Lucene search
K

11 matches found

Tenable Nessus
Tenable Nessus
added 2026/06/30 12:0 a.m.8 views

Amazon Linux 2023 : rclone (ALAS2023-2026-1907)

It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2026-1907 advisory. Rclone is a command-line program to sync files and directories to and from different cloud storage providers. From 1.46.0 until 1.74.3, rclone rcd --rc-serve accepts unauthenticated GET and HEAD reques...

9.8CVSS5.9AI score0.00701EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/06/30 12:0 a.m.9 views

Amazon Linux 2 : rclone, --advisory ALAS2-2026-3494 (ALAS-2026-3494)

The version of rclone installed on the remote host is prior to 1.55.1-1. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2026-3494 advisory. Rclone is a command-line program to sync files and directories to and from different cloud storage providers. From 1.46.0 until...

9.8CVSS5.9AI score0.00701EPSS
Exploits0References4
Amazon
Amazon
added 2026/06/29 12:0 a.m.7 views

Critical: rclone

Issue Overview: Rclone is a command-line program to sync files and directories to and from different cloud storage providers. From 1.46.0 until 1.74.3, rclone rcd --rc-serve accepts unauthenticated GET and HEAD requests to paths of the form: /remote:path/object. The remote value is parsed from th...

9.8CVSS5.9AI score0.00701EPSS
Exploits0
NVD
NVD
added 2026/06/26 6:16 p.m.9 views

CVE-2026-47221

Envoy is an open source edge and service proxy designed for cloud-native applications. From 1.18.0 until 1.35.13, 1.36.9, 1.37.5, and 1.38.3, the router filter contains a null pointer dereference vulnerability when handling HTTP 303 See Other internal redirects for body-less non-GET/HEAD requests...

7.5CVSS0.00445EPSS
Exploits1References1
EUVD
EUVD
added 2026/06/26 5:35 p.m.7 views

EUVD-2026-39823

Envoy is an open source edge and service proxy designed for cloud-native applications. From 1.18.0 until 1.35.13, 1.36.9, 1.37.5, and 1.38.3, the router filter contains a null pointer dereference vulnerability when handling HTTP 303 See Other internal redirects for body-less non-GET/HEAD requests...

5.9CVSS6AI score0.00445EPSS
Exploits1References1
RedHat Linux
RedHat Linux
added 2026/06/10 12:9 p.m.12 views

netty: io.netty/netty-codec-http: Netty: Incorrect HTTP response parsing leads to data confusion

A flaw was found in Netty, an asynchronous, event-driven network application framework. A remote attacker could exploit this vulnerability by sending a specific sequence of HTTP responses 103, followed by a 200 with a GET body, then another 200 for a HEAD request when the client pipelines GET the...

9.1CVSS6.8AI score0.0075EPSS
Exploits1References5
Snyk
Snyk
added 2026/05/20 3:35 p.m.10 views

Incorrect Authorization

Overview symfony/security-http is a provides an infrastructure for sophisticated authorization systems, which makes it possible to easily separate the actual authorization logic from so called user providers that hold the users credentials. Affected versions of this package are vulnerable to...

8.6CVSS5.8AI score0.00052EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/05/13 6:10 p.m.49 views

CVE-2026-42584 Netty: HttpClientCodec response desynchronization

Netty is an asynchronous, event-driven network application framework. Prior to 4.2.13.Final and 4.1.133.Final, HttpClientCodec pairs each inbound response with an outbound request by queue.poll once per response, including for 1xx. If the client pipelines GET then HEAD and the server sends 103,...

7.3CVSS0.0075EPSS
Exploits1References1
VulnCheck KEV
VulnCheck KEV
added 2025/08/01 12:0 a.m.6 views

VulnCheck KEV: CVE-2024-36675

LyLmespage v1.9.5 is vulnerable to Server-Side Request Forgery SSRF via the gethead function...

9.1CVSS5.8AI score0.01426EPSS
In wildExploits1References2
OSV
OSV
added 2023/11/07 8:15 a.m.4 views

CVE-2023-42537

An improper input validation in getheadcrc in libsaped prior to SMR Nov-2023 Release 1 allows local attackers to cause out-of-bounds read and write...

7.8CVSS5.8AI score0.00218EPSS
Exploits0References1
CNNVD
CNNVD
added 2023/11/07 12:0 a.m.3 views

SAMSUNG Mobile devices buffer error vulnerability

SAMSUNG Mobile devices are a range of Samsung mobile devices, including cell phones, tablets, etc., from the South Korean company Samsung SAMSUNG. A buffer error vulnerability exists in SAMSUNG Mobile devices prior to SMR Nov-2023 Release 1, which stems from incorrect input validation in the...

8.4CVSS6.7AI score0.00218EPSS
Exploits0References3
Rows per page
Query Builder