Lucene search
K

263 matches found

RedhatCVE
RedhatCVE
added 2026/04/14 9:30 p.m.5 views

CVE-2026-34984

A flaw was found in External Secrets Operator. An attacker with the ability to create or update templated ExternalSecret resources can exploit a vulnerability in the v2 template engine. This flaw allows the attacker to use the getHostByName function to perform controller-side DNS lookups, leading...

7.1CVSS5.7AI score0.00262EPSS
Exploits0References6
CNNVD
CNNVD
added 2026/04/08 12:0 a.m.9 views

Dell ObjectScale和Dell Elastic Cloud Storage 日志信息泄露漏洞

Dell ObjectScale and Dell Elastic Cloud Storage are products of the American company Dell. Dell ObjectScale is an object storage platform. Dell Elastic Cloud Storage is a large-scale storage platform. Versions of Dell Elastic Cloud Storage 3.8.1.7 and earlier, as well as Dell ObjectScale versions...

7.8CVSS5.8AI score0.00107EPSS
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/04/03 7:10 p.m.6 views

Malicious code in strapi-plugin-advanced-uuid (npm)

strapi-plugin-advanced-uuid is a malicious npm package disguised as a Strapi CMS plugin. On install, it runs a postinstall script that executes an 11-phase attack: stealing .env files, environment variables, Strapi configuration, private keys, Redis data, Docker/Kubernetes secrets, and network...

6AI score
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/03/29 12:0 a.m.3 views

PT-2026-28496

Name of the Vulnerable Software and Affected Versions OpenClaw versions prior to 2026.2.17 Description OpenClaw creates session transcript JSONL files with overly broad default permissions, allowing local users to read transcript contents. An attacker with local access can read these transcript...

8.4CVSS5.9AI score0.0012EPSS
Exploits0References6
CNNVD
CNNVD
added 2026/03/20 12:0 a.m.7 views

Tillitis TKey Client package 安全漏洞

The Tillitis TKey Client package is an open-source client library in Go language developed by Tillitis AB, designed for controlling hardware security keys. Versions of the Tillitis TKey Client package prior to 1.2.0 contained security vulnerabilities. These vulnerabilities were caused by buffer...

4.7CVSS6.5AI score0.00246EPSS
Exploits1References3
RedhatCVE
RedhatCVE
added 2026/02/12 1:43 p.m.7 views

CVE-2025-54170

An out-of-bounds read vulnerability has been reported to affect Qsync Central. If a remote attacker gains a user account, they can then exploit the vulnerability to obtain secret data. We have already fixed the vulnerability in the following version: Qsync Central 5.0.0.4 2026/01/20 and later...

7.1CVSS5.5AI score0.00492EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/02/12 1:42 p.m.6 views

CVE-2024-56807

An out-of-bounds read vulnerability has been reported to affect Media Streaming add-on. If an attacker gains local network access, they can then exploit the vulnerability to obtain secret data. We have already fixed the vulnerability in the following version: Media Streaming add-on 500.1.1.6...

5.5CVSS5.4AI score0.00107EPSS
Exploits0References1
OSV
OSV
added 2026/02/11 1:15 p.m.5 views

CVE-2025-54170

An out-of-bounds read vulnerability has been reported to affect Qsync Central. If a remote attacker gains a user account, they can then exploit the vulnerability to obtain secret data. We have already fixed the vulnerability in the following version: Qsync Central 5.0.0.4 2026/01/20 and later...

6.5CVSS5.8AI score0.00492EPSS
Exploits0References1
NVD
NVD
added 2026/02/11 1:15 p.m.14 views

CVE-2025-54169

An out-of-bounds read vulnerability has been reported to affect File Station 5. If a remote attacker gains a user account, they can then exploit the vulnerability to obtain secret data. We have already fixed the vulnerability in the following version: File Station 5 5.5.6.5068 and later...

7.1CVSS0.00336EPSS
Exploits0References1
NVD
NVD
added 2026/02/11 1:15 p.m.12 views

CVE-2025-54170

An out-of-bounds read vulnerability has been reported to affect Qsync Central. If a remote attacker gains a user account, they can then exploit the vulnerability to obtain secret data. We have already fixed the vulnerability in the following version: Qsync Central 5.0.0.4 2026/01/20 and later...

7.1CVSS0.00492EPSS
Exploits0References1
OSV
OSV
added 2026/02/11 1:15 p.m.4 views

CVE-2025-54169

An out-of-bounds read vulnerability has been reported to affect File Station 5. If a remote attacker gains a user account, they can then exploit the vulnerability to obtain secret data. We have already fixed the vulnerability in the following version: File Station 5 5.5.6.5068 and later...

6.5CVSS5.8AI score0.00336EPSS
Exploits0References1
OSV
OSV
added 2026/02/11 1:15 p.m.6 views

CVE-2024-56807

An out-of-bounds read vulnerability has been reported to affect Media Streaming add-on. If an attacker gains local network access, they can then exploit the vulnerability to obtain secret data. We have already fixed the vulnerability in the following version: Media Streaming add-on 500.1.1.6...

5.5CVSS5.7AI score
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/02/11 12:20 p.m.5 views

CVE-2024-56807 Media Streaming add-on

An out-of-bounds read vulnerability has been reported to affect Media Streaming add-on. If an attacker gains local network access, they can then exploit the vulnerability to obtain secret data. We have already fixed the vulnerability in the following version: Media Streaming add-on 500.1.1.6...

5.1CVSS5.4AI score0.00107EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/02/11 12:20 p.m.5 views

CVE-2024-56807

An out-of-bounds read vulnerability has been reported to affect Media Streaming add-on. If an attacker gains local network access, they can then exploit the vulnerability to obtain secret data. We have already fixed the vulnerability in the following version: Media Streaming add-on 500.1.1.6...

5.1CVSS5.4AI score0.00107EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2026/02/11 12:20 p.m.22 views

CVE-2024-56807 Media Streaming add-on

An out-of-bounds read vulnerability has been reported to affect Media Streaming add-on. If an attacker gains local network access, they can then exploit the vulnerability to obtain secret data. We have already fixed the vulnerability in the following version: Media Streaming add-on 500.1.1.6...

5.1CVSS0.00107EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/02/11 12:19 p.m.4 views

CVE-2025-30269 Qsync Central

A use of externally-controlled format string vulnerability has been reported to affect Qsync Central. If a remote attacker gains a user account, they can then exploit the vulnerability to obtain secret data or modify memory. We have already fixed the vulnerability in the following version: Qsync...

2.3CVSS5.5AI score0.0028EPSS
Exploits0References1
CVE
CVE
added 2026/02/11 12:19 p.m.11 views

CVE-2025-30269

Qsync Central is affected by a use of externally-controlled format string vulnerability. The issue allows a remote attacker who gains a user account to potentially obtain secret data or modify memory. Root cause: externally-controlled format strings in the affected component. A fixed version is a...

8.1CVSS5.5AI score0.0028EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2026/02/11 12:17 p.m.25 views

CVE-2025-54169 File Station 5

An out-of-bounds read vulnerability has been reported to affect File Station 5. If a remote attacker gains a user account, they can then exploit the vulnerability to obtain secret data. We have already fixed the vulnerability in the following version: File Station 5 5.5.6.5068 and later...

7.1CVSS0.00336EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/02/11 12:17 p.m.6 views

CVE-2025-54169

An out-of-bounds read vulnerability has been reported to affect File Station 5. If a remote attacker gains a user account, they can then exploit the vulnerability to obtain secret data. We have already fixed the vulnerability in the following version: File Station 5 5.5.6.5068 and later...

7.1CVSS5.5AI score0.00336EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2026/02/11 12:17 p.m.14 views

CVE-2025-54169

CVE-2025-54169 affects File Station 5. A remote attacker who has a user account can exploit an out-of-bounds read to access secret data. The vulnerability is characterized by NETWORK attack vector, low attack complexity, and no user interaction, with a CVSS v4.0 base score of 7.1 (HIGH). The impa...

7.1CVSS5.5AI score0.00336EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder