Lucene search
K

6 matches found

ATTACKERKB
ATTACKERKB
added 2026/03/31 4:56 p.m.7 views

CVE-2026-34361

HAPI FHIR is a complete implementation of the HL7 FHIR standard for healthcare interoperability in Java. Prior to version 6.9.4, the FHIR Validator HTTP service exposes an unauthenticated "/loadIG" endpoint that makes outbound HTTP requests to attacker-controlled URLs. Combined with a startsWith...

9.3CVSS5.8AI score0.00299EPSS
Exploits1References2Affected Software1
OSV
OSV
added 2026/03/31 4:56 p.m.6 views

CVE-2026-34361 HAPI FHIR: Unauthenticated SSRF via /loadIG Chains with startsWith() Credential Leak for Authentication Token Theft

HAPI FHIR is a complete implementation of the HL7 FHIR standard for healthcare interoperability in Java. Prior to version 6.9.4, the FHIR Validator HTTP service exposes an unauthenticated "/loadIG" endpoint that makes outbound HTTP requests to attacker-controlled URLs. Combined with a startsWith...

9.3CVSS5.8AI score0.00299EPSS
Exploits1References3
OSV
OSV
added 2026/03/13 7:54 p.m.6 views

UBUNTU-CVE-2026-23942

Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in Erlang OTP sshsftpd module allows Path Traversal. This vulnerability is associated with program files lib/ssh/src/sshsftpd.erl and program routines sshsftpd:iswithinroot/2. The SFTP server uses string...

5.4CVSS5.8AI score0.00363EPSS
Exploits0References7
Cvelist
Cvelist
added 2026/03/13 9:11 a.m.27 views

CVE-2026-23942 SFTP root escape via component-agnostic prefix check in ssh_sftpd

Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in Erlang OTP sshsftpd module allows Path Traversal. This vulnerability is associated with program files lib/ssh/src/sshsftpd.erl and program routines sshsftpd:iswithinroot/2. The SFTP server uses string...

5.3CVSS0.00363EPSS
Exploits0References7
Github Security Blog
Github Security Blog
added 2025/09/02 5:14 p.m.7 views

MobSF Path Traversal in GET /download/<filename> using absolute filenames

Summary The GET /download/ route uses string path verification via os.path.commonprefix, which allows an authenticated user to download files outside the DWDDIR download directory from "neighboring" directories whose absolute paths begin with the same prefix as DWDDIR e.g., .../downloadsbak,...

5.3CVSS6.9AI score0.0073EPSS
Exploits1References4Affected Software1
CNVD
CNVD
added 2015/12/27 12:0 a.m.4 views

MediaWiki Information Disclosure Vulnerability (CNVD-2015-08498)

MediaWiki is a suite of free and freely available web-based wiki engines that can be used to deploy in-house knowledge management and content management systems. MediaWiki fails to properly handle the '@' prefix, allowing remote attackers to upload files from the server side and obtain sensitive...

7.5CVSS9.3AI score0.01805EPSS
Exploits0References1
Rows per page
Query Builder