Lucene search
K

15 matches found

Vulnrichment
Vulnrichment
added 2026/03/30 3:15 p.m.2 views

CVE-2026-5123 osrg GoBGP bgp.go DecodeFromBytes off-by-one

A weakness has been identified in osrg GoBGP up to 4.3.0. This impacts the function DecodeFromBytes of the file pkg/packet/bgp/bgp.go. Executing a manipulation of the argument data1 can lead to off-by-one. The attack may be launched remotely. Attacks of this nature are highly complex. The...

6.3CVSS5.3AI score0.00409EPSS
Exploits0References6
Cvelist
Cvelist
added 2026/03/30 3:15 p.m.19 views

CVE-2026-5123 osrg GoBGP bgp.go DecodeFromBytes off-by-one

A weakness has been identified in osrg GoBGP up to 4.3.0. This impacts the function DecodeFromBytes of the file pkg/packet/bgp/bgp.go. Executing a manipulation of the argument data1 can lead to off-by-one. The attack may be launched remotely. Attacks of this nature are highly complex. The...

6.3CVSS0.00409EPSS
Exploits0References6
CVE
CVE
added 2026/03/30 3:15 p.m.27 views

CVE-2026-5123

Summary: CVE-2026-5123 affects osrg GoBGP up to version 4.3.0. It concerns the function DecodeFromBytes in pkg/packet/bgp/bgp.go, where manipulating the data[1] argument can trigger an off-by-one condition. The issue potentially allows a remote attacker, with a highly complex attack surface, to i...

6.3CVSS5.4AI score0.00409EPSS
Exploits0References6Affected Software1
Redos
Redos
added 2025/12/23 12:0 a.m.7 views

ROS-20251223-7309

Vulnerability in python3.11 related to incorrect validation of a specified index, position or offset in input data. Exploitation of the vulnerability could allow an attacker to cause a denial of service...

4.3CVSS6.7AI score0.00353EPSS
Exploits0
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2024-54910

Malicious code in bioql PyPI...

5.1CVSS6.6AI score0.0025EPSS
Exploits1References2
CNNVD
CNNVD
added 2025/08/25 12:0 a.m.4 views

Rebuild 安全漏洞

Rebuild is a highly customizable enterprise management system from getrebuild open source. A security vulnerability exists in Rebuild version v3.7.7, which stems from a server-side request forgery in the type parameter of the com.rebuild.web.admin.rbstore.RBStoreControllerloadDataIndex method...

5.1CVSS6.8AI score0.0025EPSS
Exploits1References3
OSV
OSV
added 2025/08/25 12:0 a.m.5 views

CVE-2024-46413

Rebuild v3.7.7 was discovered to contain a Server-Side Request Forgery SSRF via the type parameter in the com.rebuild.web.admin.rbstore.RBStoreControllerloadDataIndex method...

5.1CVSS7.3AI score0.0025EPSS
Exploits1References4
Cvelist
Cvelist
added 2025/08/25 12:0 a.m.7 views

CVE-2024-46413

Rebuild v3.7.7 was discovered to contain a Server-Side Request Forgery SSRF via the type parameter in the com.rebuild.web.admin.rbstore.RBStoreControllerloadDataIndex method...

0.0025EPSS
Exploits1References2
CVE
CVE
added 2025/08/25 12:0 a.m.15 views

CVE-2024-46413

CVE-2024-46413 concerns Rebuild v3.7.7, where the SSRF vulnerability is triggered via the type parameter in the com.rebuild.web.admin.rbstore.RBStoreController#loadDataIndex function. The issue originates in the RBStoreController loadDataIndex path and exposes the system to server-side requests t...

5.1CVSS7.6AI score0.0025EPSS
Exploits1References2Affected Software1
HackRead
HackRead
added 2025/05/19 7:11 p.m.18 views

DDoSecrets Adds 410GB of TeleMessage Breach Data to Index

DDoSecrets indexes 410GB of breached TeleMessage data, including messages and metadata, from hack tied to unsecured Signal clone used by US government officials...

7.3AI score
Exploits0
CNNVD
CNNVD
added 2023/04/24 12:0 a.m.8 views

alf.io 安全漏洞

alf.io is open source ticket reservation system. alfio-event A security vulnerability exists in alf.io versions prior to 2.0-M4-2304, which stems from alf.io not being properly authorized and containing an index of sensitive information...

8.8CVSS7.9AI score0.00859EPSS
Exploits1References4
Positive Technologies
Positive Technologies
added 2021/10/19 12:0 a.m.5 views

PT-2021-21377 · Unknown · Wordpress Popup

Name of the Vulnerable Software and Affected Versions: WordPress Popups, Welcome Bar, Optins and Lead Generation Plugin – Icegram versions = 2.0.2 Description: The issue concerns the headline input, specifically at the &message data16headline variable. This input is vulnerable, potentially allowi...

5.4CVSS5.4AI score0.00552EPSS
Exploits0References4
Microsoft CVE
Microsoft CVE
added 2021/05/15 7:0 a.m.2 views

A flaw was found in the Linux kernel in versions before 5.12. The value of internal.ndata in the KVM API is mapped to an array index which can be updated by a user process at anytime which could lead to an out-of-bounds write. The highest threat from this vulnerability is to data integrity and system availability.

...

7.1CVSS8.8AI score0.00374EPSS
Exploits0
OSV
OSV
added 2019/07/10 10:15 p.m.3 views

CVE-2019-13489

Trape through 2019-05-08 has SQL injection via the data2 variable in core/db.py, as demonstrated by the /bs t parameter...

9.8CVSS7.3AI score0.01432EPSS
Exploits0References1
myhack58
myhack58
added 2014/07/12 12:0 a.m.14 views

the elasticsearch exploit tool kit-vulnerability warning-the black bar safety net

ElasticSearch is based on Lucene to build the open source, distributed, RESTful search engine. Designed for cloud computing, it is possible to achieve real-time search, stable, reliable, fast, install easy to use. Support through HTTP using the JSON data index. ! Please do not used for illegal...

7.2AI score
Exploits0
Rows per page
Query Builder