Lucene search
K

1566 matches found

Snyk
Snyk
added 2026/05/29 3:40 p.m.10 views

Symlink Attack

Overview froxlor/froxlor is a server administration software. Affected versions of this package are vulnerable to Symlink Attack via the SshKeys::generateFiles process. An attacker can gain unauthorized root-level SSH access by creating a symbolic link from the customer-controlled...

8.8CVSS5.8AI score0.00366EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/05/29 12:0 a.m.14 views

PT-2026-44907

Name of the Vulnerable Software and Affected Versions Froxlor version 2.3.6 Description A symlink-following flaw exists in the root-owned SSH key synchronization path used for customer FTP users. The provisioning code appends public keys to /.ssh/authorized keys within a customer-controlled home...

8.8CVSS5.9AI score0.00366EPSS
Exploits0References8
Positive Technologies
Positive Technologies
added 2026/05/29 12:0 a.m.21 views

PT-2026-44938

Name of the Vulnerable Software and Affected Versions Dokploy versions prior to 0.26.6 Description Dokploy is a self-hostable Platform as a Service PaaS containing a path traversal issue. This allows authenticated users to write arbitrary files to the filesystem during application deployment. Whe...

9.9CVSS6.5AI score0.0066EPSS
Exploits0References4
OSV
OSV
added 2026/05/27 10:50 p.m.21 views

GHSA-2GV2-CFFP-J227 Kata guest escape: runtime-rs guest-root to host-root escape via virtiofs

Summary In the runtime-rs standalone virtio-fs path, verified here with QEMU and verified with Cloud Hypervisor too, Kata Containers runs host virtiofsd as root with: --sandbox none --seccomp none If an attacker has root-equivalent execution inside the Kata guest VM, they can send raw FUSE reques...

9.3CVSS6AI score0.00067EPSS
Exploits0References4
Github Security Blog
Github Security Blog
added 2026/05/27 10:50 p.m.16 views

Kata guest escape: runtime-rs guest-root to host-root escape via virtiofs

Summary In the runtime-rs standalone virtio-fs path, verified here with QEMU and verified with Cloud Hypervisor too, Kata Containers runs host virtiofsd as root with: --sandbox none --seccomp none If an attacker has root-equivalent execution inside the Kata guest VM, they can send raw FUSE reques...

6AI score0.00067EPSS
Exploits0References4Affected Software1
RedhatCVE
RedhatCVE
added 2026/05/27 8:13 p.m.12 views

CVE-2026-48593

Uncontrolled Resource Consumption vulnerability in oban-bg obanweb 'Elixir.Oban.Web.CronExpr' modules allows memory exhaustion via unbounded cron range expansion. An attacker with access to schedule cron jobs can submit a malicious cron expression such as "0 0 1-100000000 ". When a user with...

5.9CVSS5.8AI score0.00341EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/05/27 12:0 a.m.12 views

CVE-2026-37712

An issue in Dolibarr ERP/CRM v.22.0.0 through v.22.0.4 and v.24.0.0-alpha allows a remote attacker to execute arbitrary code via the htdocs/cron/class/cronjob.class.php, calluserfuncarray in function job type...

6.2AI score0.00384EPSS
Exploits0References2
NVD
NVD
added 2026/05/26 9:16 p.m.15 views

CVE-2026-48593

Uncontrolled Resource Consumption vulnerability in oban-bg obanweb 'Elixir.Oban.Web.CronExpr' modules allows memory exhaustion via unbounded cron range expansion. An attacker with access to schedule cron jobs can submit a malicious cron expression such as "0 0 1-100000000 ". When a user with...

5.9CVSS0.00341EPSS
Exploits0References4
Cvelist
Cvelist
added 2026/05/26 7:46 p.m.37 views

CVE-2026-48593 Unbounded range expansion in cron describe causes memory exhaustion in oban_web

Uncontrolled Resource Consumption vulnerability in oban-bg obanweb 'Elixir.Oban.Web.CronExpr' modules allows memory exhaustion via unbounded cron range expansion. An attacker with access to schedule cron jobs can submit a malicious cron expression such as "0 0 1-100000000 ". When a user with...

5.9CVSS0.00341EPSS
Exploits0References4
CVE
CVE
added 2026/05/26 7:46 p.m.23 views

CVE-2026-48593

CVE-2026-48593 describes an uncontrolled resource consumption in oban_web’s cron rendering. The issue arises in the Elixir CronExpr describe/1 rendering path where unbounded cron ranges (e.g., 1-100000000) are parsed by parse_range/1 without bounds checks, then expand_dom_parts/1 and expand_dow_p...

5.9CVSS5.8AI score0.00341EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2026/05/26 7:46 p.m.10 views

CVE-2026-48593 Unbounded range expansion in cron describe causes memory exhaustion in oban_web

Uncontrolled Resource Consumption vulnerability in oban-bg obanweb 'Elixir.Oban.Web.CronExpr' modules allows memory exhaustion via unbounded cron range expansion. An attacker with access to schedule cron jobs can submit a malicious cron expression such as "0 0 1-100000000 ". When a user with...

5.9CVSS5.8AI score0.00341EPSS
Exploits0References4
OSV
OSV
added 2026/05/26 7:46 p.m.12 views

EEF-CVE-2026-48593 Unbounded range expansion in cron describe causes memory exhaustion in oban_web

Summary Uncontrolled Resource Consumption vulnerability in oban-bg obanweb 'Elixir.Oban.Web.CronExpr' modules allows memory exhaustion via unbounded cron range expansion. An attacker with access to schedule cron jobs can submit a malicious cron expression such as "0 0 1-100000000 ". When a user...

5.9CVSS5.8AI score0.00341EPSS
Exploits0References4
ATTACKERKB
ATTACKERKB
added 2026/05/26 7:46 p.m.10 views

CVE-2026-48593

Uncontrolled Resource Consumption vulnerability in oban-bg obanweb 'Elixir.Oban.Web.CronExpr' modules allows memory exhaustion via unbounded cron range expansion. An attacker with access to schedule cron jobs can submit a malicious cron expression such as "0 0 1-100000000 ". When a user with...

5.9CVSS5.8AI score0.00341EPSS
Exploits0References5Affected Software1
Positive Technologies
Positive Technologies
added 2026/05/26 12:0 a.m.11 views

PT-2026-43408

Name of the Vulnerable Software and Affected Versions oban web versions 2.12.0 through 2.12.4 Description Uncontrolled Resource Consumption in the Elixir.Oban.Web.CronExpr module allows memory exhaustion through unbounded cron range expansion. An attacker with permissions to schedule cron jobs ca...

5.9CVSS5.8AI score0.00341EPSS
Exploits0References9
CNNVD
CNNVD
added 2026/05/26 12:0 a.m.10 views

Oban Web 安全漏洞

Oban Web is an embedded real-time backend task monitoring dashboard developed under the Oban Framework. Versions 2.12.0 to 2.12.5 of Oban Web contained a security vulnerability. This vulnerability stemmed from the unlimited cron range expansion in the Elixir.Oban.Web.CronExpr module, which could...

5.9CVSS5.8AI score0.00341EPSS
Exploits0References5
Github Security Blog
Github Security Blog
added 2026/05/23 12:17 a.m.15 views

Nezha Monitoring: RoleMember can run shell on every server (cross-tenant RCE) via POST /api/v1/cron

Summary nezha's dashboard supports two user roles: RoleAdmin Role==0 and RoleMember Role==1. The cron routes POST /api/v1/cron and PATCH /api/v1/cron/:id are wired through commonHandler any authenticated user rather than adminHandler, and the per-server permission check on cron creation has a...

9.9CVSS6AI score0.00339EPSS
Exploits1References3Affected Software1
OSV
OSV
added 2026/05/23 12:17 a.m.5 views

GHSA-99GV-2M7H-3HH9 Nezha Monitoring: RoleMember can run shell on every server (cross-tenant RCE) via POST /api/v1/cron

Summary nezha's dashboard supports two user roles: RoleAdmin Role==0 and RoleMember Role==1. The cron routes POST /api/v1/cron and PATCH /api/v1/cron/:id are wired through commonHandler any authenticated user rather than adminHandler, and the per-server permission check on cron creation has a...

9.9CVSS6AI score0.00339EPSS
Exploits1References3
OSV
OSV
added 2026/05/23 12:8 a.m.11 views

GHSA-RXF6-WJH4-JFJ6 Nezha Monitoring: RoleMember can fire other users' cron tasks via AlertRule.FailTriggerTasks (no ownership check)

Summary createAlertRule and createService and their update siblings accept FailTriggerTasks uint64 and RecoverTriggerTasks uint64 — IDs of cron tasks to fire when the alert/service trips. The validation function only validates the alert's Rules.Ignore server map; it never checks that the cron tas...

5.4CVSS5.9AI score0.00261EPSS
Exploits0References3
Github Security Blog
Github Security Blog
added 2026/05/23 12:8 a.m.20 views

Nezha Monitoring: RoleMember can fire other users' cron tasks via AlertRule.FailTriggerTasks (no ownership check)

Summary createAlertRule and createService and their update siblings accept FailTriggerTasks uint64 and RecoverTriggerTasks uint64 — IDs of cron tasks to fire when the alert/service trips. The validation function only validates the alert's Rules.Ignore server map; it never checks that the cron tas...

7.1CVSS5.9AI score0.00261EPSS
Exploits0References3Affected Software1
Positive Technologies
Positive Technologies
added 2026/05/23 12:0 a.m.15 views

PT-2026-42859

Name of the Vulnerable Software and Affected Versions Nezha Monitoring versions 1.4.0 through 2.0.7 Description An authenticated user with RoleMember privileges can trigger cron tasks belonging to other users, including administrators. This occurs because the system fails to verify the ownership ...

7.1CVSS5.3AI score0.00261EPSS
Exploits0References6
Rows per page
Query Builder