Lucene search
K

88 matches found

Tenable Nessus
Tenable Nessus
added 2025/12/19 12:0 a.m.4 views

Linux Distros Unpatched Vulnerability : CVE-2025-68429

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Storybook is a frontend workshop for building user interface components and pages in isolation. A vulnerability present starting in versions 7.0.0 and prior to...

7.3CVSS6.3AI score0.00235EPSS
Exploits0References2
OSV
OSV
added 2025/12/18 6:49 p.m.5 views

GHSA-8452-54WP-RMV6 Storybook manager bundle may expose environment variables during build

On December 11th, the Storybook team received a responsible disclosure alerting them to a potential vulnerability in certain built and published Storybooks. The vulnerability is a bug in how Storybook handles environment variables defined in a .env file, which could, in specific circumstances, le...

7.3CVSS5.8AI score0.00235EPSS
Exploits0References4
CVE
CVE
added 2025/09/22 7:39 p.m.29 views

CVE-2025-59434

Flowise Cloud prior to August 2025 was vulnerable to a cross-tenant data exposure through the Custom JavaScript Function node, allowing authenticated users on the free tier to access environment variables from other tenants (e.g., OpenAI keys, cloud credentials, and tokens). The issue has been pa...

9.6CVSS6.3AI score0.03146EPSS
Exploits0References1
Github Security Blog
Github Security Blog
added 2025/09/15 7:51 p.m.57 views

FlowiseAI Pre-Auth Arbitrary Code Execution

Summary An authenticated admin user of FlowiseAI can exploit the Supabase RPC Filter component to execute arbitrary server-side code without restriction. By injecting a malicious payload into the filter expression field, the attacker can directly trigger JavaScript's execSync to launch reverse...

6.5CVSS8.4AI score0.00594EPSS
Exploits1References6Affected Software1
Vulnrichment
Vulnrichment
added 2025/07/02 2:5 p.m.2 views

CVE-2025-49588 Linkwarden Local File Inclusion Vulnerability

Linkwarden is a self-hosted, open-source collaborative bookmark manager to collect, organize and archive webpages. In version 2.10.2, the server accepts links of format file:///etc/passwd and doesn't do any validation before sending them to parsers and playwright, this can result in leak of other...

8.7CVSS6.4AI score0.00303EPSS
Exploits0References1
OSV
OSV
added 2025/07/02 2:5 p.m.5 views

CVE-2025-49588 Linkwarden Local File Inclusion Vulnerability

Linkwarden is a self-hosted, open-source collaborative bookmark manager to collect, organize and archive webpages. In version 2.10.2, the server accepts links of format file:///etc/passwd and doesn't do any validation before sending them to parsers and playwright, this can result in leak of other...

8.7CVSS6.7AI score0.00303EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2023/07/05 12:0 a.m.11 views

PT-2023-25716 · Fides · Fides

Name of the Vulnerable Software and Affected Versions: Fides versions prior to 2.15.1 Description: A path traversal vulnerability affects Fides, allowing remote attackers to access arbitrary files on the Fides webserver container's filesystem. If the Fides webserver API is deployed behind a rever...

7.5CVSS7.4AI score0.01491EPSS
Exploits0References10
Veracode
Veracode
added 2021/03/04 4:39 a.m.15 views

Unauthorised Modification

pgpverify-maven-plugin allows unauthorized modification. An attacker is able to push base repository or access secrets by checking out and running build script from a fork the untrusted code is running in an environment...

3AI score
Exploits0
Rows per page
Query Builder