Lucene search
K

15 matches found

AlpineLinux
AlpineLinux
added 2026/05/13 7:28 p.m.13 views

CVE-2026-28376

The Grafana Live push endpoint can be exploited to cause unbounded memory allocation by sending a large or streaming request body, potentially leading to out-of-memory conditions. An authenticated user with access to the Grafana Live API can trigger this issue...

6.5CVSS5.8AI score0.00328EPSS
Exploits0References1
Snyk
Snyk
added 2026/04/05 2:10 a.m.4 views

Server-side Request Forgery (SSRF)

Overview Affected versions of this package are vulnerable to Server-side Request Forgery SSRF via the verifyBlob in the Model Pull API that improperly verifies manifest containing both config and layer digests. An attacker can access internal resources or services by sending crafted requests...

6.5CVSS6.6AI score0.00288EPSS
Exploits2References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2018-16927

Malware in sbrugna...

8.2CVSS8.6AI score0.01605EPSS
Exploits0References8
CVE
CVE
added 2025/08/12 3:48 p.m.35 views

CVE-2025-54864

CVE-2025-54864 affects Hydra (Nix-based CI) where the endpoints /api/push-github and /api/push-gitea were called without HTTP Basic authentication, despite the forges implementing HMAC with a secret key. The root cause is missing authentication on those calls, enabling heavy evaluations that can ...

7.5CVSS7AI score0.00359EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2021/02/02 12:0 a.m.6 views

The vulnerability of the Push API interface on Mozilla Firefox’s browser allows a perpetrator to gain unauthorized access to protected information or cause a service failure.

The vulnerability of the Push API interface of Mozilla Firefox’s browser is related to a lack of mechanisms for verifying input data. Exploiting this vulnerability could allow an attacker to gain unauthorized access to protected information or cause service failures...

8.5CVSS7.7AI score0.01605EPSS
Exploits0References7Affected Software3
NVD
NVD
added 2021/01/29 7:15 a.m.16 views

CVE-2020-29005

The API in the Push extension for MediaWiki through 1.35 used cleartext for ApiPush credentials, allowing for potential information disclosure...

7.5CVSS7.3AI score0.00655EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2018/08/21 12:0 a.m.28 views

Mozilla Firefox < 59 Multiple Vulnerabilities

Binary data 700328.prm...

9.8CVSS7.3AI score0.12054EPSS
Exploits2References21
NVD
NVD
added 2018/06/11 9:29 p.m.16 views

CVE-2018-5141

A vulnerability in the notifications Push API where notifications can be sent through service workers by web content without direct user interaction. This could be used to open new tabs in a denial of service DOS attack or to display unwanted content from arbitrary URLs to users. This vulnerabili...

8.2CVSS7.5AI score0.01605EPSS
Exploits0References5
Prion
Prion
added 2018/06/11 9:29 p.m.15 views

Design/Logic Flaw

A vulnerability in the notifications Push API where notifications can be sent through service workers by web content without direct user interaction. This could be used to open new tabs in a denial of service DOS attack or to display unwanted content from arbitrary URLs to users. This vulnerabili...

6.4CVSS8.1AI score0.01605EPSS
Exploits0References5Affected Software2
CVE
CVE
added 2018/06/11 9:0 p.m.132 views

CVE-2018-5141

CVE-2018-5141 is a vulnerability in the Firefox Push API where notifications can be triggered by web content via service workers without direct user interaction, potentially allowing opening new tabs or displaying content from arbitrary URLs. The connected documents confirm this affects Firefox v...

8.2CVSS8.1AI score0.01605EPSS
Exploits0References5Affected Software1
Cvelist
Cvelist
added 2018/06/11 9:0 p.m.24 views

CVE-2018-5141

A vulnerability in the notifications Push API where notifications can be sent through service workers by web content without direct user interaction. This could be used to open new tabs in a denial of service DOS attack or to display unwanted content from arbitrary URLs to users. This vulnerabili...

8.2AI score0.01605EPSS
Exploits0References5
Debian CVE
Debian CVE
added 2018/06/11 9:0 p.m.20 views

CVE-2018-5141

A vulnerability in the notifications Push API where notifications can be sent through service workers by web content without direct user interaction. This could be used to open new tabs in a denial of service DOS attack or to display unwanted content from arbitrary URLs to users. This vulnerabili...

8.2CVSS9.1AI score0.01605EPSS
Exploits0
OSV
OSV
added 2018/03/14 12:0 a.m.6 views

UBUNTU-CVE-2018-5141

A vulnerability in the notifications Push API where notifications can be sent through service workers by web content without direct user interaction. This could be used to open new tabs in a denial of service DOS attack or to display unwanted content from arbitrary URLs to users. This vulnerabili...

8.2CVSS7.4AI score0.01605EPSS
Exploits0References4
UbuntuCve
UbuntuCve
added 2018/03/14 12:0 a.m.36 views

CVE-2018-5141

A vulnerability in the notifications Push API where notifications can be sent through service workers by web content without direct user interaction. This could be used to open new tabs in a denial of service DOS attack or to display unwanted content from arbitrary URLs to users. This vulnerabili...

8.2CVSS7.2AI score0.01605EPSS
Exploits0References3
Mozilla
Mozilla
added 2018/03/13 12:0 a.m.539 views

Security vulnerabilities fixed in Firefox 59 — Mozilla

A buffer overflow can occur when manipulating the SVG animatedPathSegList through script. This results in a potentially exploitable crash. A use-after-free vulnerability can occur when manipulating elements, events, and selection ranges during editor operations. This results in a potentially...

9.8CVSS0.3AI score0.08024EPSS
Exploits2References19Affected Software1
Rows per page
Query Builder