80 matches found
CVE-2026-34048
Coolify is an open-source and self-hostable tool for managing servers, applications, and databases. Prior to 4.0.0-beta.471, terminal websocket bootstrap routes only check authentication and do not enforce terminal authorization, allowing a low-privileged team member to connect to terminal routes...
EUVD-2026-41995
Coolify is an open-source and self-hostable tool for managing servers, applications, and databases. Prior to 4.0.0-beta.471, terminal websocket bootstrap routes only check authentication and do not enforce terminal authorization, allowing a low-privileged team member to connect to terminal routes...
CVE-2026-34048 Coolify: Missing authorization on terminal websocket bootstrap routes allows low-privileged members to execute commands on team servers
Coolify is an open-source and self-hostable tool for managing servers, applications, and databases. Prior to 4.0.0-beta.471, terminal websocket bootstrap routes only check authentication and do not enforce terminal authorization, allowing a low-privileged team member to connect to terminal routes...
CVE-2026-34047
Coolify is an open-source and self-hostable tool for managing servers, applications, and databases. Prior to 4.0.0-beta.471, terminal WebSocket bootstrap routes did not enforce the expected authorization middleware, allowing an authenticated user to access terminal functionality for resources...
PT-2026-56131
Name of the Vulnerable Software and Affected Versions Coolify versions prior to 4.0.0-beta.471 Description Terminal websocket bootstrap routes only verify authentication but fail to enforce terminal authorization. This allows a low-privileged team member to connect to these routes and execute...
CVE-2026-10054
In affected versions of Eclipse Theia 1.8.1 and later, the browser backend exposes privileged terminal RPC over WebSocket /services/shell-terminal, /services/terminals/:id without service-level authentication. WebSocket origin validation in @theia/core is fail-open: connections are accepted when...
GHSA-Q6XX-5VR8-P898 Nezha vulnerable to cross-tenant terminal/file-manager session hijack via WebSocket stream UUID without ownership check
Summary In nezha v1.14.13–v1.14.14 and v2.0.0–v2.0.9, the WebSocket endpoints GET /ws/terminal/:id and GET /ws/file/:id authenticate the caller only by the presence of a valid stream UUID, with no ownership check tying that UUID to the user who created the stream. Any authenticated dashboard user...
[SECURITY] Fedora 43 Update: rust-oo7-cli-0.4.3-5.fc43
System keyring access from the terminal...
Cross-site Scripting (XSS)
Overview @jupyterlab/apputils-extension is a JupyterLab - Application Utilities Extension Affected versions of this package are vulnerable to Cross-site Scripting XSS via the handling of data-commandlinker-command and data-commandlinker-args attributes in HTML content. An attacker can execute...
GHSA-RCH3-82JR-F9W9 Jupyter Notebook Vulnerable to Authentication Token Theft via CommandLinker XSS
Impact A stored Cross-Site Scripting XSS vulnerability in Jupyter Notebook allows attackers to steal authentication tokens from users who open malicious notebook files and interact with elements that the attacker can make look indistinguishable from legitimate controls single click interaction. T...
Missing Authentication For Critical Function
marimo is vulnerable to Missing Authentication For Critical Function. The vulnerability is due to missing authentication validation in the /terminal/ws WebSocket endpoint, which allows an attacker to establish a shell and execute arbitrary system commands without authentication...
[SECURITY] Fedora 43 Update: rust-oo7-cli-0.4.3-4.fc43
System keyring access from the terminal...
USN-7978-1: GNU Screen vulnerabilities
It was discovered that GNU Screen incorrectly handled signals when setuid or setgid privileges were being used, which is not the default in Ubuntu. A local attacker could use this issue to send privileged signals, possibly leading to a denial of service. This issue only affected Ubuntu 22.04 LTS...
CVE-2010-0537
DesktopServices in Apple Mac OS X 10.6 before 10.6.3 does not properly resolve pathnames in certain circumstances involving an application's save panel, which allows user-assisted remote attackers to trigger unintended remote file copying via a crafted share name...
CVE-2025-36131
IBM Db2 11.1.0 through 11.1.4.7, 11.5.0 through 11.5.9, and 12.1.0 through 12.1.3 for Linux, UNIX and Windows includes Db2 Connect Server clpplus command exposes user credentials to the terminal which could be obtained by a third party with physical access to the system...
CVE-2025-36131 IBM Db2 information disclosure
IBM Db2 11.1.0 through 11.1.4.7, 11.5.0 through 11.5.9, and 12.1.0 through 12.1.3 for Linux, UNIX and Windows includes Db2 Connect Server clpplus command exposes user credentials to the terminal which could be obtained by a third party with physical access to the system...
EUVD-2013-6963
Malware in sbrugna...
EUVD-2014-2962
Malware in sbrugna...
EUVD-2005-2512
Malware in sbrugna...
EUVD-2005-3256
Malware in sbrugna...