5.5
MEDIUM This Month

A vulnerability has been identified in JT Utilities (All versions < V13.0.2.0). Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Jt Utilities
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy