Lucene search
K

11 matches found

AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.14 views

Astra Linux – Vulnerability in Wireshark

Improper URL handling in Wireshark versions 3.4.0 to 3.4.3 and 3.2.0 to 3.2.11 may allow for remote code execution through packet injection or crafted capture files...

8.8CVSS8.3AI score0.03639EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/06/02 12:0 a.m.11 views

PT-2026-45737

D.Launcher 2 component of Slovak eID client ecosystem contains Improper URL Handler Processing vulnerability. Application registers multiple custom URL handlers that could be exploited to initiate full NTLM autentication or SMB connection to attacker infrastructure and to conduct SSRF Server Side...

6.5CVSS5.8AI score0.00225EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/04/20 12:0 a.m.9 views

dify 安全漏洞

dify is an open-source LLM application development platform developed by LangGenius. Versions of dify prior to 0.6.9 contained security vulnerabilities. These vulnerabilities were caused by improper handling of the parameter url in the getapitoolproviderremoteschema function of the...

6.5CVSS6.6AI score0.00201EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2025/04/01 12:0 a.m.10 views

EulerOS 2.0 SP13 : python3 (EulerOS-SA-2025-1323)

According to the versions of the python3 packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : The urllib.parse.urlsplit and urlparse functions improperly validated bracketed hosts , allowing hosts that weren't IPv6 or IPvFuture. This...

6.3CVSS6.6AI score0.0067EPSS
Exploits0References2
Cvelist
Cvelist
added 2024/12/20 7:48 p.m.21 views

CVE-2024-56331 Local File Inclusion (LFI) via Improper URL Handling in uptime-kuma's `Real-Browser` monitor

Uptime Kuma is an open source, self-hosted monitoring tool. An Improper URL Handling Vulnerability allows an attacker to access sensitive local files on the server by exploiting the file:/// protocol. This vulnerability is triggered via the "real-browser" request type, which takes a screenshot of...

6.8CVSS0.01793EPSS
Exploits0References2
CVE
CVE
added 2024/12/20 7:48 p.m.94 views

CVE-2024-56331

CVE-2024-56331 affects Uptime Kuma’s real-browser monitor, enabling Local File Inclusion via file:/// URLs. The vulnerability arises from insufficient server-side validation of the URL input, allowing an authenticated user to trigger the browser to fetch and capture local files (e.g., /etc/passwd...

6.8CVSS6.5AI score0.01793EPSS
Exploits0References2
OSV
OSV
added 2024/12/20 7:48 p.m.9 views

CVE-2024-56331 Local File Inclusion (LFI) via Improper URL Handling in uptime-kuma's `Real-Browser` monitor

Uptime Kuma is an open source, self-hosted monitoring tool. An Improper URL Handling Vulnerability allows an attacker to access sensitive local files on the server by exploiting the file:/// protocol. This vulnerability is triggered via the "real-browser" request type, which takes a screenshot of...

6.8CVSS6.4AI score0.01793EPSS
Exploits0References4
OSV
OSV
added 2024/12/20 3:10 p.m.11 views

GHSA-2QGM-M29M-CJ2H uptime-kuma vulnerable to Local File Inclusion (LFI) via Improper URL Handling in `Real-Browser` monitor

Summary An Improper URL Handling Vulnerability allows an attacker to access sensitive local files on the server by exploiting the file:/// protocol. This vulnerability is triggered via the "real-browser" request type, which takes a screenshot of the URL provided by the attacker. By supplying loca...

6.8CVSS6.8AI score0.01793EPSS
Exploits0References5
Github Security Blog
Github Security Blog
added 2024/12/20 3:10 p.m.22 views

uptime-kuma vulnerable to Local File Inclusion (LFI) via Improper URL Handling in `Real-Browser` monitor

Summary An Improper URL Handling Vulnerability allows an attacker to access sensitive local files on the server by exploiting the file:/// protocol. This vulnerability is triggered via the "real-browser" request type, which takes a screenshot of the URL provided by the attacker. By supplying loca...

6.8CVSS7.2AI score0.01793EPSS
Exploits0References5Affected Software1
OSV
OSV
added 2021/03/15 6:15 p.m.2 views

UBUNTU-CVE-2021-22191

Improper URL handling in Wireshark 3.4.0 to 3.4.3 and 3.2.0 to 3.2.11 could allow remote code execution via via packet injection or crafted capture file...

8.8CVSS7.7AI score0.03639EPSS
Exploits0References4
OSV
OSV
added 2019/05/16 7:29 p.m.2 views

CVE-2019-0921

An spoofing vulnerability exists when Internet Explorer improperly handles URLs, aka 'Internet Explorer Spoofing Vulnerability'...

6.5CVSS7.3AI score0.03309EPSS
Exploits0References1
Rows per page
Query Builder