Lucene search
+L

6 matches found

OSV
OSV
added 2026/01/13 7:2 p.m.7 views

GHSA-562R-8445-54R2 ComfyUI-Manager is Vulnerable to CRLF Injection in Configuration Handler

Impact Vulnerability Type: CRLF Injection via ConfigParser An attacker can inject special characters into HTTP query parameters to add arbitrary configuration values to the config.ini file. This can lead to security setting tampering or modification of application behavior. Affected Users: Users...

7.5CVSS7.1AI score0.00311EPSS
Exploits0References5
Vulnrichment
Vulnrichment
added 2026/01/10 6:43 a.m.11 views

CVE-2026-22777 ComfyUI-Manager is Vulnerable to CRLF Injection in Configuration Handler

ComfyUI-Manager is an extension designed to enhance the usability of ComfyUI. Prior to versions 3.39.2 and 4.0.5, an attacker can inject special characters into HTTP query parameters to add arbitrary configuration values to the config.ini file. This can lead to security setting tampering or...

7.5CVSS6.6AI score0.00311EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2026/01/09 10:38 a.m.9 views

CVE-2017-12778

The UI Lock feature in qBittorrent version 3.3.15 is vulnerable to Authentication Bypass, which allows Attack to gain unauthorized access to qBittorrent functions by tampering the affected flag value of the config file at the C:\Users\Roaming\qBittorrent pathname. The attacker must change the...

7.1CVSS7AI score0.00478EPSS
Exploits1References1
CNNVD
CNNVD
added 2021/03/24 12:0 a.m.5 views

Cisco IOS XE Software 操作系统命令注入漏洞

Cisco IOS XE is a set of modular operating system based on Linux kernel developed by Cisco for its network equipment. A command injection vulnerability exists in the web UI of Cisco IOS XE. The vulnerability stems from the affected software not properly validating values parsed from a specific...

8.5CVSS7.4AI score0.02262EPSS
Exploits0References5
CVE
CVE
added 2019/05/09 4:38 p.m.90 views

CVE-2017-12778

CVE-2017-12778 concerns qBittorrent 3.3.15 UI Lock. The issue is an Authentication Bypass where an attacker with local access can gain access to qBittorrent functions by tampering the config file: set the 'locked' flag to 'false' inside the 'Locking' stanza (path: C:\Users\Roaming\qBittorrent). T...

7.1CVSS7AI score0.00478EPSS
Exploits1References3Affected Software1
OSV
OSV
added 2018/06/07 9:29 p.m.10 views

CVE-2018-0334

A vulnerability in the certificate management subsystem of Cisco AnyConnect Network Access Manager and of Cisco AnyConnect Secure Mobility Client for iOS, Mac OS X, Android, Windows, and Linux could allow an unauthenticated, remote attacker to bypass the TLS certificate check when downloading...

4.8CVSS5.8AI score0.00983EPSS
Exploits0References3
Rows per page
Query Builder