Lucene search
K

6 matches found

OSV
OSV
added 2026/06/30 11:51 p.m.8 views

BIT-SEAWEEDFS-2026-54917 SeaweedFS: Path traversal in the S3 and Iceberg REST gateways allows cross-bucket access

SeaweedFS is a distributed storage system for object storage S3, file systems, and Iceberg tables. Prior to 4.30, the S3 API gateway and the Iceberg REST catalog gateway construct their routers with mux.NewRouter.SkipCleantrue. With path cleaning disabled, a .. segment inside the URL survives...

10CVSS5.8AI score0.00766EPSS
Exploits1References3
ATTACKERKB
ATTACKERKB
added 2026/06/25 6:41 p.m.14 views

CVE-2026-54917

SeaweedFS is a distributed storage system for object storage S3, file systems, and Iceberg tables. Prior to 4.30, the S3 API gateway and the Iceberg REST catalog gateway construct their routers with mux.NewRouter.SkipCleantrue. With path cleaning disabled, a .. segment inside the URL survives...

7.8CVSS5.9AI score0.00345EPSS
Exploits1References3Affected Software1
GithubExploit
GithubExploit
added 2024/12/28 1:5 a.m.95 views

Exploit for CVE-2024-7954

RCECVE-2024-7954- The porteplume plugin used by SPIP before...

9.8CVSS8.6AI score0.89947EPSS
Exploits10
CNNVD
CNNVD
added 2024/02/13 12:0 a.m.6 views

Cpanel::JSON::XS Security Vulnerability

Cpanel::JSON::XS is a tool for converting Perl data structures to JSON. A security vulnerability exists in the Cpanel::JSON::XS package prior to version 4.33 that could allow an attacker to obtain sensitive information or cause a denial of service DOS...

9.1CVSS6.5AI score0.00788EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2023/12/19 12:0 a.m.8 views

PT-2023-32753

Name of the Vulnerable Software and Affected Versions huggingface/transformers versions prior to 4.36.0 Description The issue is related to the deserialization of untrusted data in the huggingface/transformers GitHub repository. Recommendations For versions prior to 4.36.0, update to version 4.36...

9CVSS8.3AI score0.00921EPSS
Exploits1References13
OSV
OSV
added 2014/07/09 12:0 a.m.5 views

UBUNTU-CVE-2014-3480

The cdfcountchain function in cdf.c in file before 5.19, as used in the Fileinfo component in PHP before 5.4.30 and 5.5.x before 5.5.14, does not properly validate sector-count data, which allows remote attackers to cause a denial of service application crash via a crafted CDF file...

6.5CVSS7.2AI score0.11481EPSS
Exploits0References5
Rows per page
Query Builder