Lucene search
K

6 matches found

Snyk
Snyk
added 2026/01/19 7:49 p.m.6 views

Improper Resource Locking

Overview pterodactyl/panel is a game management panel. Affected versions of this package are vulnerable to Improper Resource Locking due to the validation occuring early in the request cycle and not locking the target resource while it is processing. An attacker can exhaust system resources and...

6.5CVSS5.6AI score0.00212EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.7 views

EUVD-2024-54889

Malicious code in bioql PyPI...

6.3CVSS6.3AI score0.00359EPSS
Exploits0References3
Snyk
Snyk
added 2025/09/10 8:43 p.m.2 views

Improper Authentication

Overview Affected versions of this package are vulnerable to Improper Authentication via the WebSocket endpoint /api/v2/ws/logs, which is not protected by the authentication middleware even when authentication is enabled. An attacker can access real-time application logs, including internal file...

8.8CVSS6.7AI score0.00663EPSS
Exploits1References2
Positive Technologies
Positive Technologies
added 2022/11/24 12:0 a.m.3 views

PT-2022-25647 · Pilz · Pasvisu Server

Name of the Vulnerable Software and Affected Versions: Pilz PASvisu Server versions prior to 1.12.0 Description: A path traversal vulnerability was discovered, allowing an unauthenticated remote attacker to use a zipped, malicious configuration file to trigger arbitrary file writes, also known as...

7.5CVSS7.6AI score0.00859EPSS
Exploits0References5
Debian CVE
Debian CVE
added 2022/09/14 7:50 p.m.4 views

CVE-2022-36056

Cosign is a project under the sigstore organization which aims to make signatures invisible infrastructure. In versions prior to 1.12.0 a number of vulnerabilities have been found in cosign verify-blob, where Cosign would successfully verify an artifact when verification should have failed. First...

5.5CVSS5.8AI score0.00145EPSS
Exploits1
OSV
OSV
added 2021/01/06 8:1 p.m.3 views

GHSA-395W-QHQR-9FR6 Path Traversal in Apache Flink

A change introduced in Apache Flink 1.11.0 and released in 1.11.1 and 1.11.2 as well allows attackers to read any file on the local filesystem of the JobManager through the REST interface of the JobManager process. Access is restricted to files accessible by the JobManager process. All users shou...

7.5CVSS5.9AI score0.97856EPSS
Exploits14References33
Rows per page
Query Builder