Lucene search
K

10 matches found

vulnersOsv
vulnersOsv
added 2026/05/28 4:50 p.m.7 views

5mghost-rover (>=0.0.1 <=0.0.3), ace-framework (>=0.6.0 <=0.7.3) +98 more potentially affected by CVE-2026-48155 via pypdf (>=6.0.0 <=6.11.0)

pypdf PYPI version =6.0.0, =0.0.1, =0.6.0, =0.1.0, =0.0.2, =0.1.0, =0.0.24, =1.45.0, =0.1.2, =0.0.1.dev0, =0.0.1, =0.0.2, =0.0.5 - autopattern =0.2.0 and more Source cves: CVE-2026-48155 Source advisory: SNYK:PYTHON-PYPDF-17054919...

5.5CVSS5.7AI score0.00127EPSS
Exploits0
OSV
OSV
added 2026/05/05 6:33 p.m.4 views

GHSA-5HRC-GVXJ-W55P Django Uses Cache Containing Sensitive Information

An issue was discovered in 6.0 before 6.0.5 and 5.2 before 5.2.14. django.middleware.cache.UpdateCacheMiddleware erroneously caches requests where the Vary header contained an asterisk ''. This can lead to private data being stored and served. Earlier, unsupported Django series such as 5.0.x,...

4.3CVSS5.7AI score0.00358EPSS
Exploits0References6
vulnersOsv
vulnersOsv
added 2026/03/20 12:31 a.m.8 views

ai.ancf.lmos-router:lmos-router-llm-in-spring-cloud-gateway-demo (=0.28.0), ai.ancf.lmos:lmos-operator (>=0.0.4 <=0.4.0) +6480 more potentially affected by CVE-2026-22737 via org.springframework:spring-webmvc (>=6.0.0 <=6.1.21)

org.springframework:spring-webmvc MAVEN version =6.0.0, =0.0.4, =0.5.0, =0.6.0, =0.5.0, =0.7.0, =0.7.0, =0.5.0, =0.7.5, =0.8.3, =0.7.0, =0.5.0, =0.5.0, =0.5.0, =cloud-0.1, =cloud-0.2.1 and more Source cves: CVE-2026-22737 Source advisory: OSV:GHSA-4773-3JFM-QMX3...

5.9CVSS6AI score0.00385EPSS
Exploits1
OSV
OSV
added 2026/01/10 2:57 a.m.6 views

CVE-2026-22595 Ghost has Staff Token permission bypass

Ghost is a Node.js content management system. In versions 5.121.0 through 5.130.5 and 6.0.0 through 6.10.3, a vulnerability in Ghost's handling of Staff Token authentication allowed certain endpoints to be accessed that were only intended to be accessible via Staff Session authentication. Externa...

8.1CVSS6.6AI score0.00494EPSS
Exploits0References5
Cvelist
Cvelist
added 2026/01/10 2:57 a.m.18 views

CVE-2026-22595 Ghost has Staff Token permission bypass

Ghost is a Node.js content management system. In versions 5.121.0 through 5.130.5 and 6.0.0 through 6.10.3, a vulnerability in Ghost's handling of Staff Token authentication allowed certain endpoints to be accessed that were only intended to be accessible via Staff Session authentication. Externa...

8.1CVSS0.00494EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2025/12/09 5:18 p.m.2 views

CVE-2025-64156

An improper neutralization of special elements used in an sql command 'sql injection' vulnerability in Fortinet FortiVoice 7.2.0 through 7.2.2, FortiVoice 7.0.0 through 7.0.7, FortiVoice 6.4 all versions, FortiVoice 6.0 all versions may allow an authenticated privileged attacker to execute...

7.2CVSS7.1AI score0.00281EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/11/18 12:0 a.m.7 views

PT-2025-47362

Name of the Vulnerable Software and Affected Versions Fortinet FortiOS versions 6.0 through 7.6.3 FortiSASE version 25.3.b Description A stack-based buffer overflow exists in Fortinet FortiOS and FortiSASE. This issue may allow remote code execution by attackers. The vulnerability is triggered by...

7.5CVSS8.2AI score0.00302EPSS
Exploits0References5
CNNVD
CNNVD
added 2024/11/19 12:0 a.m.7 views

Google Android 安全漏洞

Android is a free and open source Linux-based operating system led and developed by Google Inc. and the Open Handset Alliance. An elevation of privilege vulnerability exists in the System component of Google Android 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0, and 8.1. An attacker can exploit this...

7.8CVSS7AI score0.00077EPSS
Exploits0References1
OSV
OSV
added 2018/10/17 1:31 a.m.4 views

CVE-2018-3122

Vulnerability in the Oracle Retail Open Commerce Platform component of Oracle Retail Applications subcomponent: Integrations. Supported versions that are affected are 6.0, 6.0.1 and 5.3. Difficult to exploit vulnerability allows low privileged attacker with network access via HTTP to compromise...

6.8CVSS7.3AI score0.01278EPSS
Exploits0References2
OSV
OSV
added 2017/09/14 7:29 p.m.4 views

CVE-2017-0783

A information disclosure vulnerability in the Android system bluetooth. Product: Android. Versions: 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0. Android ID: A-63145701...

6.5CVSS7.3AI score
Exploits0References3
Rows per page
Query Builder