122 matches found
Exploit for CVE-2026-27944
Nginx UI Discovery Scanner - CVE-2026-27944 Version Detector ht...
openSUSE 16 Security Update : gitea-tea (openSUSE-SU-2026:20318-1)
The remote openSUSE 16 host has packages installed that are affected by multiple vulnerabilities as referenced in the openSUSE-SU-2026:20318-1 advisory. Changes in gitea-tea: - update to 0.12.0: New Features - Add tea actions commands for managing workflow runs and workflows in 880, 796 - Add tea...
OPENSUSE-SU-2026:20318-1 Security update for gitea-tea
This update for gitea-tea fixes the following issues: Changes in gitea-tea: - update to 0.12.0: New Features - Add tea actions commands for managing workflow runs and workflows in 880, 796 - Add tea api subcommand for arbitrary API calls not covered by existing commands in 879 - Add repository...
CVE-2026-21626
Access control settings for forum post custom fields are not applied to the JSON output type, leading to an ACL violation vector an information disclosure...
CVE-2026-21626 Extension - stackideas.com - Information disclosure in post custom fields in EasyDiscuss 1.0.0-5.0.15 for Joomla
Access control settings for forum post custom fields are not applied to the JSON output type, leading to an ACL violation vector an information disclosure...
CVE-2026-21626 Extension - stackideas.com - Information disclosure in post custom fields in EasyDiscuss 1.0.0-5.0.15 for Joomla
Access control settings for forum post custom fields are not applied to the JSON output type, leading to an ACL violation vector an information disclosure...
CVE-2026-21626
Access control settings for forum post custom fields are not applied to the JSON output type, leading to an ACL violation vector an information disclosure...
Exploit for Argument Injection in Gnu Inetutils
CVE-2026-24061 GNU inetutils Telnet Detector A safe, passive...
PT-2026-6689
Name of the Vulnerable Software and Affected Versions EasyDiscuss affected versions not specified Description Access control settings for forum post custom fields are not enforced when data is output in JSON format. This results in an Access Control List ACL bypass, potentially leading to...
Exploit for Deserialization of Untrusted Data in Facebook React
next88 - React Server Components RCE Scanner High-performance...
Credential Disclosure
Grype is vulnerable to credential disclosure. The vulnerability is due to improper sanitization of registry credentials in output files generated using the --file or --output json= options, which allows an attacker to obtain exposed registry credentials from the generated output files...
CVE-2025-65965
Grype is a vulnerability scanner for container images and filesystems. A credential disclosure vulnerability was found in Grype, affecting versions 0.68.0 through 0.104.0. If registry credentials are defined and the output of grype is written using the --file or --output json= option, the registr...
CVE-2025-65965 Grype has a credential disclosure vulnerability in Grype JSON output
Grype is a vulnerability scanner for container images and filesystems. A credential disclosure vulnerability was found in Grype, affecting versions 0.68.0 through 0.104.0. If registry credentials are defined and the output of grype is written using the --file or --output json= option, the registr...
CVE-2025-65965 Grype has a credential disclosure vulnerability in Grype JSON output
Grype is a vulnerability scanner for container images and filesystems. A credential disclosure vulnerability was found in Grype, affecting versions 0.68.0 through 0.104.0. If registry credentials are defined and the output of grype is written using the --file or --output json= option, the registr...
CVE-2025-65965
CVE-2025-65965 affects Grype versions 0.68.0–0.104.0 . If registry credentials are configured and Grype output is written with --file or --output json= , the credentials can be included in the output file in an unsanitized form. A fix is available in 0.104.1 . Workaround: avoid those options and ...
CVE-2025-65965 Grype has a credential disclosure vulnerability in Grype JSON output
Grype is a vulnerability scanner for container images and filesystems. A credential disclosure vulnerability was found in Grype, affecting versions 0.68.0 through 0.104.0. If registry credentials are defined and the output of grype is written using the --file or --output json= option, the registr...
GO-2025-4160 Grype has a credential disclosure vulnerability in its JSON output in github.com/anchore/grype
Grype has a credential disclosure vulnerability in its JSON output in github.com/anchore/grype...
Improper Removal of Sensitive Information Before Storage or Transfer
Overview Affected versions of this package are vulnerable to Improper Removal of Sensitive Information Before Storage or Transfer in the form of registry credentials in JSON output files. When registry authentication is configured, an attacker can obtain registry credentials or other values e.g...
Improper Removal of Sensitive Information Before Storage or Transfer
Overview Affected versions of this package are vulnerable to Improper Removal of Sensitive Information Before Storage or Transfer in the form of registry credentials in JSON output files. When registry authentication is configured, an attacker can obtain registry credentials or other values e.g...
Grype has a credential disclosure vulnerability in its JSON output
A credential disclosure vulnerability was found in Grype, affecting versions v0.68.0 through v0.104.0. If registry credentials are defined and the output of grype is written using the --file or --output json= option, the registry credentials will be included unsanitized in the output file. Impact...