Lucene search
+L

3176 matches found

Tenable Nessus
Tenable Nessus
added 2026/05/05 12:0 a.m.10 views

Linux Distros Unpatched Vulnerability : CVE-2026-6951

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Versions of the package simple-git before 3.36.0 are vulnerable to Remote Code Execution RCE due to an incomplete fix for CVE-2022-25912 that blocks the -c opti...

9.8CVSS6.5AI score0.00877EPSS
Exploits1References2
OSV
OSV
added 2026/05/04 10:8 p.m.4 views

GHSA-PG67-9WJV-MR85 pyload-ng: non-admin SETTINGS users can redirect all outbound traffic through an attacker-controlled proxy via unrestricted `proxy.*` config (incomplete fix for CVE-2026-33509 / -35463 / -35464 / -35586)

Summary The setconfigvalue API method @permissionPerms.SETTINGS in src/pyload/core/api/init.py gates security-sensitive options behind a hand-maintained allowlist ADMINONLYCOREOPTIONS. The allowlist contains "proxy", "username" and "proxy", "password" — which protect the proxy credentials — but i...

8.3CVSS6AI score0.00396EPSS
Exploits1References8
Github Security Blog
Github Security Blog
added 2026/05/04 10:8 p.m.10 views

pyload-ng: non-admin SETTINGS users can redirect all outbound traffic through an attacker-controlled proxy via unrestricted `proxy.*` config (incomplete fix for CVE-2026-33509 / -35463 / -35464 / -35586)

Summary The setconfigvalue API method @permissionPerms.SETTINGS in src/pyload/core/api/init.py gates security-sensitive options behind a hand-maintained allowlist ADMINONLYCOREOPTIONS. The allowlist contains "proxy", "username" and "proxy", "password" — which protect the proxy credentials — but i...

8.3CVSS6AI score0.00396EPSS
Exploits1References8Affected Software1
OSV
OSV
added 2026/05/04 8:12 p.m.6 views

GHSA-7VF8-2CR6-54MF Argo vulnerable to exposure of artifact repository credentials

Summary The workflow executor logs all artifact repository credentials S3 access keys, secret keys, GCS service account keys, Azure account keys, Git passwords, etc. in plaintext on artifact operation. Any user with read access to workflow pod logs can extract these credentials. Note: This is an...

8.5CVSS5.8AI score0.00357EPSS
Exploits1References7
Hacker One
Hacker One
added 2026/05/01 5:32 p.m.32 views

curl: libcurl 8.20.0 incomplete fix for CVE-2026-7168: changing only CURLOPT_PROXYPORT leaks stale Proxy Digest auth to a different proxy

Summary: I found an incomplete-fix variant of CVE-2026-7168 in curl 8.20.0. The 8.20.0 fix clears state.proxydigest / state.authproxy when CURLOPTPROXY changes, but not when only CURLOPTPROXYPORT changes. On the same easy handle, request 1 through proxyA CURLOPTPROXYPORT=18197 learns Proxy Digest...

5.3CVSS5.8AI score0.00471EPSS
Exploits1
OSV
OSV
added 2026/05/01 12:30 p.m.6 views

GHSA-VF5J-865M-MQ7C Apache MINA vulnerable to Deserialization of Untrusted Data (CVE-2026-41635 Incomplete Fix)

The fix for CVE-2026-41635 was not applied to the 2.1.X and 2.2.X branches. Here was the original issue description: Apache MINA's AbstractIoBuffer.resolveClass contains two branches, one of them for static classes or primitive types does not check the class at all, bypassing the classname...

9.8CVSS6AI score0.00902EPSS
Exploits1References4
Github Security Blog
Github Security Blog
added 2026/05/01 12:30 p.m.11 views

Apache MINA vulnerable to Deserialization of Untrusted Data (CVE-2026-41409 Incomplete Fix)

The fix for CVE-2026-41409 was not applied to the 2.1.X and 2.2.X branches. Here was the original issue description: The fix for CVE-2024-52046 in Apache MINA AbstractIoBuffer.getObject was incomplete. The classname allowlist of classes allowed to be deserialized was applied too late after a stat...

9.8CVSS7.1AI score0.00657EPSS
Exploits0References5Affected Software1
RedHat Linux
RedHat Linux
added 2026/04/30 2:2 p.m.8 views

Apache Tomcat: Apache Tomcat: Improper Input Validation vulnerability due to incomplete fix

A flaw was found in Apache Tomcat. This improper input validation vulnerability stems from an incomplete fix for a previous security issue CVE-2025-66614. This flaw may allow an attacker to bypass security controls or cause unexpected behavior within the application...

9.1CVSS6.8AI score0.00307EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2026/04/30 1:58 p.m.8 views

Apache Tomcat: Apache Tomcat: Improper Input Validation vulnerability due to incomplete fix

A flaw was found in Apache Tomcat. This improper input validation vulnerability stems from an incomplete fix for a previous security issue CVE-2025-66614. This flaw may allow an attacker to bypass security controls or cause unexpected behavior within the application...

9.1CVSS6.8AI score0.00307EPSS
Exploits0References5
Vulnrichment
Vulnrichment
added 2026/04/28 6:9 p.m.4 views

CVE-2026-41400 OpenClaw < 2026.3.31 - Resource Consumption via Oversized WebSocket Frames in voice-call

OpenClaw before 2026.3.31 contains an incomplete fix for CVE-2026-32062 where the voice-call component parses large WebSocket frames before start validation. Remote attackers can send oversized pre-start WebSocket frames to cause resource consumption and denial of service...

6.9CVSS5.2AI score0.00532EPSS
Exploits0References3
EUVD
EUVD
added 2026/04/28 6:9 p.m.8 views

EUVD-2026-26108

OpenClaw before 2026.3.31 contains an incomplete fix for CVE-2026-32062 where the voice-call component parses large WebSocket frames before start validation. Remote attackers can send oversized pre-start WebSocket frames to cause resource consumption and denial of service...

8.7CVSS5.2AI score0.00532EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2026/04/28 6:9 p.m.6 views

CVE-2026-41400

OpenClaw before 2026.3.31 contains an incomplete fix for CVE-2026-32062 where the voice-call component parses large WebSocket frames before start validation. Remote attackers can send oversized pre-start WebSocket frames to cause resource consumption and denial of service...

8.7CVSS5.2AI score0.00532EPSS
Exploits0References4
Github Security Blog
Github Security Blog
added 2026/04/27 12:30 p.m.24 views

Apache MINA Vulnerable to Deserialization of Untrusted Data (CVE-2024-52046 Incomplete Fix)

The fix for CVE-2024-52046 in Apache MINA AbstractIoBuffer.getObject was incomplete. The classname allowlist of classes allowed to be deserialized was applied too late after a static initializer in a class to be read might already have been executed. Affected versions are Apache MINA 2.0.0 =...

10CVSS7.3AI score0.23932EPSS
Exploits1References4Affected Software1
NVD
NVD
added 2026/04/21 11:16 p.m.7 views

CVE-2026-41063

WWBN AVideo is an open source video platform. In versions 29.0 and below, an incomplete XSS fix in AVideo's ParsedownSafeWithLinks class overrides inlineMarkup for raw HTML but does not override inlineLink or inlineUrlTag, allowing javascript: URLs in markdown link syntax to bypass sanitization...

5.4CVSS0.00216EPSS
Exploits2References4
NVD
NVD
added 2026/04/21 11:16 p.m.6 views

CVE-2026-41055

WWBN AVideo is an open source video platform. In versions 29.0 and below, an incomplete SSRF fix in AVideo's LiveLinks proxy adds isSSRFSafeURL validation but leaves DNS TOCTOU vulnerabilities where DNS rebinding between validation and the actual HTTP request redirects traffic to internal...

8.6CVSS0.00377EPSS
Exploits2References4
EUVD
EUVD
added 2026/04/21 11:4 p.m.6 views

EUVD-2026-24561

WWBN AVideo is an open source video platform. In versions up to and including 29.0, an incomplete fix for AVideo's test.php adds escapeshellarg for wget but leaves the filegetcontents and curl code paths unsanitized, and the URL validation regex /^http/ accepts strings like httpevil.com. Commit...

9.3CVSS5.7AI score0.00335EPSS
Exploits1References4
ATTACKERKB
ATTACKERKB
added 2026/04/21 11:4 p.m.6 views

CVE-2026-41064

WWBN AVideo is an open source video platform. In versions up to and including 29.0, an incomplete fix for AVideo's test.php adds escapeshellarg for wget but leaves the filegetcontents and curl code paths unsanitized, and the URL validation regex /^http/ accepts strings like httpevil.com. Commit...

9.3CVSS5.7AI score0.00335EPSS
Exploits1References5Affected Software1
Cvelist
Cvelist
added 2026/04/21 11:4 p.m.49 views

CVE-2026-41064 AVideo has an incomplete fix for CVE-2026-33502 (Command Injection)

WWBN AVideo is an open source video platform. In versions up to and including 29.0, an incomplete fix for AVideo's test.php adds escapeshellarg for wget but leaves the filegetcontents and curl code paths unsanitized, and the URL validation regex /^http/ accepts strings like httpevil.com. Commit...

9.3CVSS0.00335EPSS
Exploits1References4
OSV
OSV
added 2026/04/21 11:4 p.m.3 views

CVE-2026-41064 AVideo has an incomplete fix for CVE-2026-33502 (Command Injection)

WWBN AVideo is an open source video platform. In versions up to and including 29.0, an incomplete fix for AVideo's test.php adds escapeshellarg for wget but leaves the filegetcontents and curl code paths unsanitized, and the URL validation regex /^http/ accepts strings like httpevil.com. Commit...

9.3CVSS5.9AI score0.00335EPSS
Exploits1References6
CVE
CVE
added 2026/04/21 10:59 p.m.17 views

CVE-2026-41063

CVE-2026-33500 / CVE-2026-41063 (AVideo) : In versions up to 26.0, WWBN AVideo’s custom ParsedownSafeWithLinks sanitizes raw HTML but does not override inlineLink() and inlineUrlTag() in the base Parsedown, so markdown links using [text](javascript:…) or bypass sanitization. Public docs confirm ...

5.4CVSS5.7AI score0.00218EPSS
Exploits2References4Affected Software1
Rows per page
Query Builder