Lucene search
K

23 matches found

ATTACKERKB
ATTACKERKB
added 2026/03/31 9:35 p.m.1 views

CVE-2026-34451

Claude SDK for TypeScript provides access to the Claude API from server-side TypeScript or JavaScript applications. From version 0.79.0 to before version 0.81.0, the local filesystem memory tool in the Anthropic TypeScript SDK validated model-supplied paths using a string prefix check that did no...

6.3CVSS5.8AI score0.00292EPSS
Exploits0References4Affected Software1
OpenVAS
OpenVAS
added 2026/01/06 12:0 a.m.3 views

Fedora: Security Advisory (FEDORA-2025-58fe871812)

The remote host is missing an update for the SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.8CVSS6.5AI score0.00218EPSS
Exploits1References7
OpenVAS
OpenVAS
added 2026/01/06 12:0 a.m.3 views

Fedora: Security Advisory (FEDORA-2025-ec760de8e2)

The remote host is missing an update for the SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.8CVSS6.5AI score0.00218EPSS
Exploits1References7
Tenable Nessus
Tenable Nessus
added 2026/01/06 12:0 a.m.6 views

Fedora 42 : proxychains-ng (2025-ec760de8e2)

The remote Fedora 42 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2025-ec760de8e2 advisory. Update to master to fix CVE-2025-34451 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that...

7.8CVSS5.6AI score0.00218EPSS
Exploits1References2
UbuntuCve
UbuntuCve
added 2025/12/18 10:15 p.m.3 views

CVE-2025-34451

rofl0r/proxychains-ng versions up to and including 4.17 and prior to commit cc005b7 contain a stack-based buffer overflow vulnerability in the function proxyfromstring located in src/libproxychains.c. When parsing crafted proxy configuration entries containing overly long username or password...

7.8CVSS6.4AI score0.00218EPSS
Exploits1References5
Positive Technologies
Positive Technologies
added 2025/08/22 12:0 a.m.6 views

PT-2025-34451 · Reolink · Reolink

Name of the Vulnerable Software and Affected Versions: Reolink version 4.54.0.4.20250526 Description: A cross-site scripting XSS issue exists in the valuateJavascript function, potentially allowing attackers to execute arbitrary web scripts or HTML via a crafted payload. Recommendations: Update t...

6.1CVSS6.3AI score0.00213EPSS
Exploits1References4
Circl
Circl
added 2025/03/24 6:22 p.m.6 views

CVE-2022-34451

creationtimestamp| type| source ---|---|--- 2025-03-24 18:22:49+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/8486...

4.8CVSS4.9AI score0.00341EPSS
Exploits0References1
OSV
OSV
added 2024/06/16 10:15 p.m.7 views

CVE-2024-34451

Ghost through 5.85.1 allows remote attackers to bypass an authentication rate-limit protection mechanism by using many X-Forwarded-For headers with different values. NOTE: the vendor's position is that Ghost should be installed with a reverse proxy that allows only trusted X-Forwarded-For headers...

9.1CVSS7.2AI score
Exploits0References3
Cvelist
Cvelist
added 2024/06/16 12:0 a.m.29 views

CVE-2024-34451

Ghost through 5.85.1 allows remote attackers to bypass an authentication rate-limit protection mechanism by using many X-Forwarded-For headers with different values. NOTE: the vendor's position is that Ghost should be installed with a reverse proxy that allows only trusted X-Forwarded-For headers...

0.00766EPSS
Exploits1References3
CVE
CVE
added 2024/06/16 12:0 a.m.58 views

CVE-2024-34451

Ghost through 5.85.1 allows remote attackers to bypass an authentication rate-limiting protection mechanism by using multiple X-Forwarded-For headers with different values. Affected software: Ghost, version 5.85.1 and earlier. Root cause: abuse of X-Forwarded-For headers to defeat rate-limiting. ...

9.1CVSS7.5AI score0.00766EPSS
Exploits1References3Affected Software1
Circl
Circl
added 2023/07/03 8:22 p.m.5 views

CVE-2023-34451

creationtimestamp| type| source ---|---|--- 2023-07-03 20:22:39+00:00| seen| https://t.me/cibsecurity/65870...

8.2CVSS7.9AI score0.00742EPSS
Exploits1References1
NVD
NVD
added 2023/07/03 5:15 p.m.26 views

CVE-2023-34451

CometBFT is a Byzantine Fault Tolerant BFT middleware that takes a state transition machine and replicates it on many machines. The mempool maintains two data structures to keep track of outstanding transactions: a list and a map. These two data structures are supposed to be in sync all the time ...

8.2CVSS7.9AI score0.00742EPSS
Exploits1References3
Cvelist
Cvelist
added 2023/07/03 4:35 p.m.31 views

CVE-2023-34451 CometBFT may duplicate transactions in the mempool's data structures

CometBFT is a Byzantine Fault Tolerant BFT middleware that takes a state transition machine and replicates it on many machines. The mempool maintains two data structures to keep track of outstanding transactions: a list and a map. These two data structures are supposed to be in sync all the time ...

8.2CVSS8.1AI score0.00742EPSS
Exploits1References3
CVE
CVE
added 2023/07/03 4:35 p.m.60 views

CVE-2023-34451

Summary: CVE-2023-34451 affects CometBFT. The mempool’s two data structures (list and map) can fall out of sync, causing duplicate transactions that cannot be fully removed until a restart. This issue is described across multiple sources (NVD, GHSA, OSV) with concrete steps and impact details. Af...

8.2CVSS7.8AI score0.00742EPSS
Exploits1References3Affected Software1
Vulnrichment
Vulnrichment
added 2023/02/10 8:59 p.m.4 views

CVE-2022-34451

PowerPath Management Appliance with versions 3.3 & 3.2, 3.1 & 3.0 contains a Stored Cross-site Scripting Vulnerability. An authenticated admin user could potentially exploit this vulnerability, to hijack user sessions or trick a victim application user into unknowingly send arbitrary requests to...

4.8CVSS6.5AI score0.00341EPSS
Exploits0References1
CVE
CVE
added 2023/02/10 8:59 p.m.41 views

CVE-2022-34451

PowerPath Management Appliance (Dell) is affected by a Stored Cross‑site Scripting vulnerability. Affects versions 3.3, 3.2*, 3.1, and 3.0*; the issue is exploitable by an authenticated admin user who could hijack user sessions or induce a victim application user to issue arbitrary requests to th...

4.8CVSS4.9AI score0.00341EPSS
Exploits0References1Affected Software1
NVD
NVD
added 2021/07/16 9:15 p.m.32 views

CVE-2021-34451

Microsoft Office Online Server Spoofing Vulnerability...

5.3CVSS0.01664EPSS
Exploits0References1
CVE
CVE
added 2021/07/16 8:19 p.m.150 views

CVE-2021-34451

CVE-2021-34451 is a spoofing vulnerability affecting Microsoft Office Online Server. Affected product set includes Office Online Server and related Office components; exploitability is network-based with low complexity and no user interaction required per CVSS metrics (CVSS v3.1: 5.3). Microsoft ...

5.3CVSS5.5AI score0.01664EPSS
Exploits0References1Affected Software1
Tenable Nessus
Tenable Nessus
added 2021/07/13 12:0 a.m.56 views

Security Updates for Microsoft Office Web Apps (July 2021)

The Microsoft Office Web Apps installation on the remote host is missing security updates. It is, therefore, affected by the following vulnerabilities: - Multiple remote code execution vulnerabilities in Microsoft Excel. CVE-2021-34501, CVE-2021-34518 - A spoofing vulnerability in Microsoft Offic...

8.8CVSS7.4AI score0.53178EPSS
Exploits0References5
Kaspersky
Kaspersky
added 2021/07/13 12:0 a.m.54 views

KLA12220 Multiple vulnerabilities in Microsoft Office

Multiple vulnerabilities were found in Microsoft Office. Malicious users can exploit these vulnerabilities to execute arbitrary code, spoof user interface, bypass security restrictions, obtain sensitive information. Below is a complete list of vulnerabilities: 1. A remote code execution...

8.8CVSS8.4AI score0.53178EPSS
Exploits0References28
Rows per page
Query Builder