Lucene search
K

4 matches found

RedhatCVE
RedhatCVE
added 2026/03/26 3:0 p.m.4 views

CVE-2026-33057

Mesop is a Python-based UI framework that allows users to build web applications. In versions 1.2.2 and below, an explicit web endpoint inside the ai/ testing module infrastructure directly ingests untrusted Python code strings unconditionally without authentication measures, yielding standard...

9.8CVSS5.9AI score0.05289EPSS
Exploits0References1
OSV
OSV
added 2024/01/24 6:5 p.m.33 views

CVE-2024-23648 Pimcore Admin Classic Bundle host header injection in the password reset

Pimcore's Admin Classic Bundle provides a backend user interface for Pimcore. The password reset functionality sends to the the user requesting a password change an email containing an URL to reset its password. The URL sent contains a unique token, valid during 24 hours, allowing the user to res...

8.8CVSS8.6AI score0.00827EPSS
Exploits1References4
Prion
Prion
added 2022/09/23 8:15 a.m.19 views

Design/Logic Flaw

netlify-ipx is an on-Demand image optimization for Netlify using ipx. In versions prior to 1.2.3, an attacker can bypass the source image domain allowlist by sending specially crafted headers, causing the handler to load and return arbitrary images. Because the response is cached globally, this...

4.9CVSS5.4AI score0.00358EPSS
Exploits0References1Affected Software1
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2014/06/24 12:0 a.m.39 views

JVN#05329568: Login rebuilder vulnerable to cross-site request forgery

Login rebuilder is a plugin for WordPress. Login rebuilder contains a cross-site request forgery vulnerability. Impact If a user views a malicious page while logged in, unintended operations may be conducted. Solution Update the Software Update to the latest version according to the information...

6.8CVSS6.1AI score0.01076EPSS
Exploits0
Rows per page
Query Builder