Lucene search
K

212 matches found

Vulnrichment
Vulnrichment
added 2026/04/01 3:7 p.m.2 views

CVE-2026-4989

Improper input validation in the gateway health check feature in Devolutions Server allows a low-privileged authenticated user to perform server-side request forgery SSRF, potentially leading to information disclosure, via a crafted API request. This issue affects Server: from 2026.1.1 through...

5.9AI score0.00162EPSS
Exploits0References1
CVE
CVE
added 2026/04/01 3:7 p.m.10 views

CVE-2026-4989

The CVE-2026-4989 entry describes a vulnerability in Devolutions Server where improper input validation in the gateway health check enables a low-privilege authenticated user to trigger server-side request forgery (SSRF) and potentially disclose information. Affected versions include 2026.1.1–202...

4.3CVSS5.9AI score0.00162EPSS
Exploits0References1Affected Software1
Positive Technologies
Positive Technologies
added 2026/04/01 12:0 a.m.4 views

PT-2026-29541

Improper input validation in the gateway health check feature in Devolutions Server allows a low-privileged authenticated user to perform server-side request forgery SSRF, potentially leading to information disclosure, via a crafted API request. This issue affects Server: from 2026.1.1 through...

5.9AI score0.00162EPSS
Exploits0References2
GithubExploit
GithubExploit
added 2026/03/05 6:37 a.m.143 views

Blueprint-POC

Sales-to-Delivery Agent Orchestration System - POC Phase 1...

5.9AI score
Exploits0
Huntr
Huntr
added 2026/02/25 7:28 a.m.9 views

Authentication Bypass via endswith() Health Check Exemption Allows Unauthenticated Access to Variables/Secrets in prefecthq/prefect

Description When PREFECTSERVERAPIAUTHSTRING is configured, Prefect Server's authentication middleware exempts any URL path ending with "health" or "ready" to allow health check probes. However, multiple API endpoints accept user-controlled string names as URL path parameters e.g.,...

7.5CVSS7.1AI score0.00476EPSS
Exploits1
Oracle linux
Oracle linux
added 2026/02/24 12:0 a.m.10 views

389-ds-base security update

3.1.3-7 - Bump version to 3.1.3-7 - Resolves: RHEL-117764 - Replication online reinitialization of a large database gets stalled. rhel-10.1.z - Resolves: RHEL-123274 - LDAP high CPU usage while handling indexes with IDL scan limit at INTMAX rhel-10.1.z - Resolves: RHEL-123281 - The new...

7.2CVSS6.2AI score0.01038EPSS
Exploits0
RedHat Linux
RedHat Linux
added 2026/02/05 2:53 p.m.6 views

io.quarkus/quarkus-rest: Quarkus REST Worker Thread Exhaustion Vulnerability

A flaw was found in the Quarkus REST HTTP layer. This vulnerability allows remote attackers to cause an application level denial of service by repeatedly dropping client connections while response chunks are being transmitted, leading to worker thread exhaustion...

7.5CVSS5.8AI score0.00349EPSS
Exploits0References4
EUVD
EUVD
added 2026/01/20 3:55 a.m.4 views

EUVD-2026-3513

Malicious code in health-check-node npm...

5.5AI score
Exploits0References1
OSV
OSV
added 2026/01/20 3:55 a.m.4 views

MAL-2026-362 Malicious code in health-check-node (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 22d7973f13d7c4d97055a6036168bc96953d8faf1d68944505f62cba678f942e The package health-check-node was found to contain malicious code. Source: ghsa-malware...

5.5AI score
Exploits0References1
Snyk
Snyk
added 2026/01/20 3:55 a.m.5 views

Malicious Package

Overview health-check-node is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...

9.8CVSS5.5AI score
Exploits0References2
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/01/20 3:55 a.m.6 views

Malicious code in health-check-node (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 22d7973f13d7c4d97055a6036168bc96953d8faf1d68944505f62cba678f942e The package health-check-node was found to contain malicious code. Source: ghsa-malware...

5.5AI score
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 9:26 a.m.7 views

CVE-2023-4242

The FULL - Customer plugin for WordPress is vulnerable to Information Disclosure via the /health REST route in versions up to, and including, 2.2.3 due to improper authorization. This allows authenticated attackers with subscriber-level permissions and above to obtain sensitive information about...

4.3CVSS5.8AI score0.00432EPSS
Exploits0References1
NVD
NVD
added 2026/01/07 6:15 p.m.6 views

CVE-2025-66560

Quarkus is a Cloud Native, Linux Container First framework for writing Java applications. Prior to versions 3.31.0, 3.27.2, and 3.20.5, a vulnerability exists in the HTTP layer of Quarkus REST related to response handling. When a response is being written, the framework waits for previously writt...

7.5CVSS0.00349EPSS
Exploits0References1
Github Security Blog
Github Security Blog
added 2026/01/07 6:9 p.m.13 views

Quarkus REST has potential worker thread starvation when HTTP connection is closed while waiting to write

A vulnerability exists in the HTTP layer of Quarkus REST related to response handling. When a response is being written, the framework waits for previously written response chunks to be fully transmitted before proceeding. If the client connection is dropped during this waiting period, the...

7.5CVSS6.8AI score0.00349EPSS
Exploits0References3Affected Software1
Vulnrichment
Vulnrichment
added 2026/01/07 5:33 p.m.6 views

CVE-2025-66560 Quarkus REST has potential worker thread starvation when HTTP connection is closed while waiting to write

Quarkus is a Cloud Native, Linux Container First framework for writing Java applications. Prior to versions 3.31.0, 3.27.2, and 3.20.5, a vulnerability exists in the HTTP layer of Quarkus REST related to response handling. When a response is being written, the framework waits for previously writt...

5.9CVSS6.5AI score0.00349EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/01/07 5:33 p.m.28 views

CVE-2025-66560 Quarkus REST has potential worker thread starvation when HTTP connection is closed while waiting to write

Quarkus is a Cloud Native, Linux Container First framework for writing Java applications. Prior to versions 3.31.0, 3.27.2, and 3.20.5, a vulnerability exists in the HTTP layer of Quarkus REST related to response handling. When a response is being written, the framework waits for previously writt...

5.9CVSS0.00349EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/01/07 12:0 a.m.13 views

PT-2026-1858

Name of the Vulnerable Software and Affected Versions Quarkus versions prior to 3.31.0 Quarkus versions prior to 3.27.2 Quarkus versions prior to 3.20.5 Description Quarkus is a Cloud Native framework for Java applications. A flaw exists in the HTTP layer related to response handling. When writin...

7.5CVSS6.4AI score0.00349EPSS
Exploits0References8
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/12/19 8:42 p.m.8 views

Malicious code in system-health-check-test-unique (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 10bfd6e986187675dd7d7e3a8f860807e408fd6a91694ca0e0128be83fa8fc47 Importing the module exfiltrates content of /var/www/html to a remote host --- Category: MALICIOUS - The campaign has clearly malicious intent, like...

7AI score
Exploits0References1
OSV
OSV
added 2025/12/19 8:42 p.m.7 views

MAL-2025-192679 Malicious code in system-health-check-test-unique (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 10bfd6e986187675dd7d7e3a8f860807e408fd6a91694ca0e0128be83fa8fc47 Importing the module exfiltrates content of /var/www/html to a remote host --- Category: MALICIOUS - The campaign has clearly malicious intent, like...

6.9AI score
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/12/17 10:2 a.m.4 views

CVE-2025-64253

Path Traversal: '.../...//' vulnerability in WordPress.org Health Check & Troubleshooting health-check allows Path Traversal.This issue affects Health Check & Troubleshooting: from n/a through = 1.7.1...

4.9CVSS7AI score0.00419EPSS
Exploits0References1
Rows per page
Query Builder