Lucene search
K

33 matches found

NVD
NVD
added 2026/03/29 6:16 p.m.5 views

CVE-2026-0558

A vulnerability in parisneo/lollms, up to and including version 2.2.0, allows unauthenticated users to upload and process files through the /api/files/extract-text endpoint. This endpoint does not enforce authentication, unlike other file-related endpoints, and lacks the Dependsgetcurrentactiveus...

9.8CVSS0.0043EPSS
Exploits1References2
Cvelist
Cvelist
added 2026/03/29 5:53 p.m.21 views

CVE-2026-0558 Unauthenticated File Upload in parisneo/lollms

A vulnerability in parisneo/lollms, up to and including version 2.2.0, allows unauthenticated users to upload and process files through the /api/files/extract-text endpoint. This endpoint does not enforce authentication, unlike other file-related endpoints, and lacks the Dependsgetcurrentactiveus...

7.5CVSS0.0043EPSS
Exploits1References2
Hacker One
Hacker One
added 2026/01/17 3:4 a.m.16 views

AWS VDP: Password Reuse Vulnerability on AWS Sign-in Page via Password Reset Flow leads to Security Policy Violation

Asset URL: ██████ Summary: The AWS sign-in page allows users to reuse old passwords when resetting their password, which violates security best practices outlined in OWASP Authentication Cheat Sheet and NIST 800-63B Digital Identity Guidelines. This misconfiguration could potentially weaken accou...

5.6AI score
Exploits0
EUVD
EUVD
added 2025/10/07 12:30 a.m.3 views

EUVD-2006-4024

Malware in sbrugna...

2.1CVSS8.9AI score0.0174EPSS
Exploits1References33
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-1999-1337

Malware in sbrugna...

4.6CVSS6.4AI score0.00354EPSS
Exploits0References5
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2016-6978

Malware in sbrugna...

4.3CVSS5.2AI score0.0059EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2022-27888

Malicious code in bioql PyPI...

6.5CVSS7.9AI score0.00646EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2025/08/07 12:0 a.m.3 views

Linux Distros Unpatched Vulnerability : CVE-2022-22745

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Securitypolicyviolation events could have leaked cross-origin information for frame-ancestors violations. This vulnerability affects Firefox ESR 91.5, Firefox 9...

6.5CVSS7.6AI score0.00646EPSS
Exploits0References2
CNVD
CNVD
added 2022/12/30 12:0 a.m.7 views

Mozilla Firefox Information Disclosure Vulnerability (CNVD-2023-59952)

Mozilla Firefox is an open source web browser from the Mozilla Foundation in the United States. Mozilla Firefox suffers from an information disclosure vulnerability that stems from a Securitypolicyviolation event that could disclose cross-domain URLs, which could be exploited by an attacker to...

6.5CVSS6.2AI score0.00646EPSS
Exploits0References1
OSV
OSV
added 2022/12/22 8:15 p.m.10 views

CVE-2022-22745

Securitypolicyviolation events could have leaked cross-origin information for frame-ancestors violations. This vulnerability affects Firefox ESR 91.5, Firefox 96, and Thunderbird 91.5...

6.5CVSS8.7AI score
Exploits0References4
Vulnrichment
Vulnrichment
added 2022/12/22 12:0 a.m.6 views

CVE-2022-22745

Securitypolicyviolation events could have leaked cross-origin information for frame-ancestors violations. This vulnerability affects Firefox ESR 91.5, Firefox 96, and Thunderbird 91.5...

5.8AI score0.00646EPSS
Exploits0References4
Cvelist
Cvelist
added 2022/12/22 12:0 a.m.26 views

CVE-2022-22745

Securitypolicyviolation events could have leaked cross-origin information for frame-ancestors violations. This vulnerability affects Firefox ESR 91.5, Firefox 96, and Thunderbird 91.5...

7.3AI score0.00646EPSS
Exploits0References4
OpenVAS
OpenVAS
added 2022/01/28 12:0 a.m.28 views

Mageia: Security Advisory (MGASA-2022-0019)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

10CVSS7.9AI score0.0134EPSS
Exploits6References6
Tenable Nessus
Tenable Nessus
added 2022/01/21 12:0 a.m.41 views

SUSE SLES15: MozillaFirefox / MozillaFirefox-devel / etc (SUSE-SU-2022:0137-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:0137-1 advisory. - CVE-2021-4140: Fixed iframe sandbox bypass with XSLT bsc1194547. - CVE-2022-22737: Fixed race condition when playing audio files...

10CVSS6.8AI score0.01344EPSS
Exploits6References30
UbuntuCve
UbuntuCve
added 2022/01/13 12:0 a.m.36 views

CVE-2022-22745

Securitypolicyviolation events could have leaked cross-origin information for frame-ancestors violations. This vulnerability affects Firefox ESR 91.5, Firefox 96, and Thunderbird 91.5...

6.5CVSS6.8AI score0.00646EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2022/01/12 12:27 p.m.3 views

Mozilla: Leaking cross-origin URLs through securitypolicyviolation event

A flaw was found in Mozilla. The Mozilla Foundation Security Advisory describes this flaw as: Securitypolicyviolation events could have leaked cross-origin information for frame-ancestors violations...

6.5CVSS7.3AI score0.00646EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2022/01/12 12:21 p.m.5 views

Mozilla: Leaking cross-origin URLs through securitypolicyviolation event

A flaw was found in Mozilla. The Mozilla Foundation Security Advisory describes this flaw as: Securitypolicyviolation events could have leaked cross-origin information for frame-ancestors violations...

6.5CVSS7.3AI score0.00646EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2022/01/12 12:4 p.m.9 views

Mozilla: Leaking cross-origin URLs through securitypolicyviolation event

A flaw was found in Mozilla. The Mozilla Foundation Security Advisory describes this flaw as: Securitypolicyviolation events could have leaked cross-origin information for frame-ancestors violations...

6.5CVSS7.3AI score0.00646EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2022/01/12 12:4 p.m.3 views

Mozilla: Leaking cross-origin URLs through securitypolicyviolation event

A flaw was found in Mozilla. The Mozilla Foundation Security Advisory describes this flaw as: Securitypolicyviolation events could have leaked cross-origin information for frame-ancestors violations...

6.5CVSS7.3AI score0.00646EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2022/01/12 11:48 a.m.3 views

Mozilla: Leaking cross-origin URLs through securitypolicyviolation event

A flaw was found in Mozilla. The Mozilla Foundation Security Advisory describes this flaw as: Securitypolicyviolation events could have leaked cross-origin information for frame-ancestors violations...

6.5CVSS7.3AI score0.00646EPSS
Exploits0References4
Rows per page
Query Builder