Lucene search
K

6 matches found

OSV
OSV
added 2026/05/11 6:31 p.m.5 views

GHSA-65H7-C7C4-MGHX MLflow Has a Server-Side Request Forgery (SSRF) Vulnerability

A Server-Side Request Forgery SSRF vulnerability exists in MLflow versions prior to 3.9.0. The createwebhook function in mlflow/server/handlers.py accepts a user-controlled url parameter without validation, and the sendwebhookrequest function in mlflow/webhooks/delivery.py sends HTTP POST request...

7.1CVSS6AI score0.00288EPSS
Exploits1References4
Positive Technologies
Positive Technologies
added 2025/12/24 12:0 a.m.4 views

PT-2025-53270

Name of the Vulnerable Software and Affected Versions Funnelforms versions prior to 3.9 Description An authorization issue exists in Funnelforms Free that allows exploitation of incorrectly configured access control security levels. Recommendations Update to version 3.9 or later...

8.8CVSS6.6AI score0.00219EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2024/04/15 12:0 a.m.4 views

PT-2024-24389 · Unknown · Gold Plugins

Name of the Vulnerable Software and Affected Versions: Gold Plugins Before And After versions n/a through 3.9 Description: The issue is a Cross-Site Request Forgery CSRF vulnerability. This type of vulnerability allows an attacker to trick a user into performing unintended actions on a web...

4.3CVSS6.5AI score0.00212EPSS
Exploits0References4
OSV
OSV
added 2023/04/07 7:15 p.m.8 views

CVE-2023-23762

An incorrect comparison vulnerability was identified in GitHub Enterprise Server that allowed commit smuggling by displaying an incorrect diff. To do so, an attacker would need write access to the repository and be able to correctly guess the target branch before it’s created by the code...

5.3CVSS5.9AI score0.0064EPSS
Exploits0References5
CNNVD
CNNVD
added 2021/12/23 12:0 a.m.3 views

Apple Remote Desktop 加密问题漏洞

Apple Remote Desktop is a remote desktop feature from Apple. A security vulnerability exists in Apple Remote Desktop versions prior to 3.9, which can be exploited by an attacker to capture plaintext passwords...

7.5CVSS7.4AI score0.00593EPSS
Exploits0References2
CNVD
CNVD
added 2020/06/22 12:0 a.m.1 views

Mattermost Server Trust Management Issues Vulnerability (CNVD-2020-35447)

Mattermost Server is the United States Mattermost company's set of open source messaging platform. A security vulnerability exists in Mattermost Server versions prior to 3.9.0 that stems from encryption and signature verification not being mandatory. No details of the vulnerability are provided a...

7.5CVSS6.8AI score0.00656EPSS
Exploits0References1
Rows per page
Query Builder