18661 matches found
The vulnerability of the Directum Web Agent component of the Directum RX system, which arises due to insufficient validation of input data, allows a perpetrator to execute arbitrary code.
The vulnerability of the Directum Web Agent component of the Directum RX system exists due to insufficient validation of input data. Exploiting this vulnerability could allow a malicious actor to execute arbitrary code using a specially crafted file...
PraisonAI AgentOS - Information Disclosure
PraisonAI's AgentOS FastAPI application server exposes an unauthenticated GET /api/agents endpoint that lists every registered agent's name, role and the opening of its instructions system prompt. No authentication is enforced on the route, allowing a remote attacker to enumerate agent...
Piwigo 13.7.0 - SQL Injection
Piwigo is open source photo gallery software. Prior to version 13.8.0, there is a SQL Injection vulnerability in the login of the administrator screen. The SQL statement that acquires the HTTP Header User-Agent is vulnerable at the endpoint that records user information when logging in to the...
Jolokia Agent - JNDI Code Injection
Jolokia agent is vulnerable to a JNDI injection vulnerability that allows a remote attacker to run arbitrary Java code on the server when the agent is in proxy mode. id: CVE-2018-1000130 info: name: Jolokia Agent - JNDI Code Injection author: milo2012 severity: high description: | Jolokia agent i...
EUVD-2026-45308
IBM Langflow OSS 1.0.0 through 1.10.1 Lanflow OSS contains an unauthenticated remote code execution vulnerability in the public flow build endpoint /api/v1/buildpublictmp/flowid/flow . The vulnerability stems from an incomplete denylist in the validatepublicflownocodeexecution function that fails...
CVE-2026-50197 Skipper: opaAuthorizeRequestWithBody filter bypasses OPA policy on Transfer-Encoding: chunked / HTTP/2 requests
Skipper is an HTTP router and reverse proxy for service composition. Prior to 0.26.10, zalando/skipper's OpenPolicyAgent integration silently bypasses request-body inspection on HTTP/1.1 Transfer-Encoding: chunked and HTTP/2 requests that omit the content-length pseudo-header, because the...
Skipper: Unbounded Request Body Read in Admission Webhook Causes Memory Exhaustion DoS
Summary The Kubernetes admission webhook handler reads the entire request body using io.ReadAllr.Body without any size limit. Any client that can reach the webhook port within the cluster can send a multi-GB payload, causing the skipper process to exhaust memory and be OOM-killed. This disrupts a...
CVE-2025-60357
AhnLab EPP Management v1.0.14.32-6249 was discovered to contain a NoSQL injection vulnerability via the eventlog/agentEvent/list endpoint...
CVE-2026-53713 vulnerabilities
Vulnerabilities for packages: gitlab-operator, tigera-operator-fips, tigera-operator, datadog-agent-fips, datadog-agent, gitlab-operator-fips...
CVE-2026-53719 vulnerabilities
Vulnerabilities for packages: gitlab-operator, tigera-operator-fips, tigera-operator, datadog-agent-fips, datadog-agent, gitlab-operator-fips...
GHSA-8FV2-88GG-HM7Q vulnerabilities
Vulnerabilities for packages: gitlab-operator, tigera-operator-fips, tigera-operator, datadog-agent-fips, datadog-agent, gitlab-operator-fips...
CVE-2026-53717 vulnerabilities
Vulnerabilities for packages: gitlab-operator, tigera-operator-fips, tigera-operator, datadog-agent-fips, datadog-agent, gitlab-operator-fips...
GHSA-22XC-XG2R-9J7V vulnerabilities
Vulnerabilities for packages: gitlab-operator, tigera-operator-fips, tigera-operator, datadog-agent-fips, datadog-agent, gitlab-operator-fips...
CVE-2026-53714 vulnerabilities
Vulnerabilities for packages: gitlab-operator, tigera-operator-fips, tigera-operator, datadog-agent-fips, datadog-agent, gitlab-operator-fips...
CVE-2026-53715 vulnerabilities
Vulnerabilities for packages: gitlab-operator, tigera-operator-fips, tigera-operator, datadog-agent-fips, datadog-agent, gitlab-operator-fips...
CVE-2026-53718 vulnerabilities
Vulnerabilities for packages: gitlab-operator, tigera-operator-fips, tigera-operator, datadog-agent-fips, datadog-agent, gitlab-operator-fips...
CVE-2026-53716 vulnerabilities
Vulnerabilities for packages: gitlab-operator, tigera-operator-fips, tigera-operator, datadog-agent-fips, datadog-agent, gitlab-operator-fips...
GHSA-M2V6-2JMH-4C68 vulnerabilities
Vulnerabilities for packages: gitlab-operator, tigera-operator-fips, tigera-operator, datadog-agent-fips, datadog-agent, gitlab-operator-fips...
GHSA-CXPQ-8V7Q-CG56 vulnerabilities
Vulnerabilities for packages: gitlab-operator, tigera-operator-fips, tigera-operator, datadog-agent-fips, datadog-agent, gitlab-operator-fips...
GHSA-WCRF-9VRR-854F vulnerabilities
Vulnerabilities for packages: gitlab-operator, tigera-operator-fips, tigera-operator, datadog-agent-fips, datadog-agent, gitlab-operator-fips...