Lucene search
K

68 matches found

OSV
OSV
added 2025/09/10 2:15 p.m.5 views

CVE-2025-56406

An issue was discovered in mcp-neo4j 0.3.0 allowing attackers to obtain sensitive information or execute arbitrary commands via the SSE service. NOTE: the Supplier's position is that authentication is not mandatory for MCP servers, and the mcp-neo4j MCP server is only intended for use in a local...

7.5CVSS6AI score0.00448EPSS
Exploits0References3
GithubExploit
GithubExploit
added 2025/09/08 4:4 a.m.148 views

CWEXploit

This is a PoC Proof of Concept exploit for various CWE Common...

7.4AI score
Exploits0
Cvelist
Cvelist
added 2025/05/30 3:37 a.m.36 views

CVE-2025-48068 Information exposure in Next.js dev server due to lack of origin verification

Next.js is a React framework for building full-stack web applications. In versions starting from 13.0 to before 14.2.30 and 15.0.0 to before 15.2.2, Next.js may have allowed limited source code exposure when the dev server was running with the App Router enabled. The vulnerability only affects...

2.3CVSS0.00166EPSS
Exploits0References2
GithubExploit
GithubExploit
added 2025/04/24 10:53 a.m.589 views

Exploit for CVE-2025-30208

CVE-2025-30208 & CVE-2025-31125 & CVE-2025-31486 1. Overvie...

5.3CVSS6.8AI score0.76736EPSS
Exploits35
Snyk
Snyk
added 2024/11/05 12:31 a.m.8 views

Arbitrary Code Injection

Overview langflow is an A Python package with a built-in web application Affected versions of this package are vulnerable to Arbitrary Code Injection through any components that provided the code functionality running on the local machine rather than a sandboxed environment. An attacker can execu...

10CVSS7.8AI score0.01318EPSS
Exploits2References2
Positive Technologies
Positive Technologies
added 2024/04/09 12:0 a.m.6 views

PT-2024-2807 · Microsoft · Azure Migrate

Name of the Vulnerable Software and Affected Versions: Azure Migrate affected versions not specified Description: The issue is related to improper authorization in the Azure Migrate service for transferring data from a local environment. Exploitation of this issue may allow a remote attacker to...

6.5CVSS9.1AI score0.00854EPSS
Exploits0References5
Veracode
Veracode
added 2024/04/05 6:59 a.m.25 views

Information Exposure

Quarkus-core is vulnerable to Information Exposure. The vulnerability is due to the capture of local environment variables from the Quarkus namespace during the build process, leading to applications inheriting potentially sensitive or test-specific settings at runtime...

7CVSS6.8AI score0.00286EPSS
Exploits0References10Affected Software1
Github Security Blog
Github Security Blog
added 2024/04/04 3:30 p.m.45 views

quarkus-core leaks local environment variables from Quarkus namespace during application's build

A vulnerability was found in the quarkus-core component. Quarkus captures the local environment variables from the Quarkus namespace during the application's build. Thus, running the resulting application inherits the values captured at build time. However, some local environment variables may ha...

7CVSS6.9AI score0.00286EPSS
Exploits0References16Affected Software1
NVD
NVD
added 2024/04/04 2:15 p.m.63 views

CVE-2024-2700

A vulnerability was found in the quarkus-core component. Quarkus captures local environment variables from the Quarkus namespace during the application's build, therefore, running the resulting application inherits the values captured at build time. Some local environment variables may have been...

7CVSS7AI score0.00286EPSS
Exploits0References8
Cvelist
Cvelist
added 2024/04/04 1:46 p.m.80 views

CVE-2024-2700 Quarkus-core: leak of local configuration properties into quarkus applications

A vulnerability was found in the quarkus-core component. Quarkus captures local environment variables from the Quarkus namespace during the application's build, therefore, running the resulting application inherits the values captured at build time. Some local environment variables may have been...

7CVSS7AI score0.00286EPSS
Exploits0References8
Positive Technologies
Positive Technologies
added 2024/04/04 12:0 a.m.5 views

PT-2024-21609 · Quarkus · Quarkus

Name of the Vulnerable Software and Affected Versions: Quarkus affected versions not specified Description: A vulnerability was found in the quarkus-core component. Quarkus captures local environment variables from the Quarkus namespace during the application's build, and the resulting applicatio...

7CVSS7.7AI score0.00286EPSS
Exploits0References24
Prion
Prion
added 2024/01/30 7:15 a.m.19 views

Server side request forgery (ssrf)

A Blind SSRF vulnerability exists in the "Crawl Meta Data" functionality of SEO Panel version 4.10.0. This makes it possible for remote attackers to scan ports in the local environment...

5CVSS7AI score0.00609EPSS
Exploits1References1Affected Software1
Prion
Prion
added 2023/10/17 12:15 a.m.16 views

Server side request forgery (ssrf)

Engelsystem is a shift planning system for chaos events. A Blind SSRF in the "Import schedule" functionality makes it possible to perform a port scan against the local environment. This vulnerability has been fixed in commit ee7d30b33. If a patch cannot be deployed, operators should ensure that n...

1.4CVSS3.9AI score0.00302EPSS
Exploits1References2Affected Software1
Cvelist
Cvelist
added 2023/10/16 11:34 p.m.35 views

CVE-2023-45152 Blind Server Side Request Forgery (SSRF) in remote schedule import feature in Engelsystem

Engelsystem is a shift planning system for chaos events. A Blind SSRF in the "Import schedule" functionality makes it possible to perform a port scan against the local environment. This vulnerability has been fixed in commit ee7d30b33. If a patch cannot be deployed, operators should ensure that n...

2CVSS3.8AI score0.00302EPSS
Exploits1References2
NVD
NVD
added 2022/06/14 9:15 a.m.27 views

CVE-2022-27176

Incomplete filtering of special elements vulnerability exists in RevoWorks SCVX using 'File Sanitization Library' 1.043 and prior versions, RevoWorks Browser 2.2.67 and prior versions when using 'File Sanitization Option', and RevoWorks Desktop 2.1.84 and prior versions when using 'File...

7.8CVSS0.00579EPSS
Exploits0References2
Prion
Prion
added 2022/06/14 9:15 a.m.14 views

Design/Logic Flaw

Incomplete filtering of special elements vulnerability exists in RevoWorks SCVX using 'File Sanitization Library' 1.043 and prior versions, RevoWorks Browser 2.2.67 and prior versions when using 'File Sanitization Option', and RevoWorks Desktop 2.1.84 and prior versions when using 'File...

6.8CVSS7.5AI score0.00579EPSS
Exploits0References2Affected Software3
Cvelist
Cvelist
added 2022/06/14 7:5 a.m.22 views

CVE-2022-27176

Incomplete filtering of special elements vulnerability exists in RevoWorks SCVX using 'File Sanitization Library' 1.043 and prior versions, RevoWorks Browser 2.2.67 and prior versions when using 'File Sanitization Option', and RevoWorks Desktop 2.1.84 and prior versions when using 'File...

7.7AI score0.00579EPSS
Exploits0References2
OSV
OSV
added 2021/09/17 2:15 a.m.4 views

CVE-2021-20791

Improper access control vulnerability in RevoWorks Browser 2.1.230 and earlier allows an attacker to bypass access restriction and to exchange unauthorized files between the local environment and the isolated environment or settings of the web browser via unspecified vectors...

9.3CVSS7.3AI score0.00815EPSS
Exploits0References2
Veracode
Veracode
added 2020/10/16 5:17 a.m.8 views

Malicious Package

nodetest199 is a malicious package. The package contains malicious code in index.js which sends local environment variables to a remote server. The malicious code does not execute upon installation...

4.2AI score
Exploits0
IBM Security Bulletins
IBM Security Bulletins
added 2019/12/20 1:51 p.m.39 views

Security Bulletin: Mutiple Vulnerabilities in OpenSSL affects IBM Watson Studio Local

Summary Mutiple Vulnerabilities in OpenSSL affects IBM Watson Studio Local Vulnerability Details CVEID: CVE-2018-0734 DESCRIPTION: The OpenSSL DSA signature algorithm has been shown to be vulnerable to a timing side channel attack. An attacker could use variations in the signing algorithm to...

7.5CVSS0.8AI score0.49268EPSS
Exploits4Affected Software1
Rows per page
Query Builder