Lucene search
K

7 matches found

CVE
CVE
added 2026/04/14 12:8 a.m.20 views

CVE-2026-39418

CVE-2026-39418 MaxKB is affected in versions ≤ 2.7.1 where the sandbox’s network protection can be bypassed. An authenticated user with tool-editing permissions can reach internal services blocked by the sandbox by using socket.sendto() with the MSG_FASTOPEN flag. MaxKB’s sandbox relies on LD_PRE...

7.4CVSS5.7AI score0.00198EPSS
Exploits0References3Affected Software1
Positive Technologies
Positive Technologies
added 2026/01/13 12:0 a.m.15 views

PT-2026-2804

Name of the Vulnerable Software and Affected Versions GuardDog versions prior to 2.7.1 Description GuardDog, a CLI tool for identifying malicious PyPI packages, contains a flaw in its safe extract function. This function does not validate the size of decompressed files when handling ZIP archives,...

7.5CVSS6.5AI score0.00431EPSS
Exploits1References13
OSV
OSV
added 2025/11/05 6:41 p.m.6 views

GO-2025-4085 Zitadel allows brute-forcing authentication factors in github.com/zitadel/zitadel

Zitadel allows brute-forcing authentication factors in github.com/zitadel/zitadel. NOTE: The source advisory for this report contains additional versions that could not be automatically mapped to standard Go module versions. If this is causing false-positive reports from vulnerability scanners,...

9.8CVSS7AI score0.00353EPSS
Exploits0References3
OSV
OSV
added 2023/11/07 12:15 p.m.6 views

CVE-2023-5577

The Bitly's plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'wpbitly' shortcode in all versions up to, and including, 2.7.1 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers...

5.4CVSS7AI score0.00521EPSS
Exploits0References2
SUSE CVE
SUSE CVE
added 2023/02/15 3:28 a.m.6 views

SUSE CVE-2022-23578

Tensorflow is an Open Source Machine Learning Framework. If a graph node is invalid, TensorFlow can leak memory in the implementation of ImmutableExecutorState::Initialize. Here, we set item-kernel to nullptr but it is a simple OpKernel pointer so the memory that was previously allocated to it...

4.3CVSS4.7AI score0.00716EPSS
Exploits1References3
CNNVD
CNNVD
added 2022/08/02 12:0 a.m.5 views

WordPress plugin JS Help Desk 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress plugin is an application plugin that supports personal blog sites on PHP and MySQL servers. A security vulnerability exists in WordPress plugin...

9.1CVSS5.3AI score0.00703EPSS
Exploits0References1
CNNVD
CNNVD
added 2022/02/24 12:0 a.m.5 views

Lfi-ProcessWire Cms 路径遍历漏洞

Ryan Cramer Design Lfi-ProcessWire Cms is a free Content Management System Cms and Framework Cmf from Ryan Cramer Design USA designed to save you time and work the way you want. A path traversal vulnerability exists in Ryan Cramer Design Lfi-ProcessWire Cms versions prior to 2.7.1, which stems fr...

7.8CVSS7.3AI score0.15737EPSS
Exploits1References2
Rows per page
Query Builder