Lucene search
K

114 matches found

NVD
NVD
added 2 days ago7 views

CVE-2026-56329

Capgo before 12.128.2 contains a cross-tenant preview namespace collision vulnerability caused by non-bijective decoding of double underscores to dots in preview hostname parsing. Attackers can register app IDs with underscores that collide with other tenants' dotted app IDs, causing preview...

6.4CVSS0.00237EPSS
Exploits0References2
CVE
CVE
added 2 days ago7 views

CVE-2026-56329

CVE-2026-56329 affects Capgo before 12.128.2. The issue arises from non-bijective decoding of double underscores to dots in preview hostname parsing, causing a cross-tenant preview namespace collision. Attackers can register app IDs with underscores that collide with other tenants’ dotted app IDs...

6.4CVSS6.1AI score0.00237EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 2026/06/10 3:39 p.m.7 views

io.vertx/vertx-core: static handler component cache can be manipulated to deny the access to static files

A flaw was found in Vert.x. The Web static handler component cache can be manipulated to deny the access to static files served by the handler using specifically crafted request URIs, preventing legitimate users from accessing static files with an HTTP 404 response...

6.9CVSS6.3AI score0.00343EPSS
Exploits1References5
CNNVD
CNNVD
added 2026/05/26 12:0 a.m.18 views

B&R Industrial Automation PPT30 Operating System 安全漏洞

The B&R Industrial Automation PPT30 Operating System is an industrial control terminal operating system developed by B&R Industrial Automation in Austria. Versions of the B&R Industrial Automation PPT30 Operating System prior to 1.8.0 contained security vulnerabilities. These vulnerabilities...

8.7CVSS5.8AI score0.00322EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/04 12:0 a.m.9 views

n8n 安全漏洞

n8n is an open-source, scalable workflow automation tool developed by n8n. Versions of n8n prior to 1.123.32, 2.17.4, and 2.18.1 contained security vulnerabilities. These vulnerabilities stemmed from the MCP OAuth client registration endpoint accepting unauthenticated requests without proper...

8.7CVSS5.8AI score0.00487EPSS
Exploits0References1
SUSE CVE
SUSE CVE
added 2026/04/17 12:4 p.m.7 views

SUSE CVE-2026-6383

A flaw was found in KubeVirt's Role-Based Access Control RBAC evaluation logic. The authorization mechanism improperly truncates subresource names, leading to incorrect permission evaluations. This allows authenticated users with specific custom roles to gain unauthorized access to subresources,...

5.4CVSS5.7AI score0.0015EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2026/04/15 6:22 p.m.3 views

CVE-2026-6383 Kubevirt: kubevirt: unauthorized subresource access due to improper rbac evaluation

A flaw was found in KubeVirt's Role-Based Access Control RBAC evaluation logic. The authorization mechanism improperly truncates subresource names, leading to incorrect permission evaluations. This allows authenticated users with specific custom roles to gain unauthorized access to subresources,...

5.4CVSS5.7AI score0.0015EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/03/20 8:25 a.m.10 views

CVE-2026-33070 FileRise has Unauthenticated Share Link Deletion

FileRise is a self-hosted web file manager / WebDAV server. In versions prior to 3.8.0, a missing-authentication vulnerability in the deleteShareLink endpoint allows any unauthenticated user to delete arbitrary file share links by providing only the share token, causing denial of service to share...

3.7CVSS6AI score0.00371EPSS
Exploits1References2
RedHat Linux
RedHat Linux
added 2026/03/05 1:32 p.m.3 views

io.vertx/vertx-core: static handler component cache can be manipulated to deny the access to static files

A flaw was found in Vert.x. The Web static handler component cache can be manipulated to deny the access to static files served by the handler using specifically crafted request URIs, preventing legitimate users from accessing static files with an HTTP 404 response...

6.9CVSS5.7AI score0.00343EPSS
Exploits1References5
IBM Security Bulletins
IBM Security Bulletins
added 2026/03/03 4:11 a.m.8 views

Security Bulletin: There is a vulnerability in vertx-core-4.1.0.jar used by IBM Maximo Manage application in IBM Maximo Application Suite (CVE-2026-1002)

Summary There is a vulnerability in vertx-core-4.1.0.jar used by IBM Maximo Manage application in IBM Maximo Application Suite. Vulnerability Details CVEID:CVE-2026-1002 DESCRIPTION: The Vert.x Web static handler component cache can be manipulated to deny the access to static files served by the...

6.9CVSS5.9AI score0.00343EPSS
Exploits1Affected Software1
NVD
NVD
added 2026/02/11 1:15 p.m.3 views

CVE-2025-54161

An allocation of resources without limits or throttling vulnerability has been reported to affect File Station 5. If a remote attacker gains an administrator account, they can then exploit the vulnerability to prevent other systems, applications, or processes from accessing the same type of...

6.9CVSS0.00408EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/02/11 12:18 p.m.6 views

CVE-2025-54155 File Station 5

An allocation of resources without limits or throttling vulnerability has been reported to affect File Station 5. If a remote attacker gains an administrator account, they can then exploit the vulnerability to prevent other systems, applications, or processes from accessing the same type of...

6.9CVSS5.6AI score0.0041EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/02/11 12:17 p.m.28 views

CVE-2025-57708 Qsync Central

An allocation of resources without limits or throttling vulnerability has been reported to affect Qsync Central. If a remote attacker gains a user account, they can then exploit the vulnerability to prevent other systems, applications, or processes from accessing the same type of resource. We hav...

6.3CVSS0.00448EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/16 6:16 p.m.13 views

CVE-2026-1002

A flaw was found in Vert.x. The Web static handler component cache can be manipulated to deny the access to static files served by the handler using specifically crafted request URIs, preventing legitimate users from accessing static files with an HTTP 404 response. Mitigation To mitigate this...

6.9CVSS6.6AI score0.00343EPSS
Exploits1References4
EUVD
EUVD
added 2026/01/15 8:50 p.m.5 views

EUVD-2026-2695

The Vert.x Web static handler component cache can be manipulated to deny the access to static files served by the handler using specifically crafted request URI. The issue comes from an improper implementation of the C. rule of section 5.2.4 of RFC3986 and is fixed in Vert.x Core component used b...

6.9CVSS6.2AI score0.00343EPSS
Exploits1References2
Veracode
Veracode
added 2025/11/12 6:24 a.m.8 views

Improper Input Validation

Rancher Manager is vulnerable to improper input validation. The vulnerability is due to missing server-side validation on the .username field, which allows an attacker with update permissions on other user resources to cause denial of access for targeted accounts...

7.6CVSS8.5AI score0.00453EPSS
Exploits0References4Affected Software1
CNVD
CNVD
added 2025/11/12 12:0 a.m.5 views

QNAP File Station 5 Unlimited or Unthrottled Resource Allocation Vulnerability (CNVD-2025-30286)

QNAP File Station 5 is a core file management application developed by Qualcomm Technologies QNAP for its networked storage NAS devices. QNAP File Station 5 suffers from an Unlimited or Unthrottled Resource Allocation vulnerability, which can be exploited by an attacker to prevent other systems,...

7.1CVSS6.9AI score0.00452EPSS
Exploits0References1
OSV
OSV
added 2025/11/07 4:15 p.m.5 views

CVE-2025-53409

An allocation of resources without limits or throttling vulnerability has been reported to affect File Station 5. If a remote attacker gains a user account, they can then exploit the vulnerability to prevent other systems, applications, or processes from accessing the same type of resource. We ha...

6.5CVSS5.8AI score0.00452EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/11/07 3:13 p.m.3 views

CVE-2025-53411 File Station 5

An allocation of resources without limits or throttling vulnerability has been reported to affect File Station 5. If a remote attacker gains an administrator account, they can then exploit the vulnerability to prevent other systems, applications, or processes from accessing the same type of...

5.1CVSS6.6AI score0.00474EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/11/07 12:0 a.m.8 views

PT-2025-45428

Name of the Vulnerable Software and Affected Versions File Station 5 versions prior to 5.5.6.5018 Description A flaw exists in File Station 5 that involves unrestricted resource allocation. If an attacker obtains administrator privileges, they can exploit this issue to disrupt access to resources...

5.1CVSS6.5AI score0.00474EPSS
Exploits0References3
Rows per page
Query Builder