Lucene search
+L

11 matches found

RedhatCVE
RedhatCVE
added 2026/04/29 8:48 p.m.13 views

CVE-2026-24231

NVIDIA NemoClaw contains a vulnerability in the validateEndpointUrl SSRF protection component, where an attacker could cause a server-side request forgery by supplying a crafted endpoint URL referencing the 0.0.0.0/8 address range through a blueprint configuration file or CLI flag. A successful...

6.3CVSS5.3AI score0.00129EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2022-3236

Malicious code in bioql PyPI...

4CVSS6.3AI score0.02109EPSS
Exploits1References17
Tenable Nessus
Tenable Nessus
added 2025/08/30 12:0 a.m.4 views

Linux Distros Unpatched Vulnerability : CVE-2022-3031

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue has been discovered in GitLab CE/EE affecting all versions before 15.1.6, all versions starting from 15.2 before 15.2.4, all versions starting from 15....

7.5CVSS7.1AI score0.00505EPSS
Exploits0References2
CNNVD
CNNVD
added 2023/11/30 12:0 a.m.4 views

Symbolicator Code Issue Vulnerability

Symbolicator is a symbol service for native stack traces and small dumps with symbol server support. A code issue vulnerability exists in Symbolicator versions 0.3.3 through 23.11.2, which stems from the fact that an attacker can use a specially crafted HTTP endpoint to allow Symbolicator to send...

4.3CVSS7.1AI score0.00705EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2023/11/30 12:0 a.m.9 views

PT-2023-31052 · Unknown · Symbolicator

Name of the Vulnerable Software and Affected Versions: Symbolicator versions prior to 23.11.2 Description: The issue allows an attacker to make Symbolicator send arbitrary GET HTTP requests to internal IP addresses by using a specially crafted HTTP endpoint. The response could be reflected to the...

4.3CVSS4.5AI score0.00705EPSS
Exploits0References6
SUSE CVE
SUSE CVE
added 2023/02/15 5:6 a.m.12 views

SUSE CVE-2016-2184

The createfixedstreamquirk function in sound/usb/quirks.c in the snd-usb-audio driver in the Linux kernel before 4.5.1 allows physically proximate attackers to cause a denial of service NULL pointer dereference or double free, and system crash via a crafted endpoints value in a USB device...

4.6CVSS7.5AI score0.01946EPSS
Exploits2References14
OSV
OSV
added 2016/05/02 12:0 a.m.6 views

UBUNTU-CVE-2016-2186

The powermateprobe function in drivers/input/misc/powermate.c in the Linux kernel before 4.5.1 allows physically proximate attackers to cause a denial of service NULL pointer dereference and system crash via a crafted endpoints value in a USB device descriptor...

4.6CVSS6.6AI score0.00796EPSS
Exploits2References17
OSV
OSV
added 2016/04/27 12:0 a.m.3 views

UBUNTU-CVE-2016-2184

The createfixedstreamquirk function in sound/usb/quirks.c in the snd-usb-audio driver in the Linux kernel before 4.5.1 allows physically proximate attackers to cause a denial of service NULL pointer dereference or double free, and system crash via a crafted endpoints value in a USB device...

4.6CVSS6.6AI score0.01946EPSS
Exploits2References15
UbuntuCve
UbuntuCve
added 2015/10/21 6:59 p.m.28 views

CVE-2015-4717

The filename sanitization component in ownCloud Server before 6.0.8, 7.0.x before 7.0.6, and 8.0.x before 8.0.4 does not properly handle $GET parameters cast by PHP to an array, which allows remote attackers to cause a denial of service infinite loop and log file consumption via crafted endpoint...

7.8CVSS5.9AI score0.02832EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2014/10/02 12:0 a.m.3 views

PT-2014-5425

Name of the Vulnerable Software and Affected Versions OpenStack Identity Keystone versions prior to 2013.2.3 OpenStack Identity Keystone versions 2014.1 prior to 2014.1.2.1 Description The issue allows remote authenticated users to read sensitive configuration options via a crafted endpoint. This...

4CVSS6AI score0.02109EPSS
Exploits1References27
UbuntuCve
UbuntuCve
added 2014/10/02 12:0 a.m.28 views

CVE-2014-3621

The catalog url replacement in OpenStack Identity Keystone before 2013.2.3 and 2014.1 before 2014.1.2.1 allows remote authenticated users to read sensitive configuration options via a crafted endpoint, as demonstrated by "$admintoken" in the publicurl endpoint field...

4CVSS5.9AI score0.02109EPSS
Exploits1References3
Rows per page
Query Builder