Lucene search
K

4 matches found

Cvelist
Cvelist
added 2026/04/25 3:15 p.m.40 views

CVE-2026-6983 pagekit download server-side request forgery

A vulnerability was identified in pagekit up to 1.0.18. Affected by this issue is some unknown functionality of the file /index.php/admin/system/update/download. The manipulation of the argument url leads to server-side request forgery. Remote exploitation of the attack is possible. The exploit i...

5.8CVSS0.00273EPSS
Exploits0References4
ATTACKERKB
ATTACKERKB
added 2022/02/28 2:15 p.m.6 views

CVE-2022-24685

HashiCorp Nomad and Nomad Enterprise 1.0.17, 1.1.11, and 1.2.5 allow invalid HCL for the jobs parse endpoint, which may cause excessive CPU usage. Fixed in 1.0.18, 1.1.12, and 1.2.6...

7.5CVSS7.1AI score0.01524EPSS
Exploits0References5
HashiCorp Security Advisories
HashiCorp Security Advisories
added 2022/02/11 1:12 a.m.5 views

Nomad alloc Filesystem and Container Escape

Summary Nomad and Nomad Enterprise “Nomad” allows operators with read-fs and alloc-exec or job-submit capabilities to read arbitrary files on the host filesystem as root through the Nomad client agent. This vulnerability, CVE-2022-24683, was fixed in Nomad 1.0.18, 1.1.12, and 1.2.6. Background...

7.8CVSS6.9AI score0.01539EPSS
Exploits0Affected Software1
HashiCorp Security Advisories
HashiCorp Security Advisories
added 2022/02/11 1:9 a.m.6 views

Nomad Artifact Download Race Condition

Summary Nomad and Nomad Enterprise “Nomad” artifact download functionality had a race condition such that the Nomad client agent could download the wrong artifact into the wrong destination. This vulnerability, CVE-2022-24686, was fixed in Nomad 1.0.18, 1.1.12, and 1.2.6. Background Nomad uses th...

5.9CVSS6.3AI score0.00863EPSS
Exploits0Affected Software1
Rows per page
Query Builder