Lucene search
K

118 matches found

Vulnrichment
Vulnrichment
added 2026/05/14 10:29 a.m.10 views

CVE-2026-8468 Unbounded buffer accumulation in multipart header parsing causes denial of service in plug

Allocation of Resources Without Limits or Throttling vulnerability in plugproject plug allows denial of service via unbounded buffer accumulation in multipart header parsing. 'Elixir.Plug.Conn':readpartheaders/2 in lib/plug/conn.ex does not obey its :length parameter. There is no upper bound on t...

8.2CVSS6AI score0.0062EPSS
Exploits0References9
RedHat Linux
RedHat Linux
added 2026/03/04 7:52 a.m.6 views

Important: Red Hat Security Advisory: Red Hat OpenShift Pipelines Release 1.15.4

The 1.15.4 GA release of Red Hat OpenShift Pipelines Operator.. For more details see product documentation. The 1.15.4 release of Red Hat OpenShift Pipelines Operator...

9.8CVSS6.8AI score0.01952EPSS
Exploits0References7
RedHat Linux
RedHat Linux
added 2026/03/04 7:12 a.m.6 views

Important: Red Hat Security Advisory: Red Hat OpenShift Pipelines Release 1.15.4

The 1.15.4 GA release of Red Hat OpenShift Pipelines Operator.. For more details see product documentation. The 1.15.4 release of Red Hat OpenShift Pipelines Operator...

9.1CVSS6.9AI score0.01535EPSS
Exploits4References13
RedhatCVE
RedhatCVE
added 2026/02/27 4:13 a.m.4 views

CVE-2026-3209

A vulnerability has been found in fosrl Pangolin up to 1.15.4-s.3. This affects the function verifyRoleAccess/verifyApiKeyRoleAccess of the component Role Handler. The manipulation leads to improper access controls. Remote exploitation of the attack is possible. The exploit has been disclosed to...

6.5CVSS5.7AI score0.00306EPSS
Exploits0References1
EUVD
EUVD
added 2026/02/26 12:31 a.m.7 views

EUVD-2026-8779

A vulnerability has been found in fosrl Pangolin up to 1.15.4-s.3. This affects the function verifyRoleAccess/verifyApiKeyRoleAccess of the component Role Handler. The manipulation leads to improper access controls. Remote exploitation of the attack is possible. The exploit has been disclosed to...

6.5CVSS5.8AI score0.00306EPSS
Exploits0References9
ATTACKERKB
ATTACKERKB
added 2026/02/25 11:2 p.m.4 views

CVE-2026-3209

A vulnerability has been found in fosrl Pangolin up to 1.15.4-s.3. This affects the function verifyRoleAccess/verifyApiKeyRoleAccess of the component Role Handler. The manipulation leads to improper access controls. Remote exploitation of the attack is possible. The exploit has been disclosed to...

6.5CVSS4.7AI score0.00306EPSS
Exploits0References9
Positive Technologies
Positive Technologies
added 2026/02/25 12:0 a.m.8 views

PT-2026-22042

Name of the Vulnerable Software and Affected Versions fosrl Pangolin versions up to 1.15.4-s.3 Description A flaw exists in the Role Handler component of fosrl Pangolin. Specifically, the verifyRoleAccess/verifyApiKeyRoleAccess function is susceptible to manipulation, resulting in improper access...

6.5CVSS6.2AI score0.00306EPSS
Exploits0References11
CNNVD
CNNVD
added 2026/02/25 12:0 a.m.9 views

pangolin 访问控制错误漏洞

Pangolin is an open-source proxy software developed by Pangolin. Versions of Pangolin 1.15.4-s.3 and earlier contained a vulnerability related to access control. This vulnerability stemmed from improper access control in the function verifyRoleAccess/verifyApiKeyRoleAccess of the Role Handler...

6.5CVSS6.6AI score0.00306EPSS
Exploits0References9
vulnersOsv
vulnersOsv
added 2026/01/15 7:24 p.m.8 views

0xkit (=0.0.1), 0xpass (>=0.0.11 <=0.1.26) +7842 more potentially affected by CVE-2026-23527 via h3 (>=1.0.1 <=1.15.4)

h3 NPM version =1.0.1, =0.0.11, =0.0.0-canary-3a59770274bcb6f3bebd5d1b93a2c92d1fc4edbd, =0.0.2, =0.1.0, =1.1.0, =0.1.0, =0.1.0, =1.0.21, =2.0.0, =0.1.4, =0.1.0, =1.0.10, =1.0.11 and more Source cves: CVE-2026-23527 Source advisory: SNYK:JS-H3-15010914...

9.8CVSS5.7AI score0.00576EPSS
Exploits1
EUVD
EUVD
added 2025/10/07 12:30 a.m.8 views

EUVD-2020-0201

Malware in sbrugna...

9.8CVSS9.1AI score0.01015EPSS
Exploits1References10
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2020-21243

Malware in sbrugna...

7.5CVSS7.6AI score0.02297EPSS
Exploits1References12
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2008-4638

Malware in sbrugna...

7.5CVSS6.4AI score0.01096EPSS
Exploits0References6
EUVD
EUVD
added 2025/10/03 8:7 p.m.2 views

EUVD-2021-32507

Malicious code in bioql PyPI...

6.5CVSS6.6AI score0.00891EPSS
Exploits1References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2022-0131

Malicious code in bioql PyPI...

7.5CVSS7.4AI score0.01207EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2025/09/04 7:38 p.m.6 views

Important: Red Hat Security Advisory: Red Hat OpenShift GitOps security update

Red Hat OpenShift GitOps v1.15.4 release An update is now available for Red Hat OpenShift GitOps. Security Fixes: openshift-gitops-1/argocd-rhel8: Project API Token Exposes Repository Credentials gitops-1.15 openshift-gitops-1/argocd-rhel9: Project API Token Exposes Repository Credentials...

9.9CVSS6.1AI score0.04518EPSS
Exploits1References3
Vulnrichment
Vulnrichment
added 2025/08/15 7:32 a.m.5 views

CVE-2025-9020 PX4 PX4-Autopilot Mavlink Shell Closing mavlink_receiver.cpp handle_message_serial_control use after free

A vulnerability was found in PX4 PX4-Autopilot up to 1.15.4. This issue affects the function MavlinkReceiver::handlemessageserialcontrol of the file src/modules/mavlink/mavlinkreceiver.cpp of the component Mavlink Shell Closing Handler. The manipulation of the argument mavlinkshell leads to use...

4.5CVSS4.8AI score0.00139EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2025/08/15 12:0 a.m.7 views

PT-2025-33453 · Px4 · Px4-Autopilot

Name of the Vulnerable Software and Affected Versions: PX4 PX4-Autopilot versions through 1.15.4 Description: A use-after-free issue exists in the MavlinkReceiver::handle message serial control function within the src/modules/mavlink/mavlink receiver.cpp file of the Mavlink Shell Closing Handler...

4.5CVSS4.7AI score0.00139EPSS
Exploits0References11
SUSE CVE
SUSE CVE
added 2025/02/14 4:50 a.m.3 views

SUSE CVE-2024-39286

Incorrect execution-assigned permissions in the Linux kernel mode driver for the IntelR 800 Series Ethernet Driver before version 1.15.4 may allow an authenticated user to potentially enable information disclosure via local access...

3.3CVSS5.7AI score0.00226EPSS
Exploits0References3
OSV
OSV
added 2025/02/12 10:15 p.m.3 views

UBUNTU-CVE-2024-39286

Incorrect execution-assigned permissions in the Linux kernel mode driver for the IntelR 800 Series Ethernet Driver before version 1.15.4 may allow an authenticated user to potentially enable information disclosure via local access...

3.3CVSS5.8AI score0.00226EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2025/02/11 12:0 a.m.5 views

PT-2025-6661 · Intel · Intel 800 Series Ethernet Driver

Name of the Vulnerable Software and Affected Versions: IntelR 800 Series Ethernet Driver versions prior to 1.15.4 Description: The issue is related to incorrect execution-assigned permissions in the Linux kernel mode driver. This may allow an authenticated user to potentially enable information...

3.3CVSS6.5AI score0.00226EPSS
Exploits0References7
Rows per page
Query Builder