Lucene search
K

5 matches found

NVD
NVD
added 2026/06/25 3:16 a.m.10 views

CVE-2026-8662

Path Traversal vulnerability in the createarchive function of Rapid7 InsightConnect Compression Plugin on Linux allows authenticated attackers to write to unintended file paths via crafted filename input. The impact is limited to file corruption as content cannot be controlled by the attacker...

4.3CVSS0.00216EPSS
Exploits0References1
Github Security Blog
Github Security Blog
added 2026/06/19 8:46 p.m.8 views

CoreWCF: Kafka consume pump halts permanently on a Kafka tombstone (null-value record), causing persistent endpoint denial of service.

Impact A CoreWCF service is running and listening on a Kafka topic receiving a null-value record will stop processing new records from that topic. Preconditions The attacker has produce/write permission on a topic that CoreWCF is consuming from. If the broker permits anonymous publishes, no...

6.5CVSS5.9AI score0.00336EPSS
Exploits0References2Affected Software1
Positive Technologies
Positive Technologies
added 2026/06/19 12:0 a.m.15 views

PT-2026-51072

Name of the Vulnerable Software and Affected Versions CoreWCF versions prior to 1.8.1 CoreWCF versions prior to 1.9.1 Description A CoreWCF service listening on a Kafka topic stops processing new records when the KafkaTransportPump receives a null-value tombstone record. A tombstone record is a...

6.5CVSS6AI score0.00336EPSS
Exploits0References12
OSV
OSV
added 2026/04/29 6:31 p.m.7 views

GHSA-P46P-7PMJ-M34F Cockpit is vulnerable to directory traversal

Cockpit 2.13.5 and earlier is vulnerable to directory traversal via the Buckets component. This vulnerability allows authenticated attackers to write files to arbitrary locations within the uploads directory or overwrite assets with malicious versions...

6.5CVSS5.9AI score0.00835EPSS
Exploits0References4
CVE
CVE
added 2026/04/29 12:0 a.m.13 views

CVE-2026-38993

CVE-2026-38993 affects Cockpit up to version 2.13.5. The Buckets component enables directory traversal, allowing an authenticated attacker to write files to arbitrary locations within the uploads directory or replace assets with malicious versions. Public references (Red Hat, GHSA, OSV, Snyk, and...

8.1CVSS5.5AI score0.00835EPSS
Exploits0References5
Rows per page
Query Builder