Lucene search
K

11 matches found

CNNVD
CNNVD
added 2026/04/10 12:0 a.m.9 views

Vikunja 安全漏洞

Vikunja is an open-source to-do application developed by Vikunja developers. Versions of Vikunja prior to 2.3.0 contained security vulnerabilities. These vulnerabilities stemmed from the use of the Size field in JSON metadata at the file import endpoint for size checks, rather than the actual...

7.1CVSS5.8AI score0.00338EPSS
Exploits1References4
CNNVD
CNNVD
added 2026/04/08 12:0 a.m.10 views

frontmcp 代码问题漏洞

FrontMCP is an open-source MCP server development framework based on TypeScript, created by AgentFront. Versions of FrontMCP prior to 2.3.0 had code-related vulnerabilities. These vulnerabilities stemmed from the lack of restrictions on URL reference resolution, which could lead to server-side...

7.5CVSS5.8AI score0.00319EPSS
Exploits1References2
Vulnrichment
Vulnrichment
added 2026/01/05 5:37 p.m.3 views

CVE-2025-55204 muffon has One-click Remote Code Execution via XSS and Custom URL Handling

muffon is a cross-platform music streaming client for desktop. Versions prior to 2.3.0 have a one-click Remote Code Execution RCE vulnerability in. An attacker can exploit this issue by embedding a specially crafted muffon:// link on any website they control. When a victim visits the site or clic...

8.8CVSS6.7AI score0.00599EPSS
Exploits1References3
Vulnrichment
Vulnrichment
added 2025/09/24 8:25 p.m.3 views

CVE-2025-59833 FlagForgeCTF Hint Exposure via API

Flag Forge is a Capture The Flag CTF platform. In versions from 2.1.0 to before 2.3.0, the API endpoint GET /api/problems/:id returns challenge hints in plaintext within the question object, regardless of whether the user has unlocked them via point deduction. Users can view all hints for free,...

7.5CVSS6.4AI score0.00323EPSS
Exploits0References1
NVD
NVD
added 2025/08/12 5:15 p.m.4 views

CVE-2025-27559

Incorrect default permissions for some AI Playground software before version v2.3.0 alpha may allow an authenticated user to potentially enable escalation of privilege via local access...

6.7CVSS0.00105EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/05/13 12:0 a.m.5 views

Intel QAT 代码问题漏洞

Intel QAT software refers to the collection of software components that support Intel QuickAssist technology. A code issue vulnerability exists in Intel QAT software that stems from an uncontrolled search path that can be exploited by an attacker to cause a local elevation of privilege...

6.7CVSS6.5AI score0.00129EPSS
Exploits0References2
OSV
OSV
added 2025/02/27 3:28 p.m.9 views

CVE-2025-1756 MongoDB Shell may be susceptible to local privilege escalation in Windows

mongosh may be susceptible to local privilege escalation under certain conditions potentially enabling unauthorized actions on a user's system with elevated privilege, when a crafted file is stored in C:\nodemodules. This issue affects mongosh prior to 2.3.0...

7.5CVSS5.9AI score0.00138EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2024/10/07 12:0 a.m.6 views

PT-2024-31543

Name of the Vulnerable Software and Affected Versions PHPSpreadsheet versions prior to 1.29.2 PHPSpreadsheet versions prior to 2.1.1 PHPSpreadsheet versions prior to 2.3.0 Description It's possible for an attacker to construct an XLSX file which links media from external URLs. When opening the XL...

8.8CVSS6.4AI score0.00792EPSS
Exploits2References14
OSV
OSV
added 2023/02/13 10:15 p.m.3 views

UBUNTU-CVE-2023-0819

Heap-based Buffer Overflow in GitHub repository gpac/gpac prior to v2.3.0-DEV...

7.8CVSS7.1AI score0.0043EPSS
Exploits1References4
CNVD
CNVD
added 2015/02/13 12:0 a.m.73 views

Radexscript CMS 'SEARCH_TERMS' Parameter SQL Injection Vulnerability

Redaxscript is a free content management system CMS based on PHP and MySQL. The system is mainly used for small businesses and private site builders. A SQL injection vulnerability exists in the 'searchpost' function in the includes/search.php script in Redaxscript versions prior to 2.3.0. A remot...

7.5CVSS8.6AI score0.02397EPSS
Exploits5References1
Positive Technologies
Positive Technologies
added 1970/01/01 12:0 a.m.14 views

PT-2001-2674 · Isc +3 · Inn2-Inews +8

Name of the Vulnerable Software and Affected Versions: OpenSSH versions prior to 2.3.0 ssh-1 versions prior to 1.2.31 Debian GNU/Linux affected versions not specified Description: The issue concerns multiple vulnerabilities in various packages of the Debian GNU/Linux operating system, including...

10CVSS8.3AI score0.99506EPSS
Exploits207References346
Rows per page
Query Builder