Lucene search
K

12 matches found

CBLMariner
CBLMariner
added 2026/05/14 11:27 p.m.10 views

CVE-2025-48431 affecting package thrift for versions less than 0.15.0-6

CVE-2025-48431 affecting package thrift for versions less than 0.15.0-6. A patched version of the package is available...

7.5CVSS5.8AI score0.01051EPSS
Exploits0
OSV
OSV
added 2025/10/09 8:53 p.m.5 views

CVE-2025-61779 Trustee's attestation-policy endpoint is not protected by admin autentication

Confidential Containers's Trustee project contains tools and components for attesting confidential guests and providing secrets to them. In versions prior to 0.15.0, the attestation-policy endpoint didn't check if the kbs-client submitting the request was actually authenticated had the right key...

8.7CVSS6.7AI score0.00321EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2025/08/31 12:0 a.m.3 views

Linux Distros Unpatched Vulnerability : CVE-2025-55291

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Shaarli is a minimalist bookmark manager and link sharing service. Prior to 0.15.0, the input string in the cloud tag page is not properly sanitized. This allow...

7.1CVSS5.5AI score0.00216EPSS
Exploits0References2
Cvelist
Cvelist
added 2025/08/18 5:6 p.m.12 views

CVE-2025-55291 Shaarli allows reflected XSS via searchtags parameter

Shaarli is a minimalist bookmark manager and link sharing service. Prior to 0.15.0, the input string in the cloud tag page is not properly sanitized. This allows the tag to be prematurely closed, leading to a reflected Cross-Site Scripting XSS vulnerability. This vulnerability is fixed in 0.15.0...

7.1CVSS0.00216EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2025/08/18 12:0 a.m.8 views

PT-2025-33676

Name of the Vulnerable Software and Affected Versions: Shaarli versions prior to 0.15.0 Description: Shaarli is a minimalist bookmark manager and link sharing service. Input strings in the cloud tag page are not properly sanitized, allowing premature closure of the tag. This results in a reflecte...

7.1CVSS5.4AI score0.00216EPSS
Exploits0References17
Tenable Nessus
Tenable Nessus
added 2025/08/18 12:0 a.m.3 views

Linux Distros Unpatched Vulnerability : CVE-2020-24994

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Stack overflow in the parsetag function in libass/assparse.c in libass before 0.15.0 allows remote attackers to cause a denial of service or remote code executi...

8.8CVSS7.8AI score0.02628EPSS
Exploits0References2
CNNVD
CNNVD
added 2025/08/13 12:0 a.m.3 views

External Secrets 访问控制错误漏洞

External Secrets is a Kubernetes-related application from External Secrets open source. An access control error vulnerability exists in External Secrets versions prior to 0.15.0 through 0.19.2 that stems from the PushSecret controller not applying a namespace selector, which could lead to the...

7.1CVSS6.2AI score0.00324EPSS
Exploits0References5
CNNVD
CNNVD
added 2024/02/05 12:0 a.m.6 views

HashiCorp Boundary Security Vulnerability

HashiCorp Boundary is an open source solution from the US-based HashiCorp Inc. It automates secure identity-based user access to hosts and services across environments. A security vulnerability exists in HashiCorp Boundary and Boundary Enterprise versions prior to 0.15.0 that stems from...

8CVSS6.8AI score0.00294EPSS
Exploits0References2
PyPA
PyPA
added 2024/01/11 3:15 a.m.6 views

PYSEC-2024-6

cdo-local-uuid project provides a specialized UUID-generating function that can, on user request, cause a program to generate deterministic UUIDs. An information leakage vulnerability is present in cdo-local-uuid at version 0.4.0, and in case-utils in unpatched versions matching the pattern 0.x.0...

2.8CVSS6.7AI score0.0041EPSS
Exploits1References15Affected Software1
PyPA
PyPA
added 2024/01/11 3:15 a.m.9 views

PYSEC-2024-5

cdo-local-uuid project provides a specialized UUID-generating function that can, on user request, cause a program to generate deterministic UUIDs. An information leakage vulnerability is present in cdo-local-uuid at version 0.4.0, and in case-utils in unpatched versions matching the pattern 0.x.0...

2.8CVSS6.7AI score0.0041EPSS
Exploits1References15Affected Software1
CNNVD
CNNVD
added 2022/08/10 12:0 a.m.4 views

Spice 安全漏洞

Spice is an adaptive telepresence open source protocol used by enterprise virtualized desktop editions. The product is primarily used to connect users to their virtual desktops and is capable of delivering the exact same end-user experience as a physical desktop. A security vulnerability exists i...

5.9AI score
Exploits0References1
Positive Technologies
Positive Technologies
added 2019/07/17 12:0 a.m.6 views

PT-2019-12490 · Eclipse +2 · Eclipse Openj9 +2

Name of the Vulnerable Software and Affected Versions: Eclipse OpenJ9 versions prior to 0.15.0 Description: The issue concerns AIX builds of Eclipse OpenJ9, where unused RPATHs may facilitate code injection and privilege elevation by local users. This could allow a local attacker to gain elevated...

9.8CVSS7.9AI score0.09393EPSS
Exploits4References56
Rows per page
Query Builder