Lucene search
K

9 matches found

NVD
NVD
added 2026/02/19 5:24 p.m.9 views

CVE-2026-26016

Wings is the server control plane for Pterodactyl, a free, open-source game server management panel. Prior to version 1.12.1, a missing authorization check in multiple controllers allows any user with access to a node secret token to fetch information about any server on a Pterodactyl instance,...

9.2CVSS0.00316EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/02/19 3:55 p.m.21 views

CVE-2026-26016 Pterodactyl Panel Allows Cross-Node Server Configuration Disclosure via Remote API Missing Authorization

Wings is the server control plane for Pterodactyl, a free, open-source game server management panel. Prior to version 1.12.1, a missing authorization check in multiple controllers allows any user with access to a node secret token to fetch information about any server on a Pterodactyl instance,...

9.2CVSS0.00316EPSS
Exploits0References2
OSV
OSV
added 2026/02/19 3:55 p.m.6 views

CVE-2026-26016 Pterodactyl Panel Allows Cross-Node Server Configuration Disclosure via Remote API Missing Authorization

Wings is the server control plane for Pterodactyl, a free, open-source game server management panel. Prior to version 1.12.1, a missing authorization check in multiple controllers allows any user with access to a node secret token to fetch information about any server on a Pterodactyl instance,...

9.2CVSS5.7AI score0.00316EPSS
Exploits0References4
Github Security Blog
Github Security Blog
added 2026/02/13 12:31 p.m.9 views

Apache Avro Java SDK is Vulnerable to Code Injection

Improper Control of Generation of Code 'Code Injection' vulnerability in Apache Avro Java SDK when generating specific records from untrusted Avro schemas. This issue affects Apache Avro Java SDK: all versions through 1.11.4 and version 1.12.0. Users are recommended to upgrade to version 1.12.1 o...

7.3CVSS5.5AI score0.00602EPSS
Exploits0References9Affected Software1
Cvelist
Cvelist
added 2026/02/13 11:47 a.m.26 views

CVE-2025-33042 Apache Avro Java SDK: Code injection on Java generated code

Improper Control of Generation of Code 'Code Injection' vulnerability in Apache Avro Java SDK when generating specific records from untrusted Avro schemas. This issue affects Apache Avro Java SDK: all versions through 1.11.4 and version 1.12.0. Users are recommended to upgrade to version 1.12.1 o...

0.00602EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/02/13 12:0 a.m.9 views

PT-2026-7986

Name of the Vulnerable Software and Affected Versions Apache Avro Java SDK versions through 1.11.4 and version 1.12.0 Description An Improper Control of Generation of Code 'Code Injection' issue exists in Apache Avro Java SDK when generating specific records from untrusted Avro schemas. The flaw...

7.3CVSS5.8AI score0.00602EPSS
Exploits0References23
OSV
OSV
added 2026/01/15 5:57 p.m.2 views

SUSE-SU-2026:20089-1 Security update for alloy

This update for alloy fixes the following issues: Upgrade to version 1.12.1. Security issues fixed: - CVE-2025-47911: golang.org/x/net/html: quadratic complexity algorithms used when parsing untrusted HTML documents bsc1251509. - CVE-2025-58190: golang.org/x/net/html: excessive memory consumption...

7.5CVSS6.3AI score0.00591EPSS
Exploits2References7
OSV
OSV
added 2023/01/05 12:30 p.m.5 views

GHSA-G4R8-28FP-F255 aXMLRPC XML External Entity vulnerability

A vulnerability classified as problematic was found in gturri aXMLRPC up to 1.12.0. This vulnerability affects the function ResponseParser of the file src/main/java/de/timroes/axmlrpc/ResponseParser.java. The manipulation leads to xml external entity reference. Upgrading to version 1.12.1 is able...

9.8CVSS5.1AI score0.00845EPSS
Exploits0References8
Positive Technologies
Positive Technologies
added 2023/01/05 12:0 a.m.7 views

PT-2023-11811 · Gturri · Xmlrpc

Name of the Vulnerable Software and Affected Versions: gturri aXMLRPC versions up to 1.12.0 Description: A vulnerability was found in the ResponseParser function of the file src/main/java/de/timroes/axmlrpc/ResponseParser.java. The manipulation leads to xml external entity reference...

9.8CVSS5.8AI score0.00845EPSS
Exploits0References21
Rows per page
Query Builder