Lucene search
K

122 matches found

GithubExploit
GithubExploit
added 2026/03/10 3:14 p.m.216 views

Exploit for CVE-2026-27944

Nginx UI Discovery Scanner - CVE-2026-27944 Version Detector ht...

9.8CVSS5.9AI score0.22162EPSS
Exploits13
Tenable Nessus
Tenable Nessus
added 2026/03/06 12:0 a.m.4 views

openSUSE 16 Security Update : gitea-tea (openSUSE-SU-2026:20318-1)

The remote openSUSE 16 host has packages installed that are affected by multiple vulnerabilities as referenced in the openSUSE-SU-2026:20318-1 advisory. Changes in gitea-tea: - update to 0.12.0: New Features - Add tea actions commands for managing workflow runs and workflows in 880, 796 - Add tea...

5.3CVSS6AI score0.00502EPSS
Exploits1References4
OSV
OSV
added 2026/03/03 2:44 p.m.1 views

OPENSUSE-SU-2026:20318-1 Security update for gitea-tea

This update for gitea-tea fixes the following issues: Changes in gitea-tea: - update to 0.12.0: New Features - Add tea actions commands for managing workflow runs and workflows in 880, 796 - Add tea api subcommand for arbitrary API calls not covered by existing commands in 879 - Add repository...

5.3CVSS7.5AI score0.00502EPSS
Exploits1References2
NVD
NVD
added 2026/02/06 8:15 a.m.5 views

CVE-2026-21626

Access control settings for forum post custom fields are not applied to the JSON output type, leading to an ACL violation vector an information disclosure...

9.2CVSS0.00369EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/02/06 7:49 a.m.5 views

CVE-2026-21626 Extension - stackideas.com - Information disclosure in post custom fields in EasyDiscuss 1.0.0-5.0.15 for Joomla

Access control settings for forum post custom fields are not applied to the JSON output type, leading to an ACL violation vector an information disclosure...

9.2CVSS5.3AI score0.00369EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/02/06 7:49 a.m.27 views

CVE-2026-21626 Extension - stackideas.com - Information disclosure in post custom fields in EasyDiscuss 1.0.0-5.0.15 for Joomla

Access control settings for forum post custom fields are not applied to the JSON output type, leading to an ACL violation vector an information disclosure...

9.2CVSS0.00369EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/02/06 7:49 a.m.5 views

CVE-2026-21626

Access control settings for forum post custom fields are not applied to the JSON output type, leading to an ACL violation vector an information disclosure...

9.2CVSS5.3AI score0.00369EPSS
Exploits0References2Affected Software1
GithubExploit
GithubExploit
added 2026/02/06 12:36 a.m.160 views

Exploit for Argument Injection in Gnu Inetutils

CVE-2026-24061 GNU inetutils Telnet Detector A safe, passive...

9.8CVSS7.6AI score0.98871EPSS
Exploits61
Positive Technologies
Positive Technologies
added 2026/02/06 12:0 a.m.10 views

PT-2026-6689

Name of the Vulnerable Software and Affected Versions EasyDiscuss affected versions not specified Description Access control settings for forum post custom fields are not enforced when data is output in JSON format. This results in an Access Control List ACL bypass, potentially leading to...

9.2CVSS5.4AI score0.00369EPSS
Exploits0References6
GithubExploit
GithubExploit
added 2025/12/13 3:42 a.m.160 views

Exploit for Deserialization of Untrusted Data in Facebook React

next88 - React Server Components RCE Scanner High-performance...

10CVSS7.5AI score0.99562EPSS
Exploits387
Veracode
Veracode
added 2025/12/03 12:49 a.m.9 views

Credential Disclosure

Grype is vulnerable to credential disclosure. The vulnerability is due to improper sanitization of registry credentials in output files generated using the --file or --output json= options, which allows an attacker to obtain exposed registry credentials from the generated output files...

8.2CVSS5.8AI score0.0013EPSS
Exploits0References4Affected Software2
NVD
NVD
added 2025/11/25 8:16 p.m.4 views

CVE-2025-65965

Grype is a vulnerability scanner for container images and filesystems. A credential disclosure vulnerability was found in Grype, affecting versions 0.68.0 through 0.104.0. If registry credentials are defined and the output of grype is written using the --file or --output json= option, the registr...

8.2CVSS0.0013EPSS
Exploits0References3
Cvelist
Cvelist
added 2025/11/25 7:36 p.m.8 views

CVE-2025-65965 Grype has a credential disclosure vulnerability in Grype JSON output

Grype is a vulnerability scanner for container images and filesystems. A credential disclosure vulnerability was found in Grype, affecting versions 0.68.0 through 0.104.0. If registry credentials are defined and the output of grype is written using the --file or --output json= option, the registr...

8.2CVSS0.0013EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2025/11/25 7:36 p.m.4 views

CVE-2025-65965 Grype has a credential disclosure vulnerability in Grype JSON output

Grype is a vulnerability scanner for container images and filesystems. A credential disclosure vulnerability was found in Grype, affecting versions 0.68.0 through 0.104.0. If registry credentials are defined and the output of grype is written using the --file or --output json= option, the registr...

8.2CVSS6.2AI score0.0013EPSS
Exploits0References3
CVE
CVE
added 2025/11/25 7:36 p.m.19 views

CVE-2025-65965

CVE-2025-65965 affects Grype versions 0.68.0–0.104.0 . If registry credentials are configured and Grype output is written with --file or --output json= , the credentials can be included in the output file in an unsanitized form. A fix is available in 0.104.1 . Workaround: avoid those options and ...

8.2CVSS6.2AI score0.0013EPSS
Exploits0References3
OSV
OSV
added 2025/11/25 7:36 p.m.5 views

CVE-2025-65965 Grype has a credential disclosure vulnerability in Grype JSON output

Grype is a vulnerability scanner for container images and filesystems. A credential disclosure vulnerability was found in Grype, affecting versions 0.68.0 through 0.104.0. If registry credentials are defined and the output of grype is written using the --file or --output json= option, the registr...

8.2CVSS6.5AI score0.0013EPSS
Exploits0References5
OSV
OSV
added 2025/11/25 6:12 p.m.4 views

GO-2025-4160 Grype has a credential disclosure vulnerability in its JSON output in github.com/anchore/grype

Grype has a credential disclosure vulnerability in its JSON output in github.com/anchore/grype...

8.2CVSS6.7AI score0.0013EPSS
Exploits0References3
Snyk
Snyk
added 2025/11/25 2:18 p.m.3 views

Improper Removal of Sensitive Information Before Storage or Transfer

Overview Affected versions of this package are vulnerable to Improper Removal of Sensitive Information Before Storage or Transfer in the form of registry credentials in JSON output files. When registry authentication is configured, an attacker can obtain registry credentials or other values e.g...

8.2CVSS6.9AI score0.0013EPSS
Exploits0References2
Snyk
Snyk
added 2025/11/25 2:18 p.m.3 views

Improper Removal of Sensitive Information Before Storage or Transfer

Overview Affected versions of this package are vulnerable to Improper Removal of Sensitive Information Before Storage or Transfer in the form of registry credentials in JSON output files. When registry authentication is configured, an attacker can obtain registry credentials or other values e.g...

8.2CVSS6.9AI score0.0013EPSS
Exploits0References2
Github Security Blog
Github Security Blog
added 2025/11/25 2:18 p.m.8 views

Grype has a credential disclosure vulnerability in its JSON output

A credential disclosure vulnerability was found in Grype, affecting versions v0.68.0 through v0.104.0. If registry credentials are defined and the output of grype is written using the --file or --output json= option, the registry credentials will be included unsanitized in the output file. Impact...

8.2CVSS6.8AI score0.0013EPSS
Exploits0References6Affected Software1
Rows per page
Query Builder