Lucene search
K

8 matches found

CNNVD
CNNVD
added 2026/06/01 12:0 a.m.11 views

Nextcloud Tables SQL注入漏洞

NextCloud Tables is an open-source table-based application developed by NextCloud. Versions of NextCloud Tables from 0.7.0 to 0.7.7, 0.8.0 to 0.8.10, 0.9.0 to 0.9.8, and 1.0.0 to 1.0.4 have SQL injection vulnerabilities. These vulnerabilities stem from stored injection attacks, allowing...

8.2CVSS6.2AI score0.00318EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/05/29 12:0 a.m.23 views

PT-2026-47556

Impact The Ironic Standalone Operator IRSO is the operator to maintain an Ironic deployment for Metal3. The Prometheus metrics exporter binds to 0.0.0.0 all network interfaces by default with no authentication. The default config is disabled. If enabled, this exposes operational metrics to any ho...

4.3CVSS5.5AI score
Exploits0References4
Vulnrichment
Vulnrichment
added 2026/05/12 8:3 p.m.11 views

CVE-2026-34669 CAI Content Credentials | Improper Input Validation (CWE-20)

CAI Content Credentials versions [email protected], c2pa-v0.78.2 and earlier are affected by an Improper Input Validation vulnerability that could result in an application denial-of-service. An attacker could exploit this vulnerability to crash the application, leading to a denial-of-service...

6.2CVSS5.5AI score0.00193EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/05/12 8:3 p.m.9 views

CVE-2026-34665 CAI Content Credentials | Uncontrolled Resource Consumption (CWE-400)

CAI Content Credentials versions [email protected], c2pa-v0.78.2 and earlier are affected by an Uncontrolled Resource Consumption vulnerability that could lead to application denial-of-service. An attacker could exploit this vulnerability to exhaust system resources, resulting in an application...

7.5CVSS5.5AI score0.00787EPSS
Exploits0References1
CVE
CVE
added 2026/05/12 8:3 p.m.23 views

CVE-2026-34679

Summary: CVE-2026-34679 affects CAI Content Credentials versions 0.78.2, 0.7.0 and earlier. Vulnerability: Improper Input Validation (CWE-20). Impact: Denial of service — an attacker could crash the application, leading to DoS. Exploitation does not require user interaction. Technical details pre...

6.2CVSS5.5AI score0.00193EPSS
Exploits0References1Affected Software2
Positive Technologies
Positive Technologies
added 2026/05/12 12:0 a.m.12 views

PT-2026-40407

Name of the Vulnerable Software and Affected Versions CAI Content Credentials versions 0.78.2, 0.7.0 and earlier Description Improper Input Validation allows an attacker to crash the application, resulting in a denial-of-service condition. This issue can be exploited without requiring user...

6.2CVSS5.2AI score0.00193EPSS
Exploits0References5
OSV
OSV
added 2026/04/01 9:23 a.m.13 views

CLEANSTART-2026-PV98664 Security fixes for CVE-2025-58183, CVE-2025-58185, CVE-2025-58187, CVE-2025-58188, CVE-2025-58189, CVE-2025-61723, CVE-2025-61724, CVE-2025-61725, CVE-2025-61726, CVE-2025-61727, CVE-2025-61728, CVE-2025-61729, CVE-2025-61730, CVE-2025-68119, CVE-2026-25679, CVE-2026-27139, CVE-2026-27142, ghsa-f6x5-jh6r-wrfv, ghsa-j5w8-q4qc-rx2x, ghsa-m6hq-p25p-ffr2, ghsa-p77j-4mvh-x3m3, ghsa-pwhc-rpq9-4c8w applied in versions: 0.6.4-r5, 0.6.4-r6, 0.7.0-r4

Multiple security vulnerabilities affect the k8ssandra-client-fips package. These issues are resolved in later releases. See references for individual vulnerability details...

7.5CVSS6.8AI score0.01945EPSS
Exploits3References40
RedhatCVE
RedhatCVE
added 2025/10/15 8:41 p.m.11 views

CVE-2025-60540

karakeep v0.26.0 to v0.7.0 was discovered to contain a Server-Side Request Forgery SSRF...

6.5CVSS7.3AI score0.00335EPSS
Exploits0References1
Rows per page
Query Builder