Lucene search
+L

4 matches found

RedhatCVE
RedhatCVE
added 2026/07/02 12:22 p.m.7 views

CVE-2026-55153

A flaw was found in mchange-commons-java, a Java utility library. This vulnerability allows a remote attacker to achieve arbitrary code execution through Java Naming and Directory Interface JNDI injection. The library's JNDI ObjectFactory can construct objects of arbitrary classes and initialize...

7.5CVSS6.5AI score0.00327EPSS
Exploits0References4
Snyk
Snyk
added 2026/03/11 2:53 p.m.7 views

Always-Incorrect Control Flow Implementation

Overview Affected versions of this package are vulnerable to Always-Incorrect Control Flow Implementation due to incorrect state handling in nested execution paths involving the ICS20 precompile. An attacker can repeatedly utilize the same token balance within a single transaction by exploiting...

9.8CVSS5.9AI score
Exploits0References3
Positive Technologies
Positive Technologies
added 2025/11/05 12:0 a.m.12 views

PT-2025-45102

Name of the Vulnerable Software and Affected Versions Doris MCP Server versions prior to 0.6.0 Description An attacker with a valid read-only account can bypass the Doris MCP Server’s read-only mode due to improper access control. This allows modifications that should have been prevented by...

5.4CVSS5.9AI score0.00336EPSS
Exploits0References14
OSV
OSV
added 2025/09/17 12:0 p.m.6 views

RUSTSEC-2025-0070 Pingora MadeYouReset HTTP/2 vulnerability

Pingora deployments using versions prior to 0.6.0 that include HTTP/2 server support may be affected by the vulnerability described in CVE-2025-8671. Under certain conditions, Pingora applications may allocate buffers before the HTTP/2 reset and resulting stream cancellation is processed by the...

7.5CVSS6.8AI score0.0351EPSS
Exploits3References5
Rows per page
Query Builder