Lucene search
K

13 matches found

CVE
CVE
added 2026/06/16 10:29 p.m.18 views

CVE-2026-48788

CVE-2026-48788 affects Remark42 (versions 1.6.0–1.15.0). The known issue is a content-type spoofing-based XSS in the image proxy: during download the proxy checks Content-Type headers to decide if a resource is an image, but the serving phase sniffing can differ, leading to a mismatch that lets H...

8.2CVSS7.8AI score0.00251EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/04/16 12:0 a.m.13 views

PT-2026-37184

Name of the Vulnerable Software and Affected Versions Saltcorn versions prior to 1.4.6 Saltcorn versions prior to 1.5.6 Saltcorn versions prior to 1.6.0-beta.5 Description Saltcorn fails to properly validate the dest parameter during the post-login process. The is relative url function only block...

5.1CVSS5.8AI score0.00339EPSS
Exploits0References4
OSV
OSV
added 2026/01/05 8:46 a.m.4 views

CVE-2025-66518 Apache Kyuubi: Unauthorized directory access due to missing path normalization

Any client who can access to Apache Kyuubi Server via Kyuubi frontend protocols can bypass server-side config kyuubi.session.local.dir.allow.list and use local files which are not listed in the config. This issue affects Apache Kyuubi: from 1.6.0 through 1.10.2. Users are recommended to upgrade t...

8.8CVSS7.1AI score0.00892EPSS
Exploits0References5
CNNVD
CNNVD
added 2025/11/18 12:0 a.m.6 views

Fortinet FortiPAM 安全漏洞

Fortinet FortiPAM is a platform for privilege access control from Fortinet. A security vulnerability exists in Fortinet FortiPAM that stems from the explicit storage of sensitive information in memory, which could lead to credential disclosure. The following versions are affected: version 1.6.0 a...

4.4CVSS6.4AI score0.00101EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2025/10/28 12:0 a.m.5 views

PT-2025-44202

Name of the Vulnerable Software and Affected Versions Sliver versions 1.5.43 and earlier, and version 1.6.0-dev Description Sliver is a command and control framework that utilizes a custom Wireguard netstack. In versions 1.5.43 and earlier, and in development version 1.6.0-dev, the netstack does...

6.3CVSS6.5AI score0.00217EPSS
Exploits0References18
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2025-30749

Malicious code in bioql PyPI...

4.4CVSS6.5AI score0.00257EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2024/12/16 12:0 a.m.4 views

PT-2024-36162 · Iqonic Design · Wpbookit

Name of the Vulnerable Software and Affected Versions: Iqonic Design WPBookit versions 1.6.0 and earlier Description: The issue is related to an SQL Injection vulnerability due to improper neutralization of special elements used in an SQL command. This allows for SQL Injection, potentially...

9.8CVSS8AI score0.00609EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2024/04/29 12:0 a.m.4 views

PT-2024-25357 · Unknown · Wpomnia Kb Support

Name of the Vulnerable Software and Affected Versions: WPOmnia KB Support versions 1.6.0 and earlier Description: The issue is related to a Missing Authorization vulnerability in WPOmnia KB Support. Recommendations: For versions 1.6.0 and earlier, update to a version that includes the fix for thi...

6.5CVSS6.5AI score0.00466EPSS
Exploits0References7
vulnersOsv
vulnersOsv
added 2022/05/13 1:28 a.m.6 views

at.bestsolution:at.bestsolution.maven.publisher (>=1.0.0 <=1.1.1), at.newmedialab.ldpath:ldpath-functions-html (=0.9.13) +2717 more potentially affected by CVE-2015-6748 via org.jsoup:jsoup (>=1.6.0 <=1.8.2)

org.jsoup:jsoup MAVEN version =1.6.0, =1.0.0, =0.3.1, =0.1.0, =1.0, =1.0, =1.16.0, =2.2.0 and more Source cves: CVE-2015-6748 Source advisory: OSV:GHSA-48RH-QGJR-XFJ6...

6.1CVSS6.7AI score0.02207EPSS
Exploits0
Positive Technologies
Positive Technologies
added 2019/04/17 12:0 a.m.4 views

PT-2019-7879 · Onelogin +2 · Onelogin Ruby-Saml +2

Name of the Vulnerable Software and Affected Versions: OneLogin Ruby-SAML versions 1.6.0 and earlier Description: The issue may allow an attacker to manipulate SAML data without invalidating its cryptographic signature, potentially bypassing authentication to SAML service providers. This is due t...

10CVSS8.2AI score0.10684EPSS
Exploits4References19
CNVD
CNVD
added 2018/09/21 12:0 a.m.7 views

Pivotal Cloud Foundry Elastic Runtime Information Disclosure Vulnerability (CNVD-2018-19741)

Pivotal Cloud Foundry PCF is an open source Platform-as-a-Service PaaS cloud computing platform from Pivotal Software that provides container scheduling, continuous delivery, and automated service deployment.Elastic Runtime is a runtime environment for Pivotal Cloud Foundry. Elastic Runtime is a...

5.9CVSS5.5AI score0.01249EPSS
Exploits0References1
CNVD
CNVD
added 2016/03/30 12:0 a.m.5 views

QEMU Denial of Service Vulnerability (CNVD-2016-01943)

QEMU is a simulation processor software developed by French programmer Fabrice Bellard. The software is fast and cross-platform. A security vulnerability exists in QEMU versions 1.6.0 through 2.3.1. When a program maps addresses to MemoryRegionSection using 'addressspacetranslate', an attacker ca...

5.5CVSS7AI score0.00407EPSS
Exploits0References1
vulnersOsv
vulnersOsv
added 2016/01/08 8:59 p.m.8 views

catsup (>=0.3.8 <=0.3.11), coil (=1.2.1) +9 more potentially affected by CVE-2015-8557 via pygments (>=1.6.0 <=2.0.2)

pygments PYPI version =1.6.0, =0.3.8, =0.0.1, =1.9.5, =3.0.0, =2.3.1, =3.2.0, =1.0.0, =1.0.0, =3.0.1 Source cves: CVE-2015-8557 Source advisory: OSV:PYSEC-2016-32...

9.3CVSS7.2AI score0.06664EPSS
Exploits0
Rows per page
Query Builder