Lucene search
K

9 matches found

ATTACKERKB
ATTACKERKB
added 3 days ago3 views

CVE-2026-28740

Gitea versions up to and including 1.26.2 allow Git LFS object reuse to authorize private source objects for users who have repository access but lack Code-unit access...

7.1CVSS5.9AI score0.00323EPSS
Exploits0References5
CVE
CVE
added 3 days ago15 views

CVE-2026-28740

CVE-2026-28740 affects Gitea up to version 1.26.2. The issue allows Git LFS object reuse to authorize private source objects for users with repository access but without Code-unit access (root cause: LFS object reuse bypassing Code-unit authorization). Impact is unauthorized access to private sou...

7.1CVSS7.1AI score0.00323EPSS
Exploits0References4
FreeBSD
FreeBSD
added 2026/05/20 12:0 a.m.13 views

gitea -- multiple vulnerabilities

The Gitea team reports: CVE-2026-27783: incorrect read permission check CVE-2026-25714: public-only token filtering bypass CVE-2026-20706: missing token scope checking CVE-2026-27771: unauthenticated access to private container images CVE-2026-28744: git smart HTTP request scope bug CVE-2026-2869...

9.8CVSS6.1AI score0.40738EPSS
Exploits6References2
Tenable Nessus
Tenable Nessus
added 2025/09/10 12:0 a.m.3 views

Linux Distros Unpatched Vulnerability : CVE-2017-18212

"The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in JerryScript 1.0. There is a heap-based buffer over-read in the litreadcodeunitfromhex function in lit/lit-char-helpers.c via a...

9.8CVSS8.6AI score0.01879EPSS
Exploits0References2
OSV
OSV
added 2021/06/10 11:15 p.m.23 views

CVE-2020-23321

There is a heap-buffer-overflow at lit-strings.c:431 in litreadcodeunitfromutf8 in JerryScript 2.2.0...

9.8CVSS6.8AI score
Exploits0References1
CVE
CVE
added 2021/06/10 10:14 p.m.79 views

CVE-2020-23321

CVE-2020-23321 is a documented heap-buffer-overflow in JerryScript 2.2.0, triggered by lit_read_code_unit_from_utf8 (lit-strings.c:431). The vulnerability affects JerryScript 2.2.0 and is assigned a high/critical severity in public feeds (NVD CVSSv3.1: 9.8, NETWORK attack, no authentication, impa...

9.8CVSS9.4AI score0.01314EPSS
Exploits1References1Affected Software1
CNNVD
CNNVD
added 2021/06/10 12:0 a.m.6 views

JerryScript 缓冲区错误漏洞

JerryScript is a lightweight JavaScript engine . A heap buffer overflow vulnerability exists in litreadcodeunitfromutf8 in lit-strings.c:431 in JerryScript version 2.2.0. No details of the vulnerability are provided at this time...

9.8CVSS5.9AI score0.01314EPSS
Exploits1References1
OSV
OSV
added 2018/05/24 8:29 p.m.2 views

UBUNTU-CVE-2018-11419

An issue was discovered in JerryScript 1.0. There is a heap-based buffer over-read in the litreadcodeunitfromhex function via a RegExp"\u0" payload, related to reparsecharclass in parser/regexp/re-parser.c...

9.8CVSS7.5AI score0.01583EPSS
Exploits1References4
OSV
OSV
added 2018/03/01 10:29 p.m.2 views

UBUNTU-CVE-2017-18212

An issue was discovered in JerryScript 1.0. There is a heap-based buffer over-read in the litreadcodeunitfromhex function in lit/lit-char-helpers.c via a RegExp"\x0"; payload...

9.8CVSS7.5AI score0.01879EPSS
Exploits0References3
Rows per page
Query Builder