102 matches found
CVE-2026-46484
Headplane is a feature-complete Web UI for Headscale. Prior to versions 0.6.3 and 0.7.0-beta.3, Headplane was vulnerable to a path traversal / authorization bypass in the Headscale API client used by node and user rename operations. This issue has been patched in versions 0.6.3 and 0.7.0-beta.3...
EUVD-2026-35193
Headplane is a feature-complete Web UI for Headscale. Prior to versions 0.6.3 and 0.7.0-beta.3, Headplane was vulnerable to a path traversal / authorization bypass in the Headscale API client used by node and user rename operations. This issue has been patched in versions 0.6.3 and 0.7.0-beta.3...
CVE-2026-46484 Headplane: Path Traversal + RBAC Bypass in renameNode allows authenticated OIDC users to expire or rename any node/user
Headplane is a feature-complete Web UI for Headscale. Prior to versions 0.6.3 and 0.7.0-beta.3, Headplane was vulnerable to a path traversal / authorization bypass in the Headscale API client used by node and user rename operations. This issue has been patched in versions 0.6.3 and 0.7.0-beta.3...
CVE-2026-46484
Headplane is a feature-complete Web UI for Headscale. Prior to versions 0.6.3 and 0.7.0-beta.3, Headplane was vulnerable to a path traversal / authorization bypass in the Headscale API client used by node and user rename operations. This issue has been patched in versions 0.6.3 and 0.7.0-beta.3...
1g6table (=0.1.0), 7qb (=0.0.17) +1363 more potentially affected by unknown CVE via @antv/matrix-util (>=3.0.4 <=3.1.0-beta.3)
@antv/matrix-util NPM version =3.0.4, =1.1.0, =0.1.1, =0.1.1, =0.1.0, =0.0.2, =0.1.2, =0.9.1, =1.0.0, =0.2.0, =1.1.15, =1.0.4, =2.1.0 and more Source cves: unknown CVE Source advisory: SNYK:JS-ANTVMATRIXUTIL-16754473...
SUSE CVE-2026-35392
goshs is a SimpleHTTPServer written in Go. Prior to 2.0.0-beta.3, PUT upload in httpserver/updown.go has no path sanitization. This vulnerability is fixed in 2.0.0-beta.3...
CVE-2026-35471
goshs is a SimpleHTTPServer written in Go. Prior to 2.0.0-beta.3, tdeleteFile missing return after path traversal check. This vulnerability is fixed in 2.0.0-beta.3...
CVE-2026-35471 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') in goshs
goshs is a SimpleHTTPServer written in Go. Prior to 2.0.0-beta.3, tdeleteFile missing return after path traversal check. This vulnerability is fixed in 2.0.0-beta.3...
CVE-2026-35393
goshs is a SimpleHTTPServer written in Go. Prior to 2.0.0-beta.3, the POST multipart upload directory not sanitized. This vulnerability is fixed in 2.0.0-beta.3...
CVE-2026-35392
goshs is a SimpleHTTPServer written in Go. Prior to 2.0.0-beta.3, PUT upload in httpserver/updown.go has no path sanitization. This vulnerability is fixed in 2.0.0-beta.3...
goshs 路径遍历漏洞
Goshs is a simple HTTP server developed by Patrick Hener using Go language. Versions of Goshs prior to 2.0.0-beta.3 contained a path traversal vulnerability. This vulnerability stemmed from the lack of cleaning up POST multipart upload directories, which could lead to path traversal attacks...
Missing Authentication for Critical Function
Overview signalk-server is an An implementation of a Signal K server for boats. Affected versions of this package are vulnerable to Missing Authentication for Critical Function via the PUT /signalk/v1/api/sourcePriorities endpoint, which lacks authentication and directly assigns user input to...
CVE-2026-33036
fast-xml-parser allows users to process XML from JS object without C/C++ based libraries or callbacks. Versions 4.0.0-beta.3 through 5.5.5 contain a bypass vulnerability where numeric character references &NNN;, &xHH; and standard XML entities completely evade the entity expansion limits e.g.,...
CVE-2023-43797
BigBlueButton is an open-source virtual classroom. Prior to versions 2.6.11 and 2.7.0-beta.3, Guest Lobby was vulnerable to cross-site scripting when users wait to enter the meeting due to inserting unsanitized messages to the element using unsafe innerHTML. Text sanitizing was added for lobby...
EUVD-2008-2849
Malware in sbrugna...
EUVD-2008-2848
Malware in sbrugna...
EUVD-2005-1142
Malware in sbrugna...
EUVD-1999-1250
Malware in sbrugna...
EUVD-2018-1911
Malware in sbrugna...
EUVD-2006-5064
Malware in sbrugna...