Lucene search
+L

44 matches found

Snyk
Snyk
added 2026/05/05 7:52 p.m.10 views

Server-side Request Forgery (SSRF)

Overview requests-hardened is an A library that overrides the default behaviors of the requests library, and adds new security features. Affected versions of this package are vulnerable to Server-side Request Forgery SSRF via the URL filtering process. An attacker can access internal services and...

8.3CVSS5.8AI score0.00305EPSS
Exploits0References2
Circl
Circl
added 2026/04/20 7:39 a.m.8 views

CVE-2026-6598

creationtimestamp| type| source ---|---|--- 2026-04-20 07:39:43+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mjvxniokvd2q...

5.3CVSS5.7AI score0.00152EPSS
Exploits0References1
vulnersOsv
vulnersOsv
added 2026/04/20 5:12 a.m.1 views

langflow-nightly (=1.8.0.dev24) potentially affected by CVE-2026-6598 via langflow-base (=0.7.2)

langflow-base PYPI version =0.7.2 is affected by a known vulnerability. The following packages have a transitive dependency on langflow-base and may be impacted: - langflow-nightly =1.8.0.dev24 Source cves: CVE-2026-6598 Source advisory: SNYK:PYTHON-LANGFLOWBASE-16110822...

5.3CVSS5.8AI score0.00152EPSS
Exploits0
Cvelist
Cvelist
added 2026/04/20 2:45 a.m.51 views

CVE-2026-6598 langflow-ai langflow Project Creation Endpoint projects.py encrypt_auth_settings cleartext storage in file

A security vulnerability has been detected in langflow-ai langflow up to 1.8.3. The affected element is the function createproject/encryptauthsettings of the file src/backend/base/Langflow/api/v1/projects.py of the component Project Creation Endpoint. Such manipulation of the argument authsetting...

5.3CVSS0.00152EPSS
Exploits0References4
Circl
Circl
added 2024/07/09 4:52 p.m.4 views

CVE-2024-6598

creationtimestamp| type| source ---|---|--- 2024-07-09 16:52:08+00:00| seen| https://t.me/cvedetector/350 2026-03-25 03:00:10+00:00| seen| https://www.knime.com/security/advisoriesCVE-2026-4649...

7.1CVSS5AI score0.00544EPSS
Exploits0References2
NVD
NVD
added 2024/07/09 2:15 p.m.18 views

CVE-2024-6598

A denial-of-service attack is possible through the execution functionality of KNIME Business Hub 1.10.0 and 1.10.1. It allows an authenticated attacker with job execution privileges to execute a job that causes internal messages to pile up until there are no more resources available for processin...

7.1CVSS0.00544EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/07/09 1:41 p.m.29 views

CVE-2024-6598 Denial-of-service on KNIME Business Hub when certain jobs are executed

A denial-of-service attack is possible through the execution functionality of KNIME Business Hub 1.10.0 and 1.10.1. It allows an authenticated attacker with job execution privileges to execute a job that causes internal messages to pile up until there are no more resources available for processin...

7.1CVSS0.00544EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2024/01/25 12:0 a.m.53 views

Ubuntu 20.04 LTS / 22.04 LTS / 23.10 : Paramiko vulnerability (USN-6598-1)

The remote Ubuntu 20.04 LTS / 22.04 LTS / 23.10 host has a package installed that is affected by a vulnerability as referenced in the USN-6598-1 advisory. Fabian Bumer, Marcus Brinkmann, Jrg Schwenk discovered that the SSH protocol was vulnerable to a prefix truncation attack. If a remote attacke...

5.9CVSS7.1AI score0.93305EPSS
Exploits4References2
Circl
Circl
added 2024/01/11 10:26 a.m.10 views

CVE-2023-6598

creationtimestamp| type| source ---|---|--- 2024-01-11 10:26:46+00:00| seen| https://t.me/ctinow/166433...

4.3CVSS6.2AI score0.00358EPSS
Exploits0References1
CVE
CVE
added 2024/01/11 8:33 a.m.71 views

CVE-2023-6598

The CVE-2023-6598 entry concerns the SpeedyCache WordPress plugin (versions up to and including 1.1.3) with a missing capability check in functions speedycache_save_varniship, speedycache_img_update_settings, speedycache_preloading_add_settings, and speedycache_preloading_delete_resource. This al...

4.3CVSS4.6AI score0.00358EPSS
Exploits0References2Affected Software1
Patchstack
Patchstack
added 2023/12/15 12:0 a.m.20 views

WordPress SpeedyCache Plugin <= 1.1.3 is vulnerable to Broken Access Control

Software SpeedyCache Type Plugin Vulnerable versions = 1.1.3 Fixed in 1.1.4 OWASP Top 10 A1: Broken Access Control Classification Broken Access Control CVE CVE-2023-6598 Patch priority Low CVSS severity Low 5.4 Developer SpeedyCache PSID 45d8ddb6c2e0 Credits Lucio Sá Required privilege Subscriber...

4.3CVSS6.5AI score0.00358EPSS
Exploits0References4Affected Software1
F5 Networks
F5 Networks
added 2023/02/21 6:59 p.m.55 views

K44603900: BIG-IP Configuration utility vulnerability CVE-2019-6598

Security Advisory Description Malformed requests to the Traffic Management User Interface TMUI, also referred to as the BIG-IP Configuration utility, may lead to disruption of TMUI services. This attack requires an authenticated user with any role other than the No Access role. The No Access user...

4.3CVSS4.8AI score0.01031EPSS
Exploits0Affected Software14
CVE
CVE
added 2019/03/13 10:0 p.m.66 views

CVE-2019-6598

The connected advisory details CVE-2019-6598 affecting BIG-IP TMUI/Configuration utility. Vulnerable in BIG-IP 14.0.0 (to 14.0.0.2), 13.x (to 13.1.0.7/13.1.0.8), 12.1.x (to 12.1.3.5/12.1.3.6), 11.x (to 11.6.3.2/11.5.8), and Enterprise Manager 3.1.1. Attack requires an authenticated user with any ...

4.3CVSS4.5AI score0.01031EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2019/03/13 10:0 p.m.25 views

CVE-2019-6598

In BIG-IP 14.0.0-14.0.0.2, 13.0.0-13.1.0.7, 12.1.0-12.1.3.5, 11.6.1-11.6.3.2, or 11.5.1-11.5.8 or Enterprise Manager 3.1.1, malformed requests to the Traffic Management User Interface TMUI, also referred to as the BIG-IP Configuration utility, may lead to disruption of TMUI services. This attack...

4.5AI score0.01031EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2019/03/12 12:0 a.m.37 views

F5 Networks BIG-IP : BIG-IP Configuration utility vulnerability (K44603900)

Malformed requests to the Traffic Management User Interface TMUI, also referred to as the BIG-IP Configuration utility,may lead to disruption of TMUI services. This attack requires an authenticated user with any role other than the No Access role. The No Access user role cannot login and does not...

4.3CVSS5.1AI score0.01031EPSS
Exploits0References2
CVE
CVE
added 2018/08/29 7:0 p.m.45 views

CVE-2018-6598

The CVE-2018-6598 entry concerns Orbic Wonder devices (Orbic/RC555L/RC555L:7.1.2/N2G47H/329100b:user/release-keys). A local-privilege-level issue exists where any app co-located on the device can send an intent to trigger a factory reset through com.android.server.MasterClearReceiver, without use...

7.1CVSS6.6AI score0.00256EPSS
Exploits0References1Affected Software1
OSV
OSV
added 2018/01/30 8:29 p.m.6 views

CVE-2016-6598

BMC Track-It! 11.4 before Hotfix 3 exposes an unauthenticated .NET remoting file storage service FileStorageService on port 9010. This service contains a method that allows uploading a file to an arbitrary path on the machine that is running Track-It!. This can be used to upload a file to the web...

9.8CVSS6.2AI score0.1924EPSS
Exploits4References4
CVE
CVE
added 2018/01/30 8:0 p.m.43 views

CVE-2016-6598

BMC Track-It! 11.4 before Hotfix 3 is affected by CVE-2016-6598. An unauthenticated .NET Remoting FileStorageService on port 9010 allows uploading a file to an arbitrary path on the Track-It! server, which can lead to code execution as NETWORK SERVICE or SYSTEM. Root cause: unauthenticated remote...

10CVSS9.8AI score0.1924EPSS
Exploits4References4Affected Software1
CVE
CVE
added 2017/05/11 2:1 p.m.30 views

CVE-2013-6598

CVE-2013-6598 is rejected/not used; this entry does not represent an active vulnerability.

6.9AI score
Exploits0
Cvelist
Cvelist
added 2017/05/11 2:1 p.m.10 views

CVE-2013-6598

...

Exploits0
Rows per page
Query Builder