Lucene search
+L

21 matches found

nuclei
nuclei
added 9 hours ago85 views

Apache Druid - Server-Side Request Forgery

Server-Side Request Forgery SSRF, Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting', URL Redirection to Untrusted Site 'Open Redirect' vulnerability in Apache Druid.This issue affects all previous Druid versions.When using the Druid management proxy, a request tha...

5.8CVSS6.9AI score0.01656EPSS
Exploits0References2
susecve
susecve
added 2026/06/04 2:23 a.m.10 views

SUSE CVE-2026-45283

Nextcloud is an open source content collaboration platform. In Nextcloud Server from versions 32.0.0 to before 32.0.2, and 33.0.0 to before 33.0.1, the fileslock app did not properly validate the ownership of files when processing DAV lock and unlock requests. An authenticated user could lock or...

6.3CVSS5.7AI score0.00211EPSS
Exploits0References3
attackerkb
attackerkb
added 2026/06/01 4:53 p.m.9 views

CVE-2026-45283

Nextcloud is an open source content collaboration platform. In Nextcloud Server from versions 32.0.0 to before 32.0.2, and 33.0.0 to before 33.0.1, the fileslock app did not properly validate the ownership of files when processing DAV lock and unlock requests. An authenticated user could lock or...

6.3CVSS5.7AI score0.00211EPSS
Exploits0References4Affected Software1
osv
osv
added 2026/05/05 12:0 a.m.2 views

CVE-2026-42997

An issue was discovered in idrac in OpenStack Ironic before 35.0.1. During import, a user invoking molds can request authorization to be sent to a remote endpoint. The credential forwarded is a time-limited Keystone token which provides access to all OpenStack services Ironic is authorized for; o...

7.7CVSS6AI score0.0044EPSS
Exploits0References9
snyk
snyk
added 2026/04/28 6:30 a.m.8 views

Unsafe Dependency Resolution

Overview ironic is an OpenStack Bare Metal Provisioning Affected versions of this package are vulnerable to Unsafe Dependency Resolution in the ipmitool process when a non-default configuration enables a console interface. An attacker can execute unauthorized commands by leveraging access to the...

7.5CVSS5.9AI score0.0057EPSS
Exploits0References2
euvd
euvd
added 2025/10/03 8:7 p.m.7 views

EUVD-2023-1730

Malicious code in bioql PyPI...

7.1CVSS6.4AI score0.00248EPSS
Exploits0References9
atlassian
atlassian
added 2024/02/14 8:46 p.m.53 views

com.google.guava:guava Dependency in Confluence Data Center and Server

This High severity com.google.guava:guava Dependency vulnerability was introduced in versions 4.0 of Confluence Data Center and Server. This com.google.guava:guava Dependency vulnerability, with a CVSS Score of 7.1 and a CVSS Vector of CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N allows an...

7.1CVSS7.7AI score0.00248EPSS
Exploits0
amazon
amazon
added 2023/12/14 12:0 a.m.5 views

Medium: guava

Issue Overview: Use of Java's default temporary directory for file creation in FileBackedOutputStream in Google Guava versions 1.0 to 31.1 on Unix systems and Android Ice Cream Sandwich allows other users and apps on the machine with access to the default Java temporary directory to be able to...

7.1CVSS8.7AI score0.00248EPSS
Exploits0
amazon
amazon
added 2023/08/25 12:0 a.m.5 views

Low: guava

Issue Overview: No CVE associated with this advisory Affected Packages: guava Issue Correction: Run dnf update guava --releasever 2023.1.20230825 or dnf update --advisory ALAS2023-2023-305 --releasever 2023.1.20230825 to update your system. More information on how to update your system can be fou...

7.1CVSS6.8AI score0.00248EPSS
Exploits0
osv
osv
added 2023/07/08 11:5 a.m.8 views

OESA-2023-1411 guava20 security update

Guava is a set of core libraries that includes new collection types ,immutable collections, a graph library, and utilities for concurrency, I/O, hashing, primitives, strings, and more. Security Fixes: Use of Java's default temporary directory for file creation in FileBackedOutputStream in Google...

7.1CVSS8.7AI score0.00248EPSS
Exploits0References2
osv
osv
added 2023/07/08 11:5 a.m.5 views

OESA-2023-1412 guava security update

Guava is a set of core Java libraries from Google that includes new collection types such as multimap and multiset, immutable collections, a graph library, and utilities for concurrency, I/O, hashing, caching, primitives, strings, and more! It is widely used on most Java projects within Google, a...

7.1CVSS8.7AI score0.00248EPSS
Exploits0References2
osv
osv
added 2023/06/14 6:30 p.m.44 views

GHSA-7G45-4RM6-3MM3 Guava vulnerable to insecure use of temporary directory

Use of Java's default temporary directory for file creation in FileBackedOutputStream in Google Guava versions 1.0 to 31.1 on Unix systems and Android Ice Cream Sandwich allows other users and apps on the machine with access to the default Java temporary directory to be able to access the files...

5.5CVSS6AI score0.00248EPSS
Exploits0References9
nvd
nvd
added 2023/06/14 6:15 p.m.57 views

CVE-2023-2976

Use of Java's default temporary directory for file creation in FileBackedOutputStream in Google Guava versions 1.0 to 31.1 on Unix systems and Android Ice Cream Sandwich allows other users and apps on the machine with access to the default Java temporary directory to be able to access the files...

7.1CVSS6.4AI score0.00248EPSS
Exploits0References4
osv
osv
added 2023/06/14 6:15 p.m.1 views

DEBIAN-CVE-2023-2976

Use of Java's default temporary directory for file creation in FileBackedOutputStream in Google Guava versions 1.0 to 31.1 on Unix systems and Android Ice Cream Sandwich allows other users and apps on the machine with access to the default Java temporary directory to be able to access the files...

7.1CVSS6.3AI score0.00248EPSS
Exploits0References1
osv
osv
added 2023/06/14 6:15 p.m.5 views

AZL-27173 CVE-2023-2976 affecting package guava for versions less than 25.0-8

Use of Java's default temporary directory for file creation in FileBackedOutputStream in Google Guava versions 1.0 to 31.1 on Unix systems and Android Ice Cream Sandwich allows other users and apps on the machine with access to the default Java temporary directory to be able to access the files...

7.1CVSS6.6AI score0.00248EPSS
Exploits0References1
prion
prion
added 2023/06/14 6:15 p.m.27 views

Design/Logic Flaw

Use of Java's default temporary directory for file creation in FileBackedOutputStream in Google Guava versions 1.0 to 31.1 on Unix systems and Android Ice Cream Sandwich allows other users and apps on the machine with access to the default Java temporary directory to be able to access the files...

3.2CVSS6.5AI score0.00248EPSS
Exploits0References3Affected Software1
vulnrichment
vulnrichment
added 2023/06/14 5:36 p.m.1 views

CVE-2023-2976 Use of temporary directory for file creation in `FileBackedOutputStream` in Guava

Use of Java's default temporary directory for file creation in FileBackedOutputStream in Google Guava versions 1.0 to 31.1 on Unix systems and Android Ice Cream Sandwich allows other users and apps on the machine with access to the default Java temporary directory to be able to access the files...

5.5CVSS5.5AI score0.00248EPSS
Exploits0References3
debiancve
debiancve
added 2023/06/14 5:36 p.m.38 views

CVE-2023-2976

Use of Java's default temporary directory for file creation in FileBackedOutputStream in Google Guava versions 1.0 to 31.1 on Unix systems and Android Ice Cream Sandwich allows other users and apps on the machine with access to the default Java temporary directory to be able to access the files...

7.1CVSS6.4AI score0.00248EPSS
Exploits0
osv
osv
added 2023/06/14 5:36 p.m.37 views

CVE-2023-2976 Use of temporary directory for file creation in `FileBackedOutputStream` in Guava

Use of Java's default temporary directory for file creation in FileBackedOutputStream in Google Guava versions 1.0 to 31.1 on Unix systems and Android Ice Cream Sandwich allows other users and apps on the machine with access to the default Java temporary directory to be able to access the files...

5.5CVSS6.7AI score0.00248EPSS
Exploits0References6
cvelist
cvelist
added 2023/06/14 5:36 p.m.28 views

CVE-2023-2976 Use of temporary directory for file creation in `FileBackedOutputStream` in Guava

Use of Java's default temporary directory for file creation in FileBackedOutputStream in Google Guava versions 1.0 to 31.1 on Unix systems and Android Ice Cream Sandwich allows other users and apps on the machine with access to the default Java temporary directory to be able to access the files...

5.5CVSS7.1AI score0.00248EPSS
Exploits0References3
Rows per page
Query Builder