Lucene search
+L

29 matches found

github
github
added 2026/05/14 2:52 p.m.16 views

FlowiseAI has Mass Assignment in Tool Update Endpoint that Allows Cross-Workspace Resource Reassignment

Summary A Mass Assignment vulnerability exists in the tool update endpoint of FlowiseAI. The endpoint allows authenticated users to modify server-controlled properties such as workspaceId, createdDate, and updatedDate when updating a tool resource. Due to missing server-side validation and...

7.6CVSS5.9AI score0.00195EPSS
Exploits1References4Affected Software1
ptsecurity
ptsecurity
added 2026/05/14 12:0 a.m.23 views

PT-2026-40976

Name of the Vulnerable Software and Affected Versions Flowise versions prior to 3.1.2 Description A mass assignment issue exists in the tool update endpoint. This occurs when the server does not restrict which properties a client can modify, allowing user-controlled request bodies to include fiel...

7.6CVSS5.6AI score0.00195EPSS
Exploits1References7
ptsecurity
ptsecurity
added 2026/05/14 12:0 a.m.23 views

PT-2026-41190

Name of the Vulnerable Software and Affected Versions Open WebUI versions prior to 0.9.5 Description A missing authorization check in the tool update endpoint "POST /api/v1/tools/id/id/update" allows users to bypass the workspace.tools security boundary. While the tool creation endpoint correctly...

7.2CVSS6.3AI score0.00437EPSS
Exploits1References7
redhat
redhat
added 2026/04/15 3:31 p.m.51 views

Critical: Red Hat Security Advisory: rhc security update

An update for rhc is now available for Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is availabl...

7.5CVSS6.7AI score0.99999EPSS
Exploits19References3
osv
osv
added 2025/11/13 3:23 a.m.5 views

MAL-2025-186442 Malicious code in cygnus-tool-update-xenos (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3e6dda9b734db336089ca3b7e1b189859e059a4a50e2263aa85436870537b513 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

6.8AI score
Exploits0
osv
osv
added 2024/08/30 11:9 a.m.5 views

OESA-2024-2082 tpm2-tools security update

The package contains the code for the TPM Trusted Platform Module 2.0 tools based on tpm2-tss. Security Fixes: tpm2-tools is the source repository for the Trusted Platform Module TPM2.0 tools. A malicious attacker can generate arbitrary quote data which is not detected by tpm2 checkquote. This...

9CVSS7.1AI score0.00984EPSS
Exploits2References3
kitploit
kitploit
added 2020/04/14 10:0 p.m.153 views

Htbenum - A Linux Enumeration Script For Hack The Box

This script is designed for use in situations where you do not have internet access on a Linux host and would like to run enumeration and exploit suggestion scripts, such as Hack The Box. I find myself running a similar set of scripts when I get an initial foothold on a Linux box, and this script...

7.3AI score
Exploits0References8
pentestit
pentestit
added 2018/11/28 11:4 p.m.83 views

TOOL UPDATE: Cameradar v2.1.0

PenTestIT RSS Feed My initial post covering this open source Real Time Streaming Protocol RTSP surveillance camera access multi-tool was about an older version - Cameradar v2.0.0. A lot has happened since then and an update – Cameradar v2.1.0 was made available by the author. This version comes...

1.7AI score
Exploits0
msupdate
msupdate
added 1970/01/01 3:0 a.m.29 views

Windows Malicious Software Removal Tool x64 - v5.125 (KB890830)

After the download, this tool runs one time to check your computer for infection by specific, prevalent malicious software including Blaster, Sasser, and Mydoom and helps remove any infection that is found. If an infection is found, the tool will display a status report the next time that you sta...

7.1AI score
Exploits0
Rows per page
Query Builder