Lucene search
+L

180 matches found

Nuclei
Nuclei
added 13 hours ago7 views

OneUptime < 10.0.21 - Path Traversal

OneUptime 10.0.21 contains a path traversal caused by unsanitized componentName parameter in /workflow/docs/:componentName endpoint, letting unauthenticated attackers read arbitrary files from the server filesystem. id: CVE-2026-30958 info: name: OneUptime 10.0.21 - Path Traversal author:...

8.6CVSS8.6AI score0.01102EPSS
Exploits1References3
Nuclei
Nuclei
added 13 hours ago71 views

Vite server.fs.deny Bypass - Local File Inclusion

Vite is a frontend tooling framework for javascript. The contents of arbitrary files can be returned to the browser. By adding ?.svg with ?.wasm?init or with sec-fetch-dest- script header, the server.fs.deny restriction was able to bypass. This bypass is only possible if the file is smaller than...

5.3CVSS6.8AI score0.38685EPSS
Exploits7References5
The Hacker News
The Hacker News
added 4 days ago9 views

Misconfigured Server Reveals Three Evilginx Phishing Operations Targeting Microsoft 365

An attacker running a live Microsoft 365 phishing operation left a Python web server listening on a public port with directory listing switched on. The command that did it: python3 -m http.server 8080, was still sitting in the readable .bashhistory. From that one lapse, French security firm Lexfo...

6.2AI score
Exploits0
ATTACKERKB
ATTACKERKB
added 2026/07/09 5:27 p.m.7 views

CVE-2026-59720

Hoppscotch is an open source API development ecosystem. Prior to 2026.6.0, mock server creation in mock-server.service.ts does not persist the isPublic input field while schema.prisma defaults isPublic to true, causing mock servers linked to private collections to be publicly accessible without...

7.5CVSS5.9AI score0.00336EPSS
Exploits0References5Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/07/07 10:4 p.m.7 views

CVE-2026-14380

DBI versions before 1.650 for Perl are vulnerable to code injection via caller-influenced Profile. When a string is assigned to a DBI handle's Profile attribute, DBI splits it into path, package and arguments, and interpolates the package part in a string eval with no validation of the package...

6.3AI score0.00498EPSS
Exploits0References4
OSV
OSV
added 2026/07/07 11:45 a.m.5 views

PYSEC-2026-1292 dbt allows Binding to an Unrestricted IP Address via socketsocket

Summary Binding to INADDRANY 0.0.0.0 or IN6ADDRANY :: exposes an application on all network interfaces, increasing the risk of unauthorized access. While doing some static analysis and code inspection, I found the following code binding a socket to INADDRANY by passing "" as the address. This...

5.3CVSS5.8AI score0.0071EPSS
Exploits0References15
Positive Technologies
Positive Technologies
added 2026/07/02 12:0 a.m.14 views

PT-2026-55477

Name of the Vulnerable Software and Affected Versions Algernon version 1.17.8 Description On Windows hosts using the NTFS filesystem, an unauthenticated client can retrieve the raw source code of server-side scripts such as .lua, .tl, .po2, .amber, or .frm located on public paths. This occurs...

8.7CVSS6.1AI score0.00077EPSS
Exploits0References4
Cvelist
Cvelist
added 2026/07/01 4:20 p.m.39 views

CVE-2026-34111 Guardian Language-System Unauthenticated OS Command Injection via id Parameter in speechmac_text.php

Guardian language-system passes the id GET parameter directly into a PHP exec call in speechmactext.php line 18 without sanitization: exec"php jobs/speechaudiomactext.php ".$loginsession." ".$GET'id'." ...". No authentication is required. An unauthenticated remote attacker can append shell...

9.8CVSS0.00549EPSS
Exploits0References2
OSV
OSV
added 2026/06/29 11:50 a.m.7 views

PYSEC-2026-258 Aim path traversal in LockManager.release_locks

A vulnerability in the LockManager.releaselocks function in aimhubio/aim commit bb76afe allows for arbitrary file deletion through relative path traversal. The runhash parameter, which is user-controllable, is concatenated without normalization as part of a path used to specify file deletion. Thi...

9.1CVSS7.5AI score0.00849EPSS
Exploits1References6
RedhatCVE
RedhatCVE
added 2026/06/26 10:31 p.m.10 views

CVE-2026-48936

A flaw was found in Node.js. The Node.js Permission API can allow a local server to be started through a Unix domain socket, even when the --allow-net permission is not explicitly granted. This bypasses intended security restrictions, potentially leading to unintended local network exposure or...

3.3CVSS5.6AI score0.00154EPSS
Exploits0References4
Snyk
Snyk
added 2026/06/26 8:13 p.m.18 views

Exposed Dangerous Method or Function

Overview nx is a The core Nx plugin contains the core functionality of Nx like the project graph, nx commands and task orchestration. Affected versions of this package are vulnerable to Exposed Dangerous Method or Function via the local HTTP server's permissive CORS policy, which sends...

6CVSS6.1AI score0.00812EPSS
Exploits0References2
OSV
OSV
added 2026/06/25 10:34 p.m.5 views

GO-2026-5620 esm.sh: Path Traversal via package.json browser field allows reading arbitrary server files in github.com/esm-dev/esm.sh

esm.sh: Path Traversal via package.json browser field allows reading arbitrary server files in github.com/esm-dev/esm.sh...

7.5CVSS5.9AI score0.00321EPSS
Exploits0References3
NVD
NVD
added 2026/06/25 9:16 p.m.8 views

CVE-2026-12473

Two data sources DICOMWebProxy and DICOMJSON shipped in the default configuration fetch an arbitrary URL parameter without validation. A global authentication service in OHIF automatically injects the authenticated user's OIDC Bearer token into the resulting requests, sending it to the...

8.3CVSS0.00232EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/06/19 12:0 a.m.7 views

PT-2026-56267

Name of the Vulnerable Software and Affected Versions Anki versions prior to 25.09.3 Description Anki launches a local HTTP server to serve media files and web pages for its interface. The server does not sufficiently block requests from other origins, allowing a malicious website to trigger...

8.7CVSS6.1AI score0.00181EPSS
Exploits0References11
OSV
OSV
added 2026/06/15 5:17 p.m.13 views

GHSA-FX2H-PF6J-XCFF vite: `server.fs.deny` bypass on Windows alternate paths

Summary The contents of files that are specified by server.fs.deny can be returned to the browser on Windows. Impact Only apps that match the following conditions are affected: - explicitly exposes the Vite dev server to the network using --host or server.host config option - the sensitive file...

8.2CVSS5.4AI score0.00393EPSS
Exploits2References3
Snyk
Snyk
added 2026/06/12 8:12 p.m.8 views

Exposure of Sensitive System Information to an Unauthorized Control Sphere

Overview parse-server is a version of the Parse backend that can be deployed to any infrastructure that can run Node.js. Affected versions of this package are vulnerable to Exposure of Sensitive System Information to an Unauthorized Control Sphere via the handleLogIn and verifyPassword user...

8.2CVSS5.4AI score0.00251EPSS
Exploits0References2
EUVD
EUVD
added 2026/06/12 12:51 p.m.10 views

EUVD-2026-36419

Nuxt is an open-source web development framework for Vue.js. In @nuxt/rspack-builder and @nuxt/webpack-builder versions 3.15.4 to before 3.21.6, and 4.0.0-alpha.1 to before 4.4.6, there is an incomplete fix for GHSA-4gf7-ff8x-hq99. Source code may be stolen during dev when using the webpack /...

5.9CVSS5.2AI score0.00208EPSS
Exploits1References3
Cvelist
Cvelist
added 2026/06/12 12:51 p.m.29 views

CVE-2026-45670 Nuxt: Dev server exposes built source over LAN to malicious sites (incomplete fix for GHSA-4gf7-ff8x-hq99)

Nuxt is an open-source web development framework for Vue.js. In @nuxt/rspack-builder and @nuxt/webpack-builder versions 3.15.4 to before 3.21.6, and 4.0.0-alpha.1 to before 4.4.6, there is an incomplete fix for GHSA-4gf7-ff8x-hq99. Source code may be stolen during dev when using the webpack /...

5.9CVSS0.00208EPSS
Exploits1References3
SUSE CVE
SUSE CVE
added 2026/06/12 2:25 a.m.14 views

SUSE CVE-2026-47734

Dulwich is a pure-Python implementation of the Git file formats and protocols. Starting in version 0.1.0 and prior to version 1.2.5, a client with push access could push a tiny crafted thin pack 174 bytes whose delta header declares a huge destsize. When dulwich ingested it via addthinpack /...

6.5CVSS5.3AI score0.00188EPSS
Exploits0References4
OSV
OSV
added 2026/06/11 3:38 p.m.2 views

CVE-2026-44487 Axios: Proxy-Authorization Credential Leak to Origin Server Across HTTP-to-HTTPS Redirect in Axios Node.js HTTP Adapter

Axios is a promise based HTTP client for the browser and Node.js. Prior to 0.32.0 and 1.16.0, Axios’s Node.js HTTP adapter may forward a Proxy-Authorization header to a redirected origin during specific proxy-to-direct redirect flows. This affects Node.js usage, where an initial HTTP request is...

8.2CVSS5.9AI score0.00664EPSS
Exploits1References35
Rows per page
Query Builder