Lucene search
K

44 matches found

OSV
OSV
added 2026/06/16 5:23 p.m.6 views

MINI-93WV-QG5W-6844

Bulletin has no description...

3.7CVSS4.9AI score0.00176EPSS
Exploits0
OSV
OSV
added 2026/06/07 7:24 p.m.12 views

MINI-VVRC-24X5-6844

Bulletin has no description...

9.6CVSS5.2AI score0.00478EPSS
Exploits0
OSV
OSV
added 2026/05/11 11:20 p.m.4 views

MINI-6844-R2PP-94JF

Bulletin has no description...

7.5CVSS5.7AI score0.00784EPSS
Exploits0
Circl
Circl
added 2026/04/22 12:20 p.m.15 views

CVE-2026-6844

creationtimestamp| type| source ---|---|--- 2026-04-22 12:20:31+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mk3ibh3h5i2q...

5.5CVSS5.7AI score0.00104EPSS
Exploits0References1
UbuntuCve
UbuntuCve
added 2026/04/22 9:16 a.m.6 views

CVE-2026-6844

A flaw was found in the readelf utility of the binutils package. A local attacker could exploit two Denial of Service DoS vulnerabilities by providing a specially crafted Executable and Linkable Format ELF file. One vulnerability, a resource exhaustion CWE-400, can lead to an out-of-memory...

5.5CVSS5.7AI score0.00104EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2025/11/14 12:0 a.m.2 views

Mageia: Security Advisory (MGASA-2025-0286)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS6.8AI score0.00677EPSS
Exploits5References4
OSV
OSV
added 2025/08/08 7:51 p.m.7 views

MAL-2025-6844 Malicious code in mapbox-gl-js-toys (npm)

The package communicates with a domain associated with malicious activity...

7.1AI score
Exploits0
OSV
OSV
added 2025/08/08 11:16 a.m.4 views

OESA-2025-1981 python-Flask-Cors security update

A Flask extension for handling Cross Origin Resource Sharing CORS, making cross-origin AJAX possible. Security Fixes: corydolphin/flask-cors version 4.0.1 contains an improper regex path matching vulnerability. The plugin prioritizes longer regex patterns over more specific ones when matching...

7.5CVSS6.7AI score0.00652EPSS
Exploits3References4
IBM Security Bulletins
IBM Security Bulletins
added 2025/08/01 10:29 a.m.7 views

Security Bulletin: IBM Maximo Application Suite - Visual Inspection component uses flask_cors-5.0.1-py3-none-any.whl which is vulnerable to this CVE-2024-6839, CVE-2024-6866 and CVE-2024-6844

Summary Security Bulletin: IBM Maximo Application Suite - Visual Inspection component uses flaskcors-5.0.1-py3-none-any.whl which is vulnerable to this CVE-2024-6839, CVE-2024-6866 and CVE-2024-6844 Vulnerability Details CVEID:CVE-2024-6866 DESCRIPTION: corydolphin/flask-cors version 4.01 contain...

7.5CVSS6.8AI score0.00652EPSS
Exploits3Affected Software1
Circl
Circl
added 2025/05/23 10:39 p.m.25 views

CVE-2024-6844

creationtimestamp| type| source ---|---|--- 2025-05-23 22:39:43+00:00| seen| https://gist.github.com/EbonJaeger/4959b52b5b6898ca4e109d36bb8b6d36...

5.3CVSS5.2AI score0.00281EPSS
Exploits1References1
vulnersOsv
vulnersOsv
added 2025/03/20 12:32 p.m.7 views

aact-openhands (>=0.0.4 <=0.0.5), aberoth-ephemeris (>=1.0.0 <=1.0.2) +580 more potentially affected by CVE-2024-6844 via flask-cors (>=1.1.2 <=5.0.1)

flask-cors PYPI version =1.1.2, =0.0.4, =1.0.0, =1.8.8, =1.1.4, =0.0.1, =0.0.1, =0.0.4, =0.0.13, =0.1.0, =0.1.1, =0.1.0, =1.1.0, =0.0.1, =0.0.18, =1.0.2, =1.3.0 and more Source cves: CVE-2024-6844 Source advisory: OSV:GHSA-8VGW-P6QM-5GR7...

5.3CVSS6.3AI score0.00281EPSS
Exploits1
vulnersOsv
vulnersOsv
added 2025/03/20 12:32 p.m.5 views

aact-openhands (>=0.0.4 <=0.0.5), aberoth-ephemeris (>=1.0.0 <=1.0.2) +216 more potentially affected by CVE-2024-6844 via flask-cors (>=3.0.9 <=5.0.1)

flask-cors PYPI version =3.0.9, =0.0.4, =1.0.0, =1.8.8, =1.1.4, =0.0.1, =0.1.0, =0.1.1, =0.1.0, =1.1.0, =0.0.1, =0.0.18, =1.0.4, =1.0.0, =0.1.0, =0.1.2, =0.1.3 and more Source cves: CVE-2024-6844 Source advisory: SNYK:PYTHON-FLASKCORS-9668952...

5.3CVSS6.3AI score0.00281EPSS
Exploits1
UbuntuCve
UbuntuCve
added 2025/03/20 10:15 a.m.7 views

CVE-2024-6844

A vulnerability in corydolphin/flask-cors version 4.0.1 allows for inconsistent CORS matching due to the handling of the '+' character in URL paths. The request.path is passed through the unquoteplus function, which converts the '+' character to a space ' '. This behavior leads to incorrect path...

5.3CVSS6.3AI score0.00281EPSS
Exploits1References3
Vulnrichment
Vulnrichment
added 2025/03/20 10:10 a.m.7 views

CVE-2024-6844 Inconsistent CORS Matching Due to Handling of '+' in URL Path in corydolphin/flask-cors

A vulnerability in corydolphin/flask-cors version 4.0.1 allows for inconsistent CORS matching due to the handling of the '+' character in URL paths. The request.path is passed through the unquoteplus function, which converts the '+' character to a space ' '. This behavior leads to incorrect path...

5.3CVSS5.5AI score0.00281EPSS
Exploits1References1
Debian CVE
Debian CVE
added 2025/03/20 10:10 a.m.6 views

CVE-2024-6844

A vulnerability in corydolphin/flask-cors version 4.0.1 allows for inconsistent CORS matching due to the handling of the '+' character in URL paths. The request.path is passed through the unquoteplus function, which converts the '+' character to a space ' '. This behavior leads to incorrect path...

5.3CVSS5.9AI score0.00281EPSS
Exploits1
CVE
CVE
added 2025/03/20 10:10 a.m.190 views

CVE-2024-6844

CVE-2024-6844 affects the package corydolphin/flask-cors (reported as 4.0.1). The issue arises from how URL path '+’ characters are handled: request.path is passed through unquote_plus, which converts '+' to a space. This causes incorrect path normalization and mismatches between requested paths ...

5.3CVSS5.5AI score0.00281EPSS
Exploits1References2Affected Software1
Positive Technologies
Positive Technologies
added 2024/10/08 12:0 a.m.0 views

PT-2024-6844 · Microsoft · Windows

Name of the Vulnerable Software and Affected Versions: Windows affected versions not specified Description: The issue is related to a buffer overflow in memory, which can be exploited to elevate privileges. This could allow an attacker to affect the system. Recommendations: At the moment, there i...

7.8CVSS7AI score0.00599EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2024/09/19 12:0 a.m.19 views

RHEL 8 : pcp (RHSA-2024:6844)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:6844 advisory. Performance Co-Pilot PCP is a suite of tools, services, and libraries for acquisition, archiving, and analysis of system-level performance...

5.5CVSS6.8AI score0.00288EPSS
Exploits0References7
OpenVAS
OpenVAS
added 2024/06/25 12:0 a.m.16 views

Ubuntu: Security Advisory (USN-6844-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

6.7CVSS5.3AI score0.02421EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2024/06/24 12:0 a.m.36 views

Ubuntu 16.04 LTS / 18.04 LTS / 20.04 LTS / 22.04 LTS / 23.10 / 24.04 LTS : CUPS vulnerability (USN-6844-1)

The remote Ubuntu 16.04 LTS / 18.04 LTS / 20.04 LTS / 22.04 LTS / 23.10 / 24.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-6844-1 advisory. Rory McNamara discovered that when starting the cupsd server with a Listen configuration item, the cupsd...

6.7CVSS6AI score0.02421EPSS
Exploits1References2
Rows per page
Query Builder