Lucene search
K

10 matches found

Cvelist
Cvelist
added 2026/05/09 3:42 a.m.51 views

CVE-2026-42297 Argo Workflows Is Missing Authorization in Sync ConfigMap Provider

Argo Workflows is an open source container-native workflow engine for orchestrating parallel jobs on Kubernetes. From version 4.0.0 to before version 4.0.5, the Sync Service's ConfigMap-backed provider server/sync/synccm.go performs zero authorization checks on all CRUD operations create, read,...

8.5CVSS0.00515EPSS
Exploits1References3
vulnersOsv
vulnersOsv
added 2026/03/24 7:12 p.m.7 views

@openinc/parse-server-opendash (>=4.0.0 <=4.0.4) potentially affected by CVE-2026-33539 via parse-server (>=9.6.0-alpha.37 <=9.6.0-alpha.43)

parse-server NPM version =9.6.0-alpha.37, =4.0.0, =4.0.4 Source cves: CVE-2026-33539 Source advisory: OSV:GHSA-P2W6-RMH7-W8Q3...

8.6CVSS5.8AI score0.00452EPSS
Exploits0
Positive Technologies
Positive Technologies
added 2025/01/21 12:0 a.m.6 views

PT-2025-3165 · Northern.Tech · Mender Client

Name of the Vulnerable Software and Affected Versions: Northern.tech Mender Client versions 4.0.0 through 4.0.4 Description: The issue is related to insecure permissions in the Northern.tech Mender Client. Recommendations: For Northern.tech Mender Client versions 4.0.0 through 4.0.4, update to...

9.1CVSS7.2AI score0.00781EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2024/04/09 12:0 a.m.7 views

PT-2024-3042 · Fortinet · Fortisandbox

Name of the Vulnerable Software and Affected Versions: Fortinet FortiSandbox versions 4.0.0 through 4.0.4 Fortinet FortiSandbox versions 4.2.0 through 4.2.6 Fortinet FortiSandbox versions 4.4.0 through 4.4.3 Description: The issue exists due to improper neutralization of special elements used in ...

9CVSS8.1AI score0.0248EPSS
Exploits0References10
Positive Technologies
Positive Technologies
added 2024/04/09 12:0 a.m.4 views

PT-2024-3041 · Fortinet · Fortisandbox

Name of the Vulnerable Software and Affected Versions: Fortinet FortiSandbox versions 4.0.0 through 4.0.4 Fortinet FortiSandbox versions 4.2.0 through 4.2.6 Fortinet FortiSandbox versions 4.4.0 through 4.4.3 Description: The issue is related to an improper limitation of a pathname to a restricted...

8.5CVSS7.8AI score0.01159EPSS
Exploits0References10
CNNVD
CNNVD
added 2024/04/09 12:0 a.m.4 views

Fortinet FortiSandbox 安全漏洞

Fortinet FortiSandbox is an APT Advanced Persistent Threat protection appliance from Fortinet. The appliance offers dual sandboxing technology, dynamic threat intelligence system, real-time control panel and reporting. Fortinet FortiSandbox has a security vulnerability that stems from the presenc...

8.8CVSS7.9AI score0.0248EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2023/07/06 12:0 a.m.5 views

PT-2023-7453 · Mastodon · Mastodon

Name of the Vulnerable Software and Affected Versions: Mastodon versions 1.3 through 3.5.8 Mastodon versions 4.0.0 through 4.0.4 Mastodon versions 4.1.0 through 4.1.2 Description: The issue is related to the processing of oEmbed data in Mastodon, which can allow an attacker to bypass HTML...

9.4CVSS6.4AI score0.01093EPSS
Exploits0References16
Positive Technologies
Positive Technologies
added 2023/07/06 12:0 a.m.6 views

PT-2023-8743 · Mastodon · Mastodon

Name of the Vulnerable Software and Affected Versions: Mastodon versions 3.5.0 through 3.5.8 Mastodon versions 4.0.0 through 4.0.4 Mastodon versions 4.1.0 through 4.1.2 Description: The issue arises from a flaw in the media processing code, allowing attackers to create arbitrary files at any...

9.9CVSS9.6AI score0.37264EPSS
Exploits0References20
Positive Technologies
Positive Technologies
added 2023/07/06 12:0 a.m.6 views

PT-2023-25578 · Mastodon · Mastodon

Name of the Vulnerable Software and Affected Versions: Mastodon versions 2.6.0 through 3.5.8 Mastodon versions 4.0.0 through 4.0.4 Mastodon versions 4.1.0 through 4.1.2 Description: Mastodon is a free, open-source social network server based on ActivityPub. An attacker can craft a verified profil...

5.4CVSS6.4AI score0.00527EPSS
Exploits0References11
Positive Technologies
Positive Technologies
added 2022/11/23 12:0 a.m.11 views

PT-2022-26153 · Grails · Grails Spring Security Core Plugin

Name of the Vulnerable Software and Affected Versions: Grails Spring Security Core plugin versions 1.x Grails Spring Security Core plugin versions 2.x Grails Spring Security Core plugin versions 3.0.0 through 3.3.1 Grails Spring Security Core plugin versions 4.0.0 through 4.0.4 Grails Spring...

9.8CVSS9.5AI score0.01693EPSS
Exploits0References9
Rows per page
Query Builder