Lucene search
K

4 matches found

OSV
OSV
added 2026/04/13 12:31 p.m.2 views

GHSA-RP7W-624X-95QV Duplicate Advisory: LibreNMS affected by an authenticated Cross-site Scripting vulnerability on the showconfig page

Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-5gm9-622f-qcg5. This link is maintained to preserve external references. Original Description LibreNMS versions before 26.3.0 are affected by an authenticated Cross-site Scripting vulnerability on the showconfig...

4.8CVSS5.8AI score0.00225EPSS
Exploits1References3
Github Security Blog
Github Security Blog
added 2026/04/13 12:31 p.m.12 views

Duplicate Advisory: LibreNMS affected by an authenticated Cross-site Scripting vulnerability on the showconfig page

Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-5gm9-622f-qcg5. This link is maintained to preserve external references. Original Description LibreNMS versions before 26.3.0 are affected by an authenticated Cross-site Scripting vulnerability on the showconfig...

4.8CVSS5.8AI score0.00225EPSS
Exploits1References3Affected Software1
RedhatCVE
RedhatCVE
added 2026/03/11 7:8 a.m.5 views

CVE-2026-3089

Actual Sync Server allows authenticated users to upload files through POST /sync/upload-user-file. In versions prior to 26.3.0, improper validation of the user-controlled x-actual-file-id header means that traversal segments ../ can escape the intended directory and write files outside...

5.3CVSS5.8AI score0.00377EPSS
Exploits1References1
Positive Technologies
Positive Technologies
added 2026/03/09 12:0 a.m.7 views

PT-2026-24064

Name of the Vulnerable Software and Affected Versions Actual Sync Server versions prior to 26.3.0 Description Actual Sync Server allows authenticated users to upload files through the ''/sync/upload-user-file'' API endpoint. In versions prior to 26.3.0, insufficient validation of the...

6.5CVSS5.8AI score0.00377EPSS
Exploits1References14
Rows per page
Query Builder