Lucene search
K

8 matches found

EUVD
EUVD
added 2 days ago3 views

EUVD-2026-42286

SeaweedFS is a distributed storage system. In versions 4.08 through 4.33, requests signed with SigV4 service s3tables are routed to the S3Tables management API where authorization collapses account-less S3 identities into the shared admin account and fails open, allowing an authenticated...

4.3CVSS5.9AI score0.00199EPSS
Exploits0References4
Cvelist
Cvelist
added 2 days ago32 views

CVE-2026-55873 SeaweedFS: Improper authorization in the S3Tables / Iceberg REST management API lets a low-privileged S3 user enumerate administrator-owned table buckets

SeaweedFS is a distributed storage system. In versions 4.08 through 4.33, requests signed with SigV4 service s3tables are routed to the S3Tables management API where authorization collapses account-less S3 identities into the shared admin account and fails open, allowing an authenticated...

4.3CVSS0.00199EPSS
Exploits0References4
CVE
CVE
added 2 days ago12 views

CVE-2026-55874

SeaweedFS's S3 API gateway is affected prior to version 4.34 by a path traversal issue in the X-Amz-Copy-Source header (dot-dot segments) that can enable an authenticated user scoped to one bucket to read objects from other buckets via server-side copy. The issue is documented across CVE-2026-558...

7.7CVSS6AI score0.00327EPSS
Exploits0References4
CNNVD
CNNVD
added 2026/01/05 12:0 a.m.6 views

Coolify 安全漏洞

Coolify is an open source and self-hosted Heroku/Netlify/Vercel replacement from coolLabs Open Source. A security vulnerability exists in Coolify v4.0.0-beta.434 and earlier versions, which stems from a low-privileged user being able to invite a high-privileged user, potentially resulting in...

8.7CVSS6.5AI score0.00253EPSS
Exploits1References2
OSV
OSV
added 2025/08/09 9:15 p.m.4 views

CVE-2025-8775

A vulnerability was found in Qiyuesuo Eelectronic Signature Platform up to 4.34 and classified as critical. Affected by this issue is the function execute of the file /api/code/upload of the component Scheduled Task Handler. The manipulation of the argument File leads to unrestricted upload. The...

9.8CVSS5.4AI score0.00377EPSS
Exploits1References5
SUSE CVE
SUSE CVE
added 2024/04/09 2:28 a.m.3 views

SUSE CVE-2024-28732

An issue was discovered in OFPMatch in parser.py in Faucet SDN Ryu version 4.34, allows remote attackers to cause a denial of service DoS infinite loop...

7.5CVSS6.9AI score0.0082EPSS
Exploits1References3
CNNVD
CNNVD
added 2024/04/08 12:0 a.m.5 views

Faucet SDN Ryu 安全漏洞

Faucet SDN Ryu is a component-based software-defined networking framework from Faucet Open Source. A security vulnerability exists in Faucet SDN Ryu version 4.34. A remote attacker could exploit the vulnerability to cause a denial of service on the system...

7.5CVSS7.3AI score0.0082EPSS
Exploits1References3
OSV
OSV
added 2019/06/11 12:0 a.m.3 views

UBUNTU-CVE-2019-0197

A vulnerability was found in Apache HTTP Server 2.4.34 to 2.4.38. When HTTP/2 was enabled for a http: host or H2Upgrade was enabled for h2 on a https: host, an Upgrade request from http/1.1 to http/2 that was not the first request on a connection could lead to a misconfiguration and crash. Server...

4.2CVSS6.6AI score0.08441EPSS
Exploits0References4
Rows per page
Query Builder