Lucene search
+L

97 matches found

OSV
OSV
added 2025/12/17 10:50 p.m.4 views

GHSA-J22H-9J4X-23W5 mcp-server-git has missing path validation when using --repository flag

In mcp-server-git versions prior to 2025.12.18, when the server is started with the --repository flag to restrict operations to a specific repository path, it did not validate that repopath arguments in subsequent tool calls were actually within that configured path. This could allow tool calls t...

6.4CVSS6.5AI score0.06434EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2025/12/02 12:0 a.m.7 views

PT-2025-49010

🚨 CVE-2025-55129 HackerOne community member Kassem S.kassem s94 has reported that username handling in Revive Adserver was still vulnerable to impersonation attacks after the fix for CVE-2025-52672, via several alternate techniques. Homoglyphs based impersonation has been independently reported b...

5.4CVSS7AI score0.00223EPSS
Exploits1References2
NVD
NVD
added 2025/11/20 7:16 p.m.10 views

CVE-2025-55126

HackerOne community member Dang Hung Vi vidang04 has reported a stored XSS vulnerability involving the navigation box at the top of advertiser-related pages, with campaign names being the vector for the stored XSS...

6.5CVSS0.00203EPSS
Exploits1References1
Vulnrichment
Vulnrichment
added 2025/11/20 7:7 p.m.8 views

CVE-2025-55126

HackerOne community member Dang Hung Vi vidang04 has reported a stored XSS vulnerability involving the navigation box at the top of advertiser-related pages, with campaign names being the vector for the stored XSS...

6.5CVSS5.8AI score0.00203EPSS
Exploits1References1
Vulnrichment
Vulnrichment
added 2025/11/20 7:6 p.m.4 views

CVE-2025-55128

HackerOne community member Dang Hung Vi vidang04 has reported an uncontrolled resource consumption vulnerability in the “userlog-index.php”. An attacker with access to the admin interface could request an arbitrarily large number of items per page, potentially leading to a denial of service...

6.5CVSS6.4AI score0.0039EPSS
Exploits1References1
NVD
NVD
added 2025/10/08 6:15 p.m.5 views

CVE-2025-42706

A logic error exists in the Falcon sensor for Windows that could allow an attacker, with the prior ability to execute code on a host, to delete arbitrary files. CrowdStrike released a security fix for this issue in Falcon sensor for Windows versions 7.24 and above and all Long Term Visibility LTV...

6.5CVSS0.00172EPSS
Exploits0References1
Github Security Blog
Github Security Blog
added 2025/09/24 6:57 p.m.11 views

Claude Code Vulnerable to Arbitrary Code Execution via Plugin Autoloading with Specific Yarn Versions

When using Claude Code with Yarn installed, Yarn config files can trigger code execution when running yarn --version. This could lead to a bypass of the directory trust dialog in Claude Code, as plugins and yarnPath could be executed prior to the user accepting the risks of working in an untruste...

9.8CVSS7.3AI score0.00341EPSS
Exploits0References6Affected Software1
RubySec
RubySec
added 2025/08/29 12:0 a.m.11 views

Google Sign-In for Rails allowed redirect to protocol-relative URI

Summary It is possible to redirect a user to another origin if the "proceedto" value in the session store is set to a protocol-relative URL. Details The googlesignin gem persists an optional URL for redirection after authentication. If this URL is set to a protocol-relative URL, it improperly...

4.2CVSS6.6AI score0.00211EPSS
Exploits0References1Affected Software1
OSV
OSV
added 2025/08/18 6:46 p.m.4 views

GHSA-X5GV-JW7F-J6XJ Claude Code's Permissive Default Allowlist Enables Unauthorized File Read and Network Exfiltration in Claude Code

Due to an overly broad allowlist of safe commands, it was possible to bypass the Claude Code confirmation prompts to read a file and then send file contents over the network without user confirmation. Reliably exploiting this requires the ability to add untrusted content into a Claude Code contex...

7.1CVSS7.2AI score0.00462EPSS
Exploits0References3
OSV
OSV
added 2025/08/05 10:36 p.m.9 views

CVE-2025-8573 Concrete CMS 9 through 9.4.2 is vulnerable to Stored XSS from Home Folder on Members Dashboard page

Concrete CMS versions 9 through 9.4.2 are vulnerable to Stored XSS from Home Folder on Members Dashboard page. Version 8 was not affected. A rogue admin could set up a malicious folder containing XSS to which users could be directed upon login. The Concrete CMS security team gave this...

2CVSS5.9AI score0.0044EPSS
Exploits1References5
RedhatCVE
RedhatCVE
added 2025/05/22 10:10 p.m.10 views

CVE-2022-21829

Concrete CMS Versions 9.0.0 through 9.0.2 and 8.5.7 and below can download zip files over HTTP and execute code from those zip files which could lead to an RCE. Fixed by enforcing ‘concretesecure’ instead of ‘concrete’. Concrete now only makes requests over https even a request comes in via http...

9.8CVSS7.3AI score0.01681EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 3:45 p.m.11 views

CVE-2020-8143

An Open Redirect vulnerability was discovered in Revive Adserver version 5.0.5 and reported by HackerOne user hoangn144. A remote attacker could trick logged-in users to open a specifically crafted link and have them redirected to any destination.The CSRF protection of the “/www/admin/-modify.php...

6.1CVSS6.8AI score0.70386EPSS
Exploits1References1
OSV
OSV
added 2025/04/18 3:2 p.m.3 views

GHSA-MG2H-6X62-WPWC Fastify vulnerable to invalid content-type parsing, which could lead to validation bypass

Impact In applications that specify different validation strategies for different content types, it's possible to bypass the validation by providing a slightly altered content type such as with different casing or altered whitespacing before ;. Users using the the following pattern are affected: ...

7.5CVSS6.9AI score0.00686EPSS
Exploits1References6
GithubExploit
GithubExploit
added 2024/04/14 11:34 a.m.107 views

Exploit for CVE-2024-27983

This repository builds up a vulnerable HTTP2 Node.js server se...

8.2CVSS7.2AI score0.87211EPSS
Exploits1
Hacker One
Hacker One
added 2024/04/08 8:41 p.m.74 views

Internet Bug Bounty: Assertion failed in node::http2::Http2Session::~Http2Session() leads to HTTP/2 server crash

The Node.js HTTP/2 server was affected by a vulnerability that caused it to crash instantly after receiving a small number of HTTP/2 frames. The issue was caused by a race condition that occurred when the Http2Session destructor was triggered while header frames were still being processed, leavin...

8.2CVSS6.3AI score0.87211EPSS
Exploits1
Hacker One
Hacker One
added 2024/03/27 11:54 p.m.94 views

Internet Bug Bounty: CVE-2024-27281: RCE vulnerability with .rdoc_options in RDoc

A remote code execution vulnerability was discovered in RDoc 6.3.3 through 6.6.2, as distributed in Ruby 3.x through 3.3.0. The vulnerability was caused by the lack of restrictions on the classes that could be restored when parsing .rdocoptions as a YAML file. Additionally, object injection and...

4.5CVSS7.9AI score0.01571EPSS
Exploits0
Hacker One
Hacker One
added 2024/02/23 5:22 a.m.74 views

PortSwigger Web Security: CSP Bypass and escalation of https://hackerone.com/reports/2279346

Vulnerability description not provided...

7.1AI score
Exploits0
Github Security Blog
Github Security Blog
added 2024/01/16 3:24 p.m.47 views

Default swagger-ui configuration exposes all files in the module

Impact The default configuration of @fastify/swagger-ui without baseDir set will lead to all files in the module's directory being exposed via http routes served by the module. Patches Update to v2.1.0 Workarounds Use the baseDir option References HackerOne report...

5.3CVSS7AI score0.02001EPSS
Exploits0References5Affected Software1
Brave Browser
Brave Browser
added 2023/12/06 4:24 p.m.16 views

Brave Android 1.61.100 Security Fixes

Fixed crash when incorrectly handling reward navigation redirects as reported on HackerOne by 0xc4gr1. Upgraded Chromium to 120.0.6099.62 — refer to Google Chrome advisories for inherited CVEs...

5.8AI score
Exploits0References2Affected Software1
Brave Browser
Brave Browser
added 2023/05/03 8:16 a.m.13 views

Brave Android 1.51.110 Security Fixes

Prevent blind cross chain signing as reported on HackerOne by julianor. Upgraded Chromium to 113.0.5672.77 — refer to Google Chrome advisories for inherited CVEs...

5.6AI score
Exploits0References2Affected Software1
Rows per page
Query Builder