Lucene search
K

8 matches found

Cvelist
Cvelist
added 2026/06/02 7:8 p.m.39 views

CVE-2026-48597 Atom table exhaustion via untrusted URL scheme in Tesla.Adapter.Mint

Allocation of Resources Without Limits or Throttling vulnerability in elixir-tesla tesla allows denial of service via atom table exhaustion in Tesla.Adapter.Mint. Tesla.Adapter.Mint.openconn/2 converts the URL scheme of every outgoing request to a BEAM atom via String.toatomuri.scheme with no...

8.2CVSS0.00301EPSS
Exploits0References4
OSV
OSV
added 2026/03/12 6:32 p.m.3 views

GHSA-P2M9-WCP5-6QW3 multipart vulnerable to ReDoS in `parse_options_header()`

Summary The parseoptionsheader function in multipart.py uses a regular expression with an ambiguous alternation, which can cause exponential backtracking ReDoS when parsing maliciously crafted HTTP or multipart segment headers. This can be abused for denial of service DoS attacks against web...

7.5CVSS5.8AI score0.00606EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2025/01/24 12:0 a.m.5 views

PT-2025-5418 · Elementor · Elementinvader Addons For Elementor

Name of the Vulnerable Software and Affected Versions: ElementInvader Addons for Elementor versions 1.3.0 and earlier Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting, allowing DOM-Based XSS. This enables potentia...

6.5CVSS6.9AI score0.0036EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2024/10/16 12:0 a.m.4 views

PT-2024-33407 · Unknown · Sunburntkamel Disconnected

Name of the Vulnerable Software and Affected Versions: sunburntkamel disconnected versions n/a through 1.3.0 Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting XSS. This is a Reflected XSS vulnerability, which affec...

7.1CVSS5.8AI score0.00264EPSS
Exploits0References7
Positive Technologies
Positive Technologies
added 2024/04/18 12:0 a.m.7 views

PT-2024-24438 · WordPress · Ovic Responsive Wpbakery

Name of the Vulnerable Software and Affected Versions: Ovic Responsive WPBakery versions 1.3.0 and earlier Description: The issue is related to a Missing Authorization vulnerability. This vulnerability affects Ovic Responsive WPBakery, allowing potential unauthorized access. Recommendations: For...

5.4CVSS6.4AI score0.00387EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2024/03/15 12:0 a.m.4 views

PT-2024-22609 · Symfony +1 · Symfony1 +1

Name of the Vulnerable Software and Affected Versions: Symfony1 versions 1.3.0 through 1.5.17 Description: This issue is related to a gadget chain in Symfony1 due to a vulnerable Swift Mailer dependency. The vulnerability allows an attacker to achieve remote code execution if a developer...

5CVSS8AI score0.01485EPSS
Exploits1References12
OSV
OSV
added 2023/10/04 2:15 p.m.4 views

CVE-2023-27433

Cross-Site Request Forgery CSRF vulnerability in YAS Global Team Make Paths Relative allows Cross Site Request Forgery.This issue affects Make Paths Relative: from n/a through 1.3.0...

8.8CVSS7.3AI score0.00208EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2023/01/05 12:0 a.m.5 views

PT-2023-11810 · Bonitasoft · Bonita-Connector-Webservice

Name of the Vulnerable Software and Affected Versions: bonitasoft bonita-connector-webservice versions up to 1.3.0 Description: A problematic issue was found in the software, affecting the TransformerConfigurationException function of the file...

9.8CVSS5.8AI score0.00764EPSS
Exploits0References9
Rows per page
Query Builder