Lucene search
K

19 matches found

RedhatCVE
RedhatCVE
added 2026/01/09 9:15 a.m.9 views

CVE-2022-38179

JetBrains Ktor before 2.1.0 was vulnerable to the Reflect File Download attack...

6.1CVSS6.8AI score0.00401EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2023-24256

Malicious code in bioql PyPI...

6.5CVSS6.5AI score0.00839EPSS
Exploits0References1
IBM Security Bulletins
IBM Security Bulletins
added 2025/07/09 7:26 a.m.7 views

Security Bulletin: IBM Maximo Application Suite Ai-Service Component uses an application is vulnerable to a reflected file download (RFD) attack.

Summary Security Bulletin: IBM Maximo Application Suite Ai-Service Component uses an application is vulnerable to a reflected file download RFD attack.The filename is derived from user-supplied input but sanitized by the application. Vulnerability Details CVEID:CVE-2025-41234 DESCRIPTION:...

6.5CVSS6.5AI score0.00533EPSS
Exploits0Affected Software1
RedhatCVE
RedhatCVE
added 2025/05/22 9:53 p.m.8 views

CVE-2022-36359

An issue was discovered in the HTTP FileResponse class in Django 3.2 before 3.2.15 and 4.0 before 4.0.7. An application is vulnerable to a reflected file download RFD attack that sets the Content-Disposition header of a FileResponse when the filename is derived from user-supplied input...

8.8CVSS6.5AI score0.00654EPSS
Exploits0
OSV
OSV
added 2023/04/18 4:16 a.m.3 views

USN-6010-2 firefox regressions

USN-6010-1 fixed vulnerabilities in Firefox. The update introduced several minor regressions. This update fixes the problem. We apologize for the inconvenience. Original advisory details: Multiple security issues were discovered in Firefox. If a user were tricked into opening a specially crafted...

6.1AI score
Exploits0References2
RedHat Linux
RedHat Linux
added 2023/02/28 8:7 a.m.34 views

Moderate: Red Hat Security Advisory: pcs security update

An update for pcs is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CV...

8.8CVSS6.8AI score0.00642EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2023/02/28 12:0 a.m.28 views

AlmaLinux 9 : pcs (ALSA-2023:0974)

The remote AlmaLinux 9 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2023:0974 advisory. - Sinatra is a domain-specific language for creating web applications in Ruby. An issue was discovered in Sinatra 2.0 before 2.2.3 and 3.0 before 3.0.4. An...

8.8CVSS7.1AI score0.00642EPSS
Exploits1References2
Rockylinux
Rockylinux
added 2023/02/22 1:8 a.m.34 views

pcs security update

An update is available for pcs. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The pcs packages provide a command-line configuration system for the Pacemaker an...

8.8CVSS8.5AI score0.00642EPSS
Exploits1
RedHat Linux
RedHat Linux
added 2023/02/21 9:0 a.m.20 views

Moderate: Red Hat Security Advisory: pcs security update

An update for pcs is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CV...

8.8CVSS6.8AI score0.00642EPSS
Exploits1References2
RedHat Linux
RedHat Linux
added 2023/01/30 2:42 p.m.35 views

Moderate: Red Hat Security Advisory: pcs security update

An update for pcs is now available for Red Hat Enterprise Linux 9.0 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

8.8CVSS6.8AI score0.00642EPSS
Exploits1References2
RedHat Linux
RedHat Linux
added 2023/01/30 2:32 p.m.42 views

Moderate: Red Hat Security Advisory: pcs security update

An update for pcs is now available for Red Hat Enterprise Linux 8.4 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

8.8CVSS6.8AI score0.00642EPSS
Exploits1References2
RedHat Linux
RedHat Linux
added 2023/01/24 8:47 a.m.38 views

Moderate: Red Hat Security Advisory: pcs security update

An update for pcs is now available for Red Hat Enterprise Linux 8.2 Advanced Update Support, Red Hat Enterprise Linux 8.2 Telecommunications Update Service, and Red Hat Enterprise Linux 8.2 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impa...

8.8CVSS6.8AI score0.00642EPSS
Exploits1References2
Vulnrichment
Vulnrichment
added 2022/11/28 12:0 a.m.2 views

CVE-2022-45442 Sinatra vulnerable to Reflected File Download attack

Sinatra is a domain-specific language for creating web applications in Ruby. An issue was discovered in Sinatra 2.0 before 2.2.3 and 3.0 before 3.0.4. An application is vulnerable to a reflected file download RFD attack that sets the Content-Disposition header of a response when the filename is...

8.8CVSS7AI score0.00642EPSS
Exploits1References5
CVE
CVE
added 2022/08/03 12:0 a.m.155 views

CVE-2022-36359

The vulnerability CVE-2022-36359 affects the Django HTTP FileResponse class, with Django 3.2 before 3.2.15 and 4.0 before 4.0.7 vulnerable to a reflected file download (RFD) attack. The attack can occur when the filename is derived from user-supplied input, as it sets the Content-Disposition head...

8.8CVSS8.3AI score0.00654EPSS
Exploits0References8Affected Software1
CNVD
CNVD
added 2021/01/22 12:0 a.m.8 views

Cisco Data Center Network Manager Input Validation Error Vulnerability (CNVD-2021-09305)

Cisco Data Center Network Manager DCNM is a data center management system from Cisco. The system works with Cisco Nexus and MDS series switches and provides storage visualization, configuration, and troubleshooting. An input validation error vulnerability exists in Cisco Data Center Network...

6.5CVSS5.9AI score0.00614EPSS
Exploits0References1
Prion
Prion
added 2020/01/17 12:15 a.m.41 views

Input validation

In Spring Framework, versions 5.2.x prior to 5.2.3, versions 5.1.x prior to 5.1.13, and versions 5.0.x prior to 5.0.16, an application is vulnerable to a reflected file download RFD attack when it sets a "Content-Disposition" header in the response where the filename attribute is derived from use...

7.6CVSS8.2AI score0.88077EPSS
Exploits2References44Affected Software31
Positive Technologies
Positive Technologies
added 2020/01/16 12:0 a.m.13 views

PT-2020-2651 · Oracle +2 · Oracle Retail Order Broker +2

Name of the Vulnerable Software and Affected Versions: Spring Framework versions 5.0.x prior to 5.0.16 Spring Framework versions 5.1.x prior to 5.1.13 Spring Framework versions 5.2.x prior to 5.2.3 Oracle Retail Order Broker affected versions not specified Description: The issue exists due to...

9.8CVSS7.2AI score0.88077EPSS
Exploits24References526
Atlassian
Atlassian
added 2013/04/16 3:39 a.m.23 views

ResolveURLServlet pre-auth arbitrary file download vulnerability

The ResolveURLServlet Servlet is vulnerable to an arbitrary file download attack. As the Servlet doesn’t implement its own authorization checks, this can be exploited anonymously. By taking an attacker controlled url parameter and using this in a call to URLConnection.openConnection, an attacker...

0.7AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2009/10/29 12:0 a.m.38 views

Firefox < 3.0.15 Multiple Vulnerabilities

The installed version of Firefox is earlier than 3.0.15. Such versions are potentially affected by the following security issues : - It may be possible for a malicious web page to steal form history. MFSA 2009-52 - By predicting the filename of an already downloaded file in the downloads director...

10CVSS7.3AI score0.28167EPSS
Exploits52References21
Rows per page
Query Builder