Lucene search
K

28 matches found

RedhatCVE
RedhatCVE
added 2026/06/09 8:59 p.m.9 views

CVE-2026-25855

OpenBullet2 through version 0.3.2 contains a remote code execution vulnerability that allows authenticated users to execute arbitrary commands by uploading script files .bat.ps1.sh through the FileProxySource proxy loading feature. Attackers can upload malicious script files as proxy sources,...

8.8CVSS6.7AI score0.0057EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/08 4:49 p.m.10 views

EUVD-2026-35134

OpenBullet2 through version 0.3.2 contains a remote code execution vulnerability that allows authenticated users to execute arbitrary commands by uploading script files .bat.ps1.sh through the FileProxySource proxy loading feature. Attackers can upload malicious script files as proxy sources,...

8.8CVSS6.7AI score0.0057EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/06/08 4:49 p.m.40 views

CVE-2026-25855 OpenBullet2 0.3.2 Authenticated RCE via FileProxySource Script Upload

OpenBullet2 through version 0.3.2 contains a remote code execution vulnerability that allows authenticated users to execute arbitrary commands by uploading script files .bat.ps1.sh through the FileProxySource proxy loading feature. Attackers can upload malicious script files as proxy sources,...

8.8CVSS0.0057EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/06/08 4:49 p.m.6 views

CVE-2026-25855

OpenBullet2 through version 0.3.2 contains a remote code execution vulnerability that allows authenticated users to execute arbitrary commands by uploading script files .bat.ps1.sh through the FileProxySource proxy loading feature. Attackers can upload malicious script files as proxy sources,...

8.8CVSS6.7AI score0.0057EPSS
Exploits0References3Affected Software1
Positive Technologies
Positive Technologies
added 2026/06/08 12:0 a.m.13 views

PT-2026-47342

OpenBullet2 through version 0.3.2 contains a remote code execution vulnerability that allows authenticated users to execute arbitrary commands by uploading script files .bat.ps1.sh through the FileProxySource proxy loading feature. Attackers can upload malicious script files as proxy sources,...

8.8CVSS6.7AI score0.0057EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2020-18736

Malware in sbrugna...

7.5CVSS7.5AI score0.01313EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.3 views

EUVD-2013-4066

Malware in sbrugna...

5CVSS6.4AI score0.01553EPSS
Exploits0References5
EUVD
EUVD
added 2025/10/03 8:7 p.m.2 views

EUVD-2025-11452

Malicious code in bioql PyPI...

5.9CVSS6.6AI score0.00288EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2025/04/26 6:22 a.m.6 views

CVE-2025-3734

Allocation of Resources Without Limits or Throttling vulnerability in Drupal Stage File Proxy allows Flooding.This issue affects Stage File Proxy: from 0.0.0 before 3.1.5...

5.9CVSS7AI score0.00288EPSS
Exploits0References3
NVD
NVD
added 2025/04/16 5:15 p.m.8 views

CVE-2025-3734

Allocation of Resources Without Limits or Throttling vulnerability in Drupal Stage File Proxy allows Flooding.This issue affects Stage File Proxy: from 0.0.0 before 3.1.5...

5.9CVSS0.00288EPSS
Exploits0References1
OSV
OSV
added 2025/04/16 5:15 p.m.5 views

CVE-2025-3734

Allocation of Resources Without Limits or Throttling vulnerability in Drupal Stage File Proxy allows Flooding.This issue affects Stage File Proxy: from 0.0.0 before 3.1.5...

5.9CVSS5.8AI score
Exploits0References1
Cvelist
Cvelist
added 2025/04/16 4:31 p.m.11 views

CVE-2025-3734 Stage File Proxy - Moderately critical - Denial of Service - SA-CONTRIB-2025-035

Allocation of Resources Without Limits or Throttling vulnerability in Drupal Stage File Proxy allows Flooding.This issue affects Stage File Proxy: from 0.0.0 before 3.1.5...

0.00288EPSS
Exploits0References1
CVE
CVE
added 2025/04/16 4:31 p.m.49 views

CVE-2025-3734

CVE-2025-3734 describes an instance of uncontrolled resource allocation in the Drupal Stage File Proxy module. The issue allows flooding and potential Denial of Service because the module does not enforce limits/throttling on resource usage, leading to exhaustion under load. Affected versions are...

5.9CVSS6.6AI score0.00288EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2025/04/16 4:31 p.m.6 views

CVE-2025-3734 Stage File Proxy - Moderately critical - Denial of Service - SA-CONTRIB-2025-035

Allocation of Resources Without Limits or Throttling vulnerability in Drupal Stage File Proxy allows Flooding.This issue affects Stage File Proxy: from 0.0.0 before 3.1.5...

5.8AI score0.00288EPSS
Exploits0References1
OSV
OSV
added 2025/04/16 4:25 p.m.5 views

DRUPAL-CONTRIB-2025-035

Stage File Proxy is a general solution for getting production files on a development server on demand. The module doesn't sufficiently validate the existence of remote files prior to attempting to download and create them. An attacker could send many requests and exhaust disk resources. This...

5.9CVSS6.7AI score0.00288EPSS
Exploits0References1
Patchstack
Patchstack
added 2025/04/16 12:0 a.m.6 views

Drupal Stage File Proxy module < 3.1.5 - Unauthenticated Denial of Service Attack vulnerability

Unauthenticated Denial of Service Attack vulnerability discovered by Ide Braakman idebr in WordPress Module Stage File Proxy versions 3.1.5...

5.9CVSS7AI score0.00288EPSS
Exploits0References1Affected Software1
Positive Technologies
Positive Technologies
added 2025/04/16 12:0 a.m.4 views

PT-2025-16798 · Drupal · Drupal Stage File Proxy

Name of the Vulnerable Software and Affected Versions: Drupal Stage File Proxy versions 0.0.0 through 3.1.4 Description: The issue is related to the allocation of resources without limits or throttling in Drupal Stage File Proxy, allowing flooding. Recommendations: For versions 0.0.0 through 3.1....

5.9CVSS6.4AI score0.00288EPSS
Exploits0References5
Drupal
Drupal
added 2025/04/16 12:0 a.m.7 views

Stage File Proxy - Moderately critical - Denial of Service - SA-CONTRIB-2025-035

Stage File Proxy is a general solution for getting production files on a development server on demand. The module doesn't sufficiently validate the existence of remote files prior to attempting to download and create them. An attacker could send many requests and exhaust disk resources. This...

5.9CVSS5.8AI score0.00288EPSS
Exploits0References2
CNNVD
CNNVD
added 2025/04/16 12:0 a.m.3 views

Drupal Stage File Proxy 安全漏洞

Drupal Stage File Proxy is a Drupal module for the Drupal community. A security vulnerability exists in Drupal Stage File Proxy versions prior to 3.1.5, which stems from an unrestricted resource allocation and could lead to a flood attack...

5.9CVSS6.6AI score0.00288EPSS
Exploits0References3
OSV
OSV
added 2024/12/18 7:24 p.m.3 views

CVE-2024-49363 Uncontrolled Recursion and Asymmetric Resource Consumption (Amplification) in media/file proxy in Misskey

Misskey is an open source, federated social media platform. In affected versions FileServerService media proxy in github.com/misskey-dev/misskey 2024.10.1 or earlier did not detect proxy loops, which allows remote actors to execute a self-propagating reflected/amplified distributed...

7.4CVSS7.1AI score0.00305EPSS
Exploits0References3
Rows per page
Query Builder