Lucene search
K

4 matches found

OSV
OSV
added 2026/03/23 6:14 p.m.4 views

GO-2026-4766 SiYuan has an Incomplete Fix for IsSensitivePath Denylist Allows File Read from /opt, /usr, /home (GHSA-h5vh-m7fg-w5h6 Bypass) in github.com/siyuan-note/siyuan/kernel

SiYuan has an Incomplete Fix for IsSensitivePath Denylist Allows File Read from /opt, /usr, /home GHSA-h5vh-m7fg-w5h6 Bypass in github.com/siyuan-note/siyuan/kernel. NOTE: The source advisory for this report contains additional versions that could not be automatically mapped to standard Go module...

6.8CVSS5.8AI score0.00489EPSS
Exploits1References1
CNNVD
CNNVD
added 2026/03/20 12:0 a.m.9 views

SiYuan 访问控制错误漏洞

SiYuan is a privacy-oriented personal knowledge management system developed by SiYuan itself. Versions of SiYuan prior to 3.6.2 contained an access control vulnerability. This vulnerability stemmed from the WebSocket server accepting unauthenticated connections, and no type checking was performed...

7.5CVSS6.4AI score0.00497EPSS
Exploits1References1
OSV
OSV
added 2020/02/06 3:15 a.m.6 views

CVE-2019-20104

The OpenID client application in Atlassian Crowd before version 3.6.2, and from version 3.7.0 before 3.7.1 allows remote attackers to perform a Denial of Service attack via an XML Entity Expansion vulnerability...

7.5CVSS7.2AI score0.02434EPSS
Exploits1References2
Positive Technologies
Positive Technologies
added 2011/01/13 12:0 a.m.3 views

PT-2011-1615 · Eclipse +1 · Eclipse Ide +1

Name of the Vulnerable Software and Affected Versions: Eclipse IDE versions prior to 3.6.2 Description: The issue concerns multiple cross-site scripting XSS vulnerabilities in the Help Contents web application of the Eclipse IDE. These vulnerabilities allow remote attackers to inject arbitrary we...

4.3CVSS5.4AI score0.05219EPSS
Exploits1References15
Rows per page
Query Builder