Lucene search
K

8 matches found

Positive Technologies
Positive Technologies
added 2026/06/11 12:0 a.m.14 views

PT-2026-48808

Summary Several Kolibri API endpoints accept an unvalidated baseurl parameter and fetch attacker-controlled URLs from the Kolibri server, reflecting the response body back to the caller. The original report identified two endpoints on the RemoteFacilityUser viewsets; remediation review found two...

5.8CVSS5.8AI score0.00047EPSS
Exploits0References4
CNNVD
CNNVD
added 2026/04/06 12:0 a.m.7 views

Distribution 安全漏洞

Distribution is an open-source toolset developed by Distribution, used for packaging, transporting, storing, and delivering content. Versions of Distribution prior to 3.1.0 contained security vulnerabilities. These vulnerabilities stemmed from unvalidated domain URLs under the pull cache mode,...

7.5CVSS5.8AI score0.00274EPSS
Exploits1References2
Microsoft CVE
Microsoft CVE
added 2026/01/10 9:4 a.m.5 views

Wget2: gnu wget2: memory corruption and crash via filename sanitization logic with attacker-controlled urls

...

8.8CVSS5.4AI score0.00291EPSS
Exploits0
Cvelist
Cvelist
added 2026/01/09 7:57 a.m.24 views

CVE-2025-69195 Wget2: gnu wget2: memory corruption and crash via filename sanitization logic with attacker-controlled urls

A flaw was found in GNU Wget2. This vulnerability, a stack-based buffer overflow, occurs in the filename sanitization logic when processing attacker-controlled URL paths, particularly when filename restriction options are active. A remote attacker can exploit this by providing a specially crafted...

7.6CVSS0.00291EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2025/12/09 2:15 a.m.3 views

CVE-2025-42896 Server-Side Request Forgery (SSRF) in SAP BusinessObjects Business Intelligence Platform

SAP BusinessObjects Business Intelligence Platform lets an unauthenticated remote attacker send crafted requests through the URL parameter that controls the login page error message. This can cause the server to fetch attacker-supplied URLs, resulting in low impact to confidentiality and integrit...

5.4CVSS6.6AI score0.0026EPSS
Exploits0References2
SUSE CVE
SUSE CVE
added 2023/02/15 4:13 a.m.4 views

SUSE CVE-2019-10638

In the Linux kernel before 5.1.7, a device can be tracked by an attacker using the IP ID values the kernel produces for connection-less protocols e.g., UDP and ICMP. When such traffic is sent to multiple destination IP addresses, it is possible to obtain hash collisions of indices to the counter...

5.3CVSS7.1AI score0.02571EPSS
Exploits0References17
OSV
OSV
added 2020/10/16 11:15 p.m.4 views

CVE-2020-16969

An information disclosure vulnerability exists in how Microsoft Exchange validates tokens when handling certain messages. An attacker who successfully exploited the vulnerability could use this to gain further information from a user. To exploit the vulnerability, an attacker could include...

7.1CVSS7.1AI score0.02528EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2008/05/29 12:0 a.m.39 views

Fedora 7 : libpng10-1.0.37-1.fc7 (2008-3979)

This update fixes the way that libpng10 handles unknown zero-length chunks, which in previous versions could result in writing to attacker controlled addresses, depending on how the libpng api is used. To be affected, an application would have to call pngsetkeepunknownchunks, which tells libpng n...

7.5CVSS8.1AI score0.05514EPSS
Exploits1References3
Rows per page
Query Builder