Lucene search
K

736 matches found

EUVD
EUVD
added 2026/03/10 7:1 p.m.5 views

EUVD-2026-10799

Envoy is a high-performance edge/middle/service proxy. Prior to 1.37.1, 1.36.5, 1.35.8, and 1.34.13, the Envoy RBAC Role-Based Access Control filter contains a logic vulnerability in how it validates HTTP headers when multiple values are present for the same header name. Instead of validating eac...

7.5CVSS5.8AI score0.00293EPSS
Exploits1References2
Github Security Blog
Github Security Blog
added 2026/03/10 6:30 p.m.8 views

Envoy has RBAC Header Validation Bypass via Multi-Value Header Concatenation

Summary The Envoy RBAC Role-Based Access Control filter contains a logic vulnerability in how it validates HTTP headers when multiple values are present for the same header name. Instead of validating each header value individually, Envoy concatenates all values into a single comma-separated...

8.2CVSS5.8AI score0.00293EPSS
Exploits1References4Affected Software1
EUVD
EUVD
added 2026/03/10 6:30 p.m.4 views

EUVD-2026-10798

Envoy has RBAC Header Validation Bypass via Multi-Value Header Concatenation...

7.5CVSS5.8AI score0.00293EPSS
Exploits1References2
EUVD
EUVD
added 2026/03/10 1:2 a.m.9 views

EUVD-2026-10341

Actual Sync Server has an Authenticated Path Traversal...

5.3CVSS5.8AI score0.00377EPSS
Exploits1References6
Snyk
Snyk
added 2026/03/10 1:2 a.m.4 views

Directory Traversal

Overview @actual-app/sync-server is an actual syncing server Affected versions of this package are vulnerable to Directory Traversal in the POST /sync/upload-user-file endpoint due to improper validation of the x-actual-file-id header. An attacker can write files outside the intended directory by...

5.3CVSS6.3AI score0.00377EPSS
Exploits1References2
CNNVD
CNNVD
added 2026/03/10 12:0 a.m.6 views

IBM Aspera Orchestrator 安全漏洞

IBM Aspera Orchestrator is a web-based application developed by IBM. It provides efficient file processing pipelines for data-driven businesses. Versions 3.0.0 to 4.1.2 of IBM Aspera Orchestrator have security vulnerabilities. These vulnerabilities stem from improper input validation of the HOST...

5.4CVSS5.7AI score0.00165EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/03/10 12:0 a.m.5 views

PT-2026-24377

Name of the Vulnerable Software and Affected Versions Envoy versions prior to 1.37.1 Envoy versions prior to 1.36.5 Envoy versions prior to 1.35.8 Envoy versions prior to 1.34.13 Description Envoy is a high-performance edge/middle/service proxy. The Envoy RBAC Role-Based Access Control filter has...

8.2CVSS5.8AI score0.00293EPSS
Exploits1References11
NVD
NVD
added 2026/03/09 2:16 p.m.7 views

CVE-2026-3089

Actual Sync Server allows authenticated users to upload files through POST /sync/upload-user-file. In versions prior to 26.3.0, improper validation of the user-controlled x-actual-file-id header means that traversal segments ../ can escape the intended directory and write files outside...

6.5CVSS0.00377EPSS
Exploits1References3
Cvelist
Cvelist
added 2026/03/09 2:8 p.m.27 views

CVE-2026-3089 Actual Sync Server 26.2.1 - Authenticated Path Traversal

Actual Sync Server allows authenticated users to upload files through POST /sync/upload-user-file. In versions prior to 26.3.0, improper validation of the user-controlled x-actual-file-id header means that traversal segments ../ can escape the intended directory and write files outside...

5.3CVSS0.00377EPSS
Exploits1References3
CVE
CVE
added 2026/03/09 2:8 p.m.14 views

CVE-2026-3089

CVE-2026-3089 : The Actual Sync Server is vulnerable to a path-traversal via the authenticated file-upload path POST /sync/upload-user-file. In versions prior to 26.3.0, improper validation of the user-controlled x-actual-file-id header allows traversal segments (../) to escape the intended direc...

6.5CVSS5.8AI score0.00377EPSS
Exploits1References3Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/03/09 2:8 p.m.4 views

CVE-2026-3089

Actual Sync Server allows authenticated users to upload files through POST /sync/upload-user-file. In versions prior to 26.3.0, improper validation of the user-controlled x-actual-file-id header means that traversal segments ../ can escape the intended directory and write files outside...

5.3CVSS5.8AI score0.00377EPSS
Exploits1References4Affected Software1
Vulnrichment
Vulnrichment
added 2026/03/09 2:8 p.m.2 views

CVE-2026-3089 Actual Sync Server 26.2.1 - Authenticated Path Traversal

Actual Sync Server allows authenticated users to upload files through POST /sync/upload-user-file. In versions prior to 26.3.0, improper validation of the user-controlled x-actual-file-id header means that traversal segments ../ can escape the intended directory and write files outside...

5.3CVSS5.8AI score0.00377EPSS
Exploits1References3
CNNVD
CNNVD
added 2026/03/09 12:0 a.m.6 views

actual 安全漏洞

actual is a personal finance tool developed by Actual. Versions prior to 26.3.0 of actual contained security vulnerabilities. These vulnerabilities stemmed from improper validation of the x-actual-file-id header, which was controlled by users. This could lead to directory traversal and arbitrary...

6.5CVSS5.9AI score0.00377EPSS
Exploits1References4
Positive Technologies
Positive Technologies
added 2026/03/09 12:0 a.m.6 views

PT-2026-27245

Name of the Vulnerable Software and Affected Versions OpenClaw versions prior to 2026.3.7 Description OpenClaw’s fetchWithSsrFGuard... function improperly validates headers during cross-origin redirects, allowing custom authorization headers like X-Api-Key and Private-Token to be forwarded to a...

9.3CVSS5.9AI score0.00316EPSS
Exploits0References14
RedhatCVE
RedhatCVE
added 2026/03/07 1:44 a.m.4 views

CVE-2026-29613

OpenClaw versions prior to 2026.2.12 contain a vulnerability in the BlueBubbles optional plugin webhook handler in which it authenticates requests based solely on loopback remoteAddress without validating forwarding headers, allowing bypass of configured webhook passwords. When the gateway operat...

8.2CVSS5.9AI score0.00408EPSS
Exploits0References1
RedHat Linux
RedHat Linux
added 2026/03/05 1:38 p.m.4 views

undertow-core: Undertow HTTP Server Fails to Reject Malformed Host Headers Leading to Potential Cache Poisoning and SSRF

A flaw was found in the Undertow HTTP server core, which is used in WildFly, JBoss EAP, and other Java applications. The Undertow library fails to properly validate the Host header in incoming HTTP requests.As a result, requests containing malformed or malicious Host headers are processed without...

9.6CVSS5.8AI score0.01179EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2026/03/05 1:34 p.m.8 views

undertow-core: Undertow HTTP Server Fails to Reject Malformed Host Headers Leading to Potential Cache Poisoning and SSRF

A flaw was found in the Undertow HTTP server core, which is used in WildFly, JBoss EAP, and other Java applications. The Undertow library fails to properly validate the Host header in incoming HTTP requests.As a result, requests containing malformed or malicious Host headers are processed without...

9.6CVSS5.8AI score0.01179EPSS
Exploits0References4
Veracode
Veracode
added 2026/03/04 4:45 p.m.7 views

Denial Of Service (DoS)

github.com/hashicorp/consul is vulnerable to Denial Of Service DoS. The vulnerability is due to incorrect Content Length header validation, where an attacker can exploit this vulnerability to cause a denial of service...

6.5CVSS5.9AI score0.00402EPSS
Exploits0References6Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/02/27 7:46 p.m.4 views

CVE-2026-27824

calibre is a cross-platform e-book manager for viewing, converting, editing, and cataloging e-books. Prior to version 9.4.0, the calibre Content Server's brute-force protection mechanism uses a ban key derived from both remoteaddr and the X-Forwarded-For header. Since the X-Forwarded-For header i...

5.3CVSS5.9AI score0.00148EPSS
Exploits1References2Affected Software1
EUVD
EUVD
added 2026/02/27 7:46 p.m.10 views

EUVD-2026-9057

calibre is a cross-platform e-book manager for viewing, converting, editing, and cataloging e-books. Prior to version 9.4.0, the calibre Content Server's brute-force protection mechanism uses a ban key derived from both remoteaddr and the X-Forwarded-For header. Since the X-Forwarded-For header i...

5.3CVSS5.9AI score0.00148EPSS
Exploits1References1
Rows per page
Query Builder