Lucene search
K

57 matches found

Cvelist
Cvelist
added 2026/07/04 12:0 p.m.36 views

CVE-2026-14626 NousResearch hermes-agent HTTP API run_agent.py AIAgent.run_conversation denial of service

A weakness has been identified in NousResearch hermes-agent up to 2026.4.30. The impacted element is the function AIAgent.runconversation of the file runagent.py of the component HTTP API. This manipulation of the argument todos causes denial of service. The attack can be initiated remotely. The...

5.3CVSS0.00277EPSS
Exploits0References5
CVE
CVE
added 2026/07/04 12:0 p.m.21 views

CVE-2026-14626

NousResearch hermes-agent (up to 2026.4.30), specifically the HTTP API component and AIAgent.run_conversation in run_agent.py, is vulnerable. The issue arises from manipulation of the todos argument, enabling remote denial of service. Public exploit is noted, and the vendor was contacted without ...

5.3CVSS5.6AI score0.00277EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2026/07/04 12:0 a.m.13 views

PT-2026-55696

Name of the Vulnerable Software and Affected Versions NousResearch hermes-agent versions prior to 2026.4.31 Description A weakness in the HTTP API component allows a remote attacker to cause a denial of service. The issue exists within the AIAgent.run conversation function located in the run...

5.3CVSS6AI score0.00277EPSS
Exploits0References11
Tenable Nessus
Tenable Nessus
added 2026/06/12 12:0 a.m.12 views

FreeBSD : Gitlab -- vulnerabilities (ac9bab80-6618-11f1-8e04-2cf05da270f3)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the ac9bab80-6618-11f1-8e04-2cf05da270f3 advisory. Gitlab reports: Improper Access Control issue in Group SAML Identity API impacts GitLab EE...

8.7CVSS5.9AI score0.0037EPSS
Exploits0References14
FreeBSD
FreeBSD
added 2026/06/11 12:0 a.m.11 views

Gitlab -- vulnerabilities

Gitlab reports: Improper Access Control issue in Group SAML Identity API impacts GitLab EE Cross-site Scripting issue in Analytics Dashboard impacts GitLab EE Denial of Service issue in Grape API JSON parsing middleware impacts GitLab CE/EE HTML injection issue in certain group setting fields...

8.7CVSS5.4AI score0.0037EPSS
Exploits0References1
Snyk
Snyk
added 2026/04/10 3:35 p.m.4 views

CRLF Injection

Overview Affected versions of this package are vulnerable to CRLF Injection via improper handling of user-supplied input in the ParseTodos function. An attacker can inject arbitrary iCalendar properties by including CRLF characters in task titles or other fields, which are then concatenated into...

5.1CVSS5.9AI score0.00196EPSS
Exploits1References2
Cvelist
Cvelist
added 2026/04/06 9:5 p.m.16 views

CVE-2026-35472 WeGIA - Open Redirect - EstoqueControle - listarTodos() - Unvalidated $_GET['nextPage']

WeGIA is a Web manager for charitable institutions. Prior to 3.6.9, an Open Redirect vulnerability was identified in the /WeGIA/controle/control.php endpoint of the WeGIA application, specifically through the nextPage parameter when combined with metodo=listarTodos and nomeClasse=EstoqueControle...

5.1CVSS0.00224EPSS
Exploits1References1
Vulnrichment
Vulnrichment
added 2026/04/06 9:4 p.m.2 views

CVE-2026-35398 WeGIA - Open Redirect - OrigemControle - listarTodos() & listarId_Nome() - Unvalidated $_GET['nextPage']

WeGIA is a Web manager for charitable institutions. Prior to 3.6.9, an Open Redirect vulnerability was identified in the /WeGIA/controle/control.php endpoint of the WeGIA application, specifically through the nextPage parameter when combined with metodo=listarTodos & listarIdNome and...

5.1CVSS6AI score0.00228EPSS
Exploits1References1
Cvelist
Cvelist
added 2026/04/06 9:4 p.m.19 views

CVE-2026-35398 WeGIA - Open Redirect - OrigemControle - listarTodos() & listarId_Nome() - Unvalidated $_GET['nextPage']

WeGIA is a Web manager for charitable institutions. Prior to 3.6.9, an Open Redirect vulnerability was identified in the /WeGIA/controle/control.php endpoint of the WeGIA application, specifically through the nextPage parameter when combined with metodo=listarTodos & listarIdNome and...

5.1CVSS0.00228EPSS
Exploits1References1
Fedora
Fedora
added 2026/01/31 5:14 p.m.8 views

[SECURITY] Fedora 42 Update: qownnotes-26.1.7-4.fc42

QOwnNotes is the open source notepad with Markdown support and todo list mana ger for GNU/Linux, macOS and Windows, that works together with Nextcloud Notes and ownCloud Notes. You are able to write down your thoughts with QOwnNotes and edit or search for them later from your mobile device, like...

8.6CVSS5.9AI score0.00285EPSS
Exploits1
Vulnrichment
Vulnrichment
added 2026/01/16 7:48 p.m.4 views

CVE-2026-23730 WeGIA has an Open Redirect Vulnerability in control.php Endpoint via nextPage Parameter (metodo=listarTodos, nomeClasse=ProdutoControle)

WeGIA is a web manager for charitable institutions. Prior to 3.6.2, an Open Redirect vulnerability was identified in the /WeGIA/controle/control.php endpoint of the WeGIA application, specifically through the nextPage parameter when combined with metodo=listarTodos and nomeClasse=ProdutoControle...

4.8CVSS6.4AI score0.00212EPSS
Exploits1References3
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/10/23 7:42 p.m.3 views

Malicious code in productivity-suite-todos-fragment (npm)

--- -= Per source details. Do not edit below this line.=-...

7AI score
Exploits0
OSV
OSV
added 2025/10/23 7:42 p.m.3 views

MAL-2025-48864 Malicious code in productivity-suite-todos-fragment (npm)

--- -= Per source details. Do not edit below this line.=-...

7AI score
Exploits0
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2021-2468

Malware in sbrugna...

9.8CVSS9.2AI score0.02573EPSS
Exploits1References5
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2005-1739

Malware in sbrugna...

7.5CVSS6.4AI score0.01283EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2024/06/11 12:0 a.m.2 views

PT-2024-24049 · Cybozu · Cybozu Garoon

Name of the Vulnerable Software and Affected Versions: Cybozu Garoon versions 5.0.0 through 5.15.2 Description: The issue allows a remote authenticated attacker to delete the data of Shared To-Dos due to an incorrect authorization vulnerability. Recommendations: For Cybozu Garoon versions 5.0.0...

4.3CVSS6.3AI score0.00305EPSS
Exploits0References6
Tenable Nessus
Tenable Nessus
added 2024/05/17 12:0 a.m.22 views

GitLab 8.5 < 12.10.13 / 13.0 < 13.0.8 / 13.1 < 13.1.2 (CVE-2020-13323)

The version of GitLab installed on the remote host is affected by a vulnerability, as follows: - A vulnerability was discovered in GitLab versions prior 13.1. Under certain conditions private merge requests could be read via Todos CVE-2020-13323 Note that Nessus has not tested for this issue but...

7.7CVSS7.4AI score0.01102EPSS
Exploits0References3
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2024/05/13 6:19 a.m.5 views

Multiple vulnerabilities in Cybozu Garoon

Overview Cybozu Garoon provided by Cybozu, Inc. contains multiple vulnerabilities listed below. CyVDB-3167 Improper handling of data in Mail CWE-231 - CVE-2024-31397 CyVDB-3221 Improper restriction on the output of some API CWE-201 - CVE-2024-31398 CyVDB-3238 Excessive resource consumption in Mai...

9CVSS6.4AI score0.00504EPSS
Exploits0References13
Openbugbounty
Openbugbounty
added 2024/05/01 3:17 a.m.17 views

todos-los-antonimos.com Cross Site Scripting vulnerability OBB-3925198

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

6.2AI score
Exploits0
OSV
OSV
added 2024/03/06 11:22 a.m.19 views

BIT-GITLAB-2020-13323

A vulnerability was discovered in GitLab versions prior 13.1. Under certain conditions private merge requests could be read via Todos...

7.7CVSS7.1AI score0.01102EPSS
Exploits0References3
Rows per page
Query Builder