1193127 matches found
GNUnet P2P Framework 0.26.2
GNUnet is a peer-to-peer framework with focus on providing security. All peer-to-peer messages in the network are confidential and authenticated. The framework provides a transport abstraction layer and can currently encapsulate the network traffic in UDP IPv4 and IPv6, TCP IPv4 and IPv6, HTTP, o...
CVE-2026-16128 zevorn rt-claw http_request swarm.c receiver_thread server-side request forgery
A security flaw has been discovered in zevorn rt-claw up to 0.2.0. This impacts the function receiverthread of the file claw/services/swarm/swarm.c of the component httprequest. Performing a manipulation results in server-side request forgery. It is possible to initiate the attack remotely. The...
CVE-2026-16128 zevorn rt-claw http_request swarm.c receiver_thread server-side request forgery
A security flaw has been discovered in zevorn rt-claw up to 0.2.0. This impacts the function receiverthread of the file claw/services/swarm/swarm.c of the component httprequest. Performing a manipulation results in server-side request forgery. It is possible to initiate the attack remotely. The...
CVE-2026-16127
A vulnerability was identified in zevorn rt-claw up to 0.2.0. This affects the function clawnetget/clawnetpost of the file claw/tools/toolnet.c of the component httprequest. Such manipulation of the argument url leads to server-side request forgery. The attack may be performed from remote. The...
CVE-2026-16126
A vulnerability was determined in zevorn rt-claw up to 0.2.0. The impacted element is the function handlerpcrequest of the file claw/services/swarm/swarm.c of the component Swarm RPC Receiver. This manipulation causes incorrect authorization. The attack is possible to be carried out remotely. The...
CVE-2026-16125
A vulnerability was found in zevorn rt-claw up to 0.2.0. The affected element is the function clawnetget/clawnetpost of the file claw/services/tools/net.c of the component httprequest. The manipulation of the argument url results in server-side request forgery. The attack can be executed remotely...
CVE-2026-16124
A security vulnerability has been detected in nextlevelbuilder GoClaw up to 3.15.0-beta.32. This affects the function CheckSSRF/isPrivateIP of the file internal/tools/webshared.go of the component webfetch. Such manipulation leads to server-side request forgery. The attack can be launched remotel...
CVE-2026-16127 zevorn rt-claw http_request tool_net.c claw_net_post server-side request forgery
A vulnerability was identified in zevorn rt-claw up to 0.2.0. This affects the function clawnetget/clawnetpost of the file claw/tools/toolnet.c of the component httprequest. Such manipulation of the argument url leads to server-side request forgery. The attack may be performed from remote. The...
CVE-2026-16127
A vulnerability was identified in zevorn rt-claw up to 0.2.0. This affects the function clawnetget/clawnetpost of the file claw/tools/toolnet.c of the component httprequest. Such manipulation of the argument url leads to server-side request forgery. The attack may be performed from remote. The...
EUVD-2026-45388
A vulnerability was identified in zevorn rt-claw up to 0.2.0. This affects the function clawnetget/clawnetpost of the file claw/tools/toolnet.c of the component httprequest. Such manipulation of the argument url leads to server-side request forgery. The attack may be performed from remote. The...
CVE-2026-16126 zevorn rt-claw Swarm RPC Receiver swarm.c handle_rpc_request authorization
A vulnerability was determined in zevorn rt-claw up to 0.2.0. The impacted element is the function handlerpcrequest of the file claw/services/swarm/swarm.c of the component Swarm RPC Receiver. This manipulation causes incorrect authorization. The attack is possible to be carried out remotely. The...
CVE-2026-16126
A vulnerability was determined in zevorn rt-claw up to 0.2.0. The impacted element is the function handlerpcrequest of the file claw/services/swarm/swarm.c of the component Swarm RPC Receiver. This manipulation causes incorrect authorization. The attack is possible to be carried out remotely. The...
EUVD-2026-45387
A vulnerability was determined in zevorn rt-claw up to 0.2.0. The impacted element is the function handlerpcrequest of the file claw/services/swarm/swarm.c of the component Swarm RPC Receiver. This manipulation causes incorrect authorization. The attack is possible to be carried out remotely. The...
EUVD-2026-45378
A vulnerability was found in nextlevelbuilder GoClaw up to 3.13.2. This affects the function RequestApproval of the file internal/tools/execapproval.go of the component WebSocket Approval Endpoint. Performing a manipulation results in incorrect authorization. The attack is possible to be carried...
EUVD-2026-45382
A vulnerability was identified in nextlevelbuilder GoClaw up to 3.13.2. Affected is the function isSafeBin of the file internal/tools/execapproval.go. The manipulation leads to improper authorization. It is possible to initiate the attack remotely. The exploit is publicly available and might be...
EUVD-2026-45383
A security flaw has been discovered in nextlevelbuilder GoClaw up to 3.13.2. Affected by this vulnerability is the function extractBin/RequestApproval/matchesAllowlist of the file internal/tools/execapproval.go. The manipulation results in incorrect authorization. The exploit has been released to...
EUVD-2026-45377
A vulnerability was determined in nextlevelbuilder GoClaw up to 3.13.3-beta.3. This impacts the function matchesAllowlist/extractBin of the file internal/tools/execapproval.go. Executing a manipulation can lead to incorrectly-resolved name. The attack may be performed from remote. The exploit has...
EUVD-2026-45384
A weakness has been identified in nextlevelbuilder GoClaw up to 3.13.2. Affected by this issue is the function ToolsInvokeHandler.ServeHTTP of the file internal/http/toolsinvoke.go of the component Invoke Endpoint. This manipulation causes missing authorization. The attack can be initiated...
EUVD-2025-210485
SurrealDB versions before 2.2.2 contain a local file read vulnerability in the DEFINE ANALYZER statement that allows authenticated users to read arbitrary files on the file system. Attackers with root, namespace, or database level privileges can point analyzers to arbitrary file paths and...
EUVD-2026-45374
uproot dynamically generates Python class source code from ROOT TStreamerInfo records in a file and compiles it at runtime. Some file-controlled streamer metadata fields for example, streamer element names are interpolated into the generated Python source without safe quoting via repr or the !r...