Lucene search
K

4 matches found

OSV
OSV
added 2026/02/13 6:10 p.m.4 views

CVE-2026-21878 BACnet Stack Improperly Limits Pathnames to a Restricted Directory

BACnet Stack is a BACnet open source protocol stack C library for embedded systems. Prior to 1.5.0.rc3, a vulnerability has been discovered in BACnet Stack's file writing functionality where there is no validation of user-provided file paths, allowing attackers to write files to arbitrary...

7.5CVSS5.7AI score0.00356EPSS
Exploits1References4
UbuntuCve
UbuntuCve
added 2026/01/22 10:16 p.m.5 views

CVE-2026-23831

Rekor is a software supply chain transparency log. In versions 1.4.3 and below, the entry implementation can panic on attacker-controlled input when canonicalizing a proposed entry with an empty spec.message, causing nil Pointer Dereference. Function validate returns nil success when message is...

5.3CVSS5.8AI score0.00384EPSS
Exploits0References4
Cvelist
Cvelist
added 2026/01/22 3:43 a.m.25 views

CVE-2026-24039 Horilla's Improper Access Control Allows Employees to Auto-Approve Documents

Horilla is a free and open source Human Resource Management System HRMS. Version 1.4.0 has Improper Access Control, allowing low-privileged employees to self-approve documents they have uploaded. The document-approval UI is intended to be restricted to administrator or high-privilege roles only;...

4.3CVSS0.00246EPSS
Exploits1References2
OSV
OSV
added 2024/06/06 7:16 p.m.16 views

PYSEC-2024-110

A sensitive data leakage vulnerability was identified in scikit-learn's TfidfVectorizer, specifically in versions up to and including 1.4.1.post1, which was fixed in version 1.5.0. The vulnerability arises from the unexpected storage of all tokens present in the training data within the stopwords...

4.7CVSS4.6AI score0.00187EPSS
Exploits0References3
Rows per page
Query Builder