Lucene search
K

12 matches found

OSV
OSV
added 2026/06/04 5:43 p.m.7 views

GHSA-64CJ-QVX5-M4F3 Nhost CLI local configserver allows cross-origin unauthenticated read/write access to local development configuration and secrets

Summary The hidden nhost configserver used by nhost dev exposes the Mimir GraphQL API with dummy authorization directives and permissive CORS. When a developer is running the local development environment, any process that can reach the developer's localhost service, including a web page loaded...

5.4CVSS5.9AI score0.00033EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2026/06/04 12:0 a.m.17 views

PT-2026-46881

Name of the Vulnerable Software and Affected Versions Nhost CLI affected versions not specified Description The hidden configserver used by nhost dev exposes the Mimir GraphQL API with permissive CORS and dummy authorization directives. This allows any process capable of reaching the developer's...

5.4CVSS6AI score0.00033EPSS
Exploits0References7
Positive Technologies
Positive Technologies
added 2026/06/04 12:0 a.m.22 views

PT-2026-46848

Summary The hidden nhost configserver used by nhost dev exposes the Mimir GraphQL API with dummy authorization directives and permissive CORS. When a developer is running the local development environment, any process that can reach the developer's localhost service, including a web page loaded...

5.4CVSS5.9AI score
Exploits0References6
vulnersOsv
vulnersOsv
added 2026/05/07 6:31 a.m.7 views

org.apereo.cas:cas-server-support-configuration-cloud-amqp (>=8.0.0-RC1 <=8.0.0-RC4), org.apereo.cas:cas-server-webapp-init-config-server (>=8.0.0-RC1 <=8.0.0-RC4) +2 more potentially affected by CVE-2026-40982 via org.springframework.cloud:spring-cloud-config-server (>=5.0.0 <=5.0.2)

org.springframework.cloud:spring-cloud-config-server MAVEN version =5.0.0, =8.0.0-RC1, =8.0.0-RC1, =5.0.0, =5.0.0, =5.0.1 Source cves: CVE-2026-40982 Source advisory: OSV:GHSA-6G23-24MC-HX6X...

9.1CVSS5.8AI score0.00727EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2026/05/06 12:0 a.m.11 views

org.apereo.cas:cas-server-support-configuration-cloud-amqp (>=8.0.0-RC1 <=8.0.0-RC4), org.apereo.cas:cas-server-webapp-init-config-server (>=8.0.0-RC1 <=8.0.0-RC4) +3 more potentially affected by CVE-2026-40982 via org.springframework.cloud:spring-cloud-config-server (>=5.0.0-M1 <=5.0.2)

org.springframework.cloud:spring-cloud-config-server MAVEN version =5.0.0-M1, =8.0.0-RC1, =8.0.0-RC1, =5.0.0, =5.0.0, =5.0.1 Source cves: CVE-2026-40982 Source advisory: SNYK:JAVA-ORGSPRINGFRAMEWORKCLOUD-16439043...

9.1CVSS5.8AI score0.00727EPSS
Exploits0
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2011-4938

Malware in sbrugna...

4.4CVSS6.4AI score0.00744EPSS
Exploits1References5
RedHat Linux
RedHat Linux
added 2013/02/21 6:53 p.m.4 views

Configserver: Passwords from application blueprint stored plaintext in configserver.log

Aeolus Configuration Server, as used in Red Hat CloudForms Cloud Engine before 1.1.2, uses world-readable permissions for /var/log/aeolus-configserver/configserver.log, which allows local users to read plaintext passwords by reading the log file...

2.1CVSS5.8AI score0.00474EPSS
Exploits1References4
NVD
NVD
added 2011/12/29 10:55 p.m.27 views

CVE-2011-5033

Stack-based buffer overflow in CFS.c in ConfigServer Security & Firewall CSF before 5.43, when running on a DirectAdmin server, allows local users to cause a denial of service crash via a long string in an admin.list file...

4.4CVSS6.6AI score0.00744EPSS
Exploits1References4
Prion
Prion
added 2011/12/29 10:55 p.m.19 views

Stack overflow

Stack-based buffer overflow in CFS.c in ConfigServer Security & Firewall CSF before 5.43, when running on a DirectAdmin server, allows local users to cause a denial of service crash via a long string in an admin.list file...

4.4CVSS7.2AI score0.00744EPSS
Exploits1References4Affected Software1
CVE
CVE
added 2011/12/29 10:0 p.m.46 views

CVE-2011-5033

ConfigServer Security & Firewall (CSF) contains a stack-based buffer overflow in CFS.c affecting CSF before 5.43 when run on a DirectAdmin server. Local users can crash the service by supplying a long string in the admin.list file, per CVE-2011-5033. The vulnerability details are supported by mul...

4.4CVSS6.8AI score0.00744EPSS
Exploits1References4Affected Software1
exploitpack
exploitpack
added 2011/12/09 12:0 a.m.17 views

CSF Firewall - Buffer Overflow (PoC)

CSF Firewall - Buffer Overflow PoC / Exploit Title: CSF Firewall Buffer overflow p0c DownLoaD : http://www.configserver.com/free/csf.tgz Date: 2011-12-09 Author: FoX HaCkEr site : www.sec4ever.com MaiL : [email protected] Tested on: CentOS3/4...

1AI score
Exploits0
0day.today
0day.today
added 2011/12/09 12:0 a.m.18 views

CSF Firewall Buffer Overflow

Exploit for linux platform in category dos / poc Exploit Title: CSF Firewall Buffer overflow p0c DownLoaD : http://www.configserver.com/free/csf.tgz Date: 2011-12-09 Author: FoX HaCkEr site : www.sec4ever.com MaiL : email protected Tested on: CentOS3/4...

7AI score
Exploits0
Rows per page
Query Builder