Lucene search
K

5 matches found

Snyk
Snyk
added 2026/05/06 11:16 p.m.5 views

Improper Verification of Cryptographic Signature

Overview Affected versions of this package are vulnerable to Improper Verification of Cryptographic Signature due to the lack of exposure of the HMAC-SHA256 signing key in the SDK's typed API, which prevents verification of the X-AxonFlow-Signature header on incoming webhook deliveries. An attack...

8.2CVSS5.8AI score
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/05/04 12:0 a.m.13 views

PT-2026-36882

Name of the Vulnerable Software and Affected Versions OpenC3 COSMOS versions prior to 7.0.0-rc3 Description The Script Runner widget allows users to execute Python and Ruby scripts directly from the 'openc3-COSMOS-script-runner-api' container. Since all Docker containers share a network, users ca...

9.6CVSS5.9AI score0.00341EPSS
Exploits1References14
Snyk
Snyk
added 2026/03/24 10:15 p.m.4 views

Allocation of Resources Without Limits or Throttling

Overview Scriban.Signed is a fast, powerful, safe and lightweight scripting language and engine for .NET, which was primarily developed for text templating with a compatibility mode for parsing liquid templates. Affected versions of this package are vulnerable to Allocation of Resources Without...

7.1CVSS5.9AI score
Exploits0References2
Positive Technologies
Positive Technologies
added 2023/02/22 12:0 a.m.6 views

PT-2023-1582 · Openemr · Openemr

Name of the Vulnerable Software and Affected Versions: OpenEMR versions prior to 7.0.0 Description: The issue is related to a Path Traversal vulnerability in the setup.php file of OpenEMR. This vulnerability allows remote unauthenticated users to read arbitrary files by controlling a connection t...

7.8CVSS7.5AI score0.01892EPSS
Exploits1References9
Positive Technologies
Positive Technologies
added 2018/02/09 12:0 a.m.7 views

PT-2018-5273 · Dolibarr · Dolibarr

Name of the Vulnerable Software and Affected Versions: Dolibarr versions prior to 7.0.0 Description: The issue is a Cross Site Scripting XSS vulnerability in Product details, which can result in the execution of javascript code. Recommendations: For versions prior to 7.0.0, update to version 7.0....

5.4CVSS5.2AI score0.00921EPSS
Exploits1References9
Rows per page
Query Builder