7862 matches found
CVE-2026-45298 Dozzle: Pre-auth SSRF with response-body reflection via POST /api/notifications/test-webhook (default no-auth deploy)
Dozzle is a realtime log viewer for docker containers. Prior to 10.5.2, in a default dozzle deploy the documented quickstart, no DOZZLEAUTHPROVIDER set, POST /api/notifications/test-webhook is reachable without authentication and forwards an attacker-controlled URL into a WebhookDispatcher that...
CVE-2026-47672
epa4all-client is the Java Client for epa4all / ePA 3.0 in the Telematik Infrastruktur. In 1.2.4 and earlier, any network-reachable caller can write arbitrary documents to any patient's electronic health record accessible by the institution's SMC-B card. In a misconfigured deployment e.g.,...
CVE-2026-47672 epa4all-client: Unauthenticated REST API for Patient Record Writes
epa4all-client is the Java Client for epa4all / ePA 3.0 in the Telematik Infrastruktur. In 1.2.4 and earlier, any network-reachable caller can write arbitrary documents to any patient's electronic health record accessible by the institution's SMC-B card. In a misconfigured deployment e.g.,...
CVE-2026-47672
CVE-2026-47672 affects the Java client epa4all-client for epa4all/ePA 3.0. In version 1.2.4 and earlier, a network-reachable caller can write arbitrary documents to any patient electronic health record (EHR) accessible by the institution’s SMC-B card. In misconfigured deployments (e.g., following...
CVE-2026-25112
A high-severity vulnerability in the deployment of Genetec RabbitMQ that allows a privilege escalation attack...
Important: Red Hat Security Advisory: Red Hat OpenShift GitOps v1.20.4 security update
Important: Red Hat OpenShift GitOps v1.20.4 security update An update is now available for Red Hat OpenShift GitOps. Bug Fixes and Enhancements: GITOPS-8784 Service-CA annotation removed from argocd-server Service during v1.12.3 - v1.12.4 upgrade path, persists in later versions GITOPS-9549...
CVE-2026-25112
A high-severity vulnerability in the deployment of Genetec RabbitMQ that allows a privilege escalation attack...
CVE-2026-25112
Technical details about CVE-2026-25112 are not publicly provided in the supplied documents; monitor for updates.
CVE-2026-25112
A high-severity vulnerability in the deployment of Genetec RabbitMQ that allows a privilege escalation attack...
CVE-2026-25112
A high-severity vulnerability in the deployment of Genetec RabbitMQ that allows a privilege escalation attack...
Malicious code in ranno (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a1366783d9cb87471f1b5cfeb806508ee83b2a58ded724f8ea45d8391f4f68bc The package's advertised API ex calls gn in ranno/gn.py, which POSTs the caller's prompt — and, when a data= argument is supplied, the absolute file...
CVE-2026-44468
The affected product creates a directory with insecure default permissions during administrative installation. This allows a low-privileged local attacker to modify a temporary file defining the components to be installed, enabling local privilege escalation by forcing the deployment of arbitrary...
CVE-2026-44468 Incorrect Default Permissions in CODESYS Development System
The affected product creates a directory with insecure default permissions during administrative installation. This allows a low-privileged local attacker to modify a temporary file defining the components to be installed, enabling local privilege escalation by forcing the deployment of arbitrary...
YKWriter
YKWriter 🔑💾 YKWriter is a lightweight Windows Forms utili...
A Surveillance Evasion Game with Continuous Sensor Redeployment Via Bilevel Optimization
Uncrewed Aerial Systems UASs have become a growing threat to the security of critical infrastructure, exploiting spatiotemporal gaps in sensor perimeters to infiltrate restricted airspace undetected. We formulate this interaction as a two-player zero-sum differential game between an adversarial U...
Genetec RabbitMQ 安全漏洞
Genetec RabbitMQ is a messaging queue service component provided by the American company Genetec. Genetec RabbitMQ has a security vulnerability, which stems from deployment issues and may lead to privilege escalation attacks...
PT-2026-43263
Name of the Vulnerable Software and Affected Versions Genetec RabbitMQ affected versions not specified Description A high-severity issue in the deployment of Genetec RabbitMQ that enables a privilege escalation attack, allowing an attacker to gain higher levels of permissions than intended...
PT-2026-43196
Name of the Vulnerable Software and Affected Versions CODESYS Development System affected versions not specified Description The software creates a directory with insecure default permissions during administrative installation. This allows a low-privileged local attacker to modify a temporary fil...
Exploit for CVE-2025-13673
CVE-2025-13673 — Tutor LMS SQL Injection Lab Unauthenticated...
web-app-security-lab
Vulnerable Web App — Attack & Defend Lab A deliberately-vulne...