Lucene search
K

10 matches found

EUVD
EUVD
added 2026/06/17 6:11 p.m.15 views

EUVD-2026-36728

Multer vulnerable to Denial of Service via incomplete cleanup of aborted uploads...

7.5CVSS5.2AI score0.00278EPSS
Exploits0References3
CVE
CVE
added 2026/06/15 1:56 p.m.278 views

CVE-2026-5079

The CVE-2026-5079 issue affects the Multer library (versions 1.0.0–2.1.1 and 3.0.0-alpha.1). The vulnerability arises from the append-field dependency parsing bracket notation in field names with no limit on nesting depth, which can cause the allocation of deeply nested object structures and cons...

7.5CVSS5.4AI score0.00278EPSS
Exploits0References2Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/05/18 2:15 a.m.10 views

CVE-2026-8783

A security vulnerability has been detected in omec-project amf up to 2.1.3-dev. This impacts the function UERadioCapabilityCheckResponse of the file ngap/dispatcher.go. Such manipulation leads to null pointer dereference. The attack can be executed remotely. The exploit has been disclosed publicl...

5.3CVSS5.4AI score0.00398EPSS
Exploits0References7
ATTACKERKB
ATTACKERKB
added 2026/05/18 2:0 a.m.9 views

CVE-2026-8782

A weakness has been identified in omec-project amf up to 2.1.3-dev. This affects an unknown function of the file ngap/handler.go of the component NGAP Message Handler. This manipulation causes null pointer dereference. Remote exploitation of the attack is possible. The exploit has been made...

5.3CVSS5.3AI score0.00303EPSS
Exploits0References7
OSV
OSV
added 2025/05/28 9:31 a.m.4 views

GHSA-98V7-XXXV-HCRH Apache InLong: JDBC Vulnerability for Invisible Character Bypass Leading to Arbitrary File Read

Deserialization of Untrusted Data vulnerability in Apache InLong. This issue affects Apache InLong: from 1.13.0 through 2.1.0. This vulnerability allows attackers to bypass the security mechanisms of InLong JDBC and leads to arbitrary file reading. Users are advised to upgrade to Apache InLong's...

8.7CVSS7.4AI score0.00576EPSS
Exploits0References5
ATTACKERKB
ATTACKERKB
added 2025/05/28 8:15 a.m.3 views

CVE-2025-27522

Deserialization of Untrusted Data vulnerability in Apache InLong. This issue affects Apache InLong: from 1.13.0 through 2.1.0. This vulnerability is a secondary mining bypass for CVE-2024-26579. Users are advised to upgrade to Apache InLong's 2.2.0 or cherry-pick 1 to solve it. 1...

9.8CVSS5.9AI score0.0113EPSS
Exploits0References3Affected Software1
OSV
OSV
added 2025/05/28 8:6 a.m.3 views

CVE-2025-27522 Apache InLong: JDBC Vulnerability during verification processing

Deserialization of Untrusted Data vulnerability in Apache InLong. This issue affects Apache InLong: from 1.13.0 through 2.1.0. This vulnerability is a secondary mining bypass for CVE-2024-26579. Users are advised to upgrade to Apache InLong's 2.2.0 or cherry-pick 1 to solve it. 1...

6.5CVSS6.6AI score0.00704EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2024/04/05 12:0 a.m.5 views

PT-2024-24087

Name of the Vulnerable Software and Affected Versions PsiTransfer versions prior to 2.2.0 Description The issue arises from the absence of restrictions on the "POST /files" endpoint, which allows users to create a path for uploading a file in a file distribution. This enables an attacker to add...

6.5CVSS6.8AI score0.00524EPSS
Exploits0References10
Positive Technologies
Positive Technologies
added 2023/05/22 12:0 a.m.15 views

PT-2023-21647 · Unilogies · Bumsys

Name of the Vulnerable Software and Affected Versions: unilogies/bumsys versions prior to 2.2.0 Description: The issue is related to SQL Injection in the GitHub repository unilogies/bumsys. Recommendations: For versions prior to 2.2.0, update to version 2.2.0 or later to resolve the issue...

7.2CVSS7.2AI score0.00891EPSS
Exploits1References6
OSV
OSV
added 2023/01/06 12:31 p.m.13 views

GHSA-8PH8-9Q2J-C3RQ nodebatis SQL Injection vulnerability

A vulnerability was found in PeterMu nodebatis up to 2.1.x. It has been classified as critical. Affected is an unknown function. The manipulation leads to sql injection. Upgrading to version 2.2.0 can address this issue. The name of the patch is 6629ff5b7e3d62ad8319007a54589ec1f62c7c35. It is...

9.8CVSS9.9AI score0.00681EPSS
Exploits0References6
Rows per page
Query Builder