104 matches found
CVE-2026-55229
Gotenberg is a Docker-powered stateless API for PDF files. Prior to 8.34.0, Gotenberg's /forms/libreoffice/convert endpoint allows a specially crafted document to cause LibreOffice to automatically retrieve external HTTPS resources and local file resources during document conversion, enabling bli...
DEBIAN-CVE-2026-12243
NLTK version 3.9.4 is vulnerable to a path traversal attack due to an incomplete fix for GitHub Issue 3504. The UNSAFENOPROTOCOLRE regex in nltk/data.py checks for literal ../ sequences but fails to account for percent-encoded traversal sequences such as ..%2f. The url2pathname function decodes...
CVE-2026-12243
NLTK version 3.9.4 is vulnerable to a path traversal attack due to an incomplete fix for GitHub Issue 3504. The UNSAFENOPROTOCOLRE regex in nltk/data.py checks for literal ../ sequences but fails to account for percent-encoded traversal sequences such as ..%2f. The url2pathname function decodes...
UBUNTU-CVE-2026-12243
NLTK version 3.9.4 is vulnerable to a path traversal attack due to an incomplete fix for GitHub Issue 3504. The UNSAFENOPROTOCOLRE regex in nltk/data.py checks for literal ../ sequences but fails to account for percent-encoded traversal sequences such as ..%2f. The url2pathname function decodes...
CVE-2026-12243
NLTK version 3.9.4 is vulnerable to a path traversal attack due to an incomplete fix for GitHub Issue 3504. The UNSAFENOPROTOCOLRE regex in nltk/data.py checks for literal ../ sequences but fails to account for percent-encoded traversal sequences such as ..%2f. The url2pathname function decodes...
EUVD-2026-40240
NLTK version 3.9.4 is vulnerable to a path traversal attack due to an incomplete fix for GitHub Issue 3504. The UNSAFENOPROTOCOLRE regex in nltk/data.py checks for literal ../ sequences but fails to account for percent-encoded traversal sequences such as ..%2f. The url2pathname function decodes...
CVE-2026-21785
CVE-2026-21785 relates to a misconfigured Content Security Policy (CSP) in HCL BigFix Remote Control Server WebUI (versions ≤ 10.1.0.0442). The CSP failures occur because directives are defined without fallbacks, enabling attackers to bypass intended security restrictions and load unauthorized re...
EUVD-2026-19586
Improper validation and restriction of a classpath path name vulnerability in Apache ActiveMQ Client, Apache ActiveMQ Broker, Apache ActiveMQ All. In two instances when creating a Stomp consumer and also browsing messages in the Web console an authenticated user provided "key" value could be...
CVE-2026-33227
Improper validation and restriction of a classpath path name vulnerability in Apache ActiveMQ Client, Apache ActiveMQ Broker, Apache ActiveMQ All, Apache ActiveMQ Web, Apache ActiveMQ. In two instances when creating a Stomp consumer and also browsing messages in the Web console an authenticated...
UBUNTU-CVE-2026-33227
Improper validation and restriction of a classpath path name vulnerability in Apache ActiveMQ Client, Apache ActiveMQ Broker, Apache ActiveMQ All, Apache ActiveMQ Web, Apache ActiveMQ. In two instances when creating a Stomp consumer and also browsing messages in the Web console an authenticated...
PT-2026-30804
Name of the Vulnerable Software and Affected Versions Apache ActiveMQ Client versions prior to 5.19.3, from 6.0.0 through 6.2.2 Apache ActiveMQ Broker versions prior to 5.19.3, from 6.0.0 through 6.2.2 Apache ActiveMQ All versions prior to 5.19.3, from 6.0.0 through 6.2.2 Description An improper...
Apache ActiveMQ 安全漏洞
Apache ActiveMQ is an open-source messaging middleware developed by the Apache Foundation in the United States. It supports Java Message Service, clustering, Spring Framework, etc. There is a security vulnerability in Apache ActiveMQ, which stems from improper class path name validation and...
CVE-2026-34442
FreeScout is a free help desk and shared inbox built with PHP's Laravel framework. Prior to version 1.8.211, host header manipulation in FreeScout version http://localhost:8080/system/status allows an attacker to inject an arbitrary domain into generated absolute URLs. This leads to External...
CVE-2026-34442
FreeScout is a free help desk and shared inbox built with PHP's Laravel framework. Prior to version 1.8.211, host header manipulation in FreeScout version http://localhost:8080/system/status allows an attacker to inject an arbitrary domain into generated absolute URLs. This leads to External...
CVE-2026-34442 FreeScout: Host Header Injection Leading to External Resource Loading and Open Redirect in FreeScout
FreeScout is a free help desk and shared inbox built with PHP's Laravel framework. Prior to version 1.8.211, host header manipulation in FreeScout version http://localhost:8080/system/status allows an attacker to inject an arbitrary domain into generated absolute URLs. This leads to External...
EUVD-2026-17673
FreeScout is a free help desk and shared inbox built with PHP's Laravel framework. Prior to version 1.8.211, host header manipulation in FreeScout version http://localhost:8080/system/status allows an attacker to inject an arbitrary domain into generated absolute URLs. This leads to External...
CVE-2026-34442 FreeScout: Host Header Injection Leading to External Resource Loading and Open Redirect in FreeScout
FreeScout is a free help desk and shared inbox built with PHP's Laravel framework. Prior to version 1.8.211, host header manipulation in FreeScout version http://localhost:8080/system/status allows an attacker to inject an arbitrary domain into generated absolute URLs. This leads to External...
CVE-2026-34442
FreeScout (PHP/Laravel) is affected prior to version 1.8.211 due to host header manipulation in-generated absolute URLs. The vulnerability arises because the application uses the unvalidated Host header to construct links and assets, enabling External Resource Loading and Open Redirects to attack...
CVE-2026-34442 FreeScout: Host Header Injection Leading to External Resource Loading and Open Redirect in FreeScout
FreeScout is a free help desk and shared inbox built with PHP's Laravel framework. Prior to version 1.8.211, host header manipulation in FreeScout version http://localhost:8080/system/status allows an attacker to inject an arbitrary domain into generated absolute URLs. This leads to External...
VulnCheck KEV: CVE-2025-32355
Rocket TRUfusion Enterprise through 7.10.4.0 uses a reverse proxy to handle incoming connections. However, the proxy is misconfigured in a way that allows specifying absolute URLs in the HTTP request line, causing the proxy to load the given resource...