Lucene search
K

360 matches found

RedHat Linux
RedHat Linux
added 2026/04/16 12:56 p.m.6 views

libpng: libpng: Arbitrary code execution due to use-after-free vulnerability

A flaw was found in libpng, a library used for processing PNG Portable Network Graphics image files. This vulnerability arises from improper memory management where a heap-allocated buffer is aliased between internal data structures. When specific functions are called, a freed memory region can...

7.5CVSS6.8AI score0.01052EPSS
Exploits1References10
RedHat Linux
RedHat Linux
added 2026/04/14 11:50 a.m.6 views

libpng: libpng: Arbitrary code execution due to use-after-free vulnerability

A flaw was found in libpng, a library used for processing PNG Portable Network Graphics image files. This vulnerability arises from improper memory management where a heap-allocated buffer is aliased between internal data structures. When specific functions are called, a freed memory region can...

7.5CVSS6.7AI score0.01052EPSS
Exploits1References10
RedHat Linux
RedHat Linux
added 2026/04/13 2:23 a.m.3 views

libpng: libpng: Arbitrary code execution due to use-after-free vulnerability

A flaw was found in libpng, a library used for processing PNG Portable Network Graphics image files. This vulnerability arises from improper memory management where a heap-allocated buffer is aliased between internal data structures. When specific functions are called, a freed memory region can...

7.5CVSS6.4AI score0.01052EPSS
Exploits1References10
RedhatCVE
RedhatCVE
added 2026/04/11 1:21 a.m.6 views

CVE-2026-34723

Zammad is a web based open source helpdesk/customer support system. Prior to 7.0.1 and 6.5.4, unauthenticated remote attackers were able to access the getting started endpoint to get access to sensitive internal entity data, even after the system setup was completed. This vulnerability is fixed i...

8.7CVSS5.8AI score0.00443EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/04/09 7:23 p.m.5 views

CVE-2026-35516

LinkAce is a self-hosted archive to collect website links. Prior to 2.5.4, LinkRepository::update and CheckLinksCommand::checkLink do not check for private IPs. An authenticated user can read responses from internal services AWS IMDSv1, cloud metadata, internal APIs by creating a link with a publ...

5CVSS5.9AI score0.00274EPSS
Exploits1References1
NVD
NVD
added 2026/04/08 7:25 p.m.9 views

CVE-2026-34723

Zammad is a web based open source helpdesk/customer support system. Prior to 7.0.1 and 6.5.4, unauthenticated remote attackers were able to access the getting started endpoint to get access to sensitive internal entity data, even after the system setup was completed. This vulnerability is fixed i...

8.7CVSS0.00443EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/04/08 6:14 p.m.20 views

CVE-2026-34723 Zammad has incorrect access control in getting_started_controller

Zammad is a web based open source helpdesk/customer support system. Prior to 7.0.1 and 6.5.4, unauthenticated remote attackers were able to access the getting started endpoint to get access to sensitive internal entity data, even after the system setup was completed. This vulnerability is fixed i...

8.7CVSS0.00443EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/04/08 6:14 p.m.5 views

CVE-2026-34723 Zammad has incorrect access control in getting_started_controller

Zammad is a web based open source helpdesk/customer support system. Prior to 7.0.1 and 6.5.4, unauthenticated remote attackers were able to access the getting started endpoint to get access to sensitive internal entity data, even after the system setup was completed. This vulnerability is fixed i...

8.7CVSS5.8AI score0.00443EPSS
Exploits0References1
CVE
CVE
added 2026/04/08 6:14 p.m.11 views

CVE-2026-34723

CVE-2026-34723 affects Zammad (web-based helpdesk). Root cause: incorrect access control in the getting_started_controller allowed unauthenticated remote attackers (before patch versions) to access the getting started endpoint and view sensitive internal entity data. Affected versions: prior to 7...

8.7CVSS5.9AI score0.00443EPSS
Exploits0References1Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/04/08 4:26 p.m.7 views

CVE-2026-2377

A flaw was found in Red Hat Quay and mirror registry for Red Hat OpenShift. The log export feature in these products allows an authenticated user to specify an arbitrary callback URL. A backend process then makes server-side HTTP requests to this provided URL. This vulnerability, known as...

6.5CVSS6AI score0.00405EPSS
Exploits0References9
Github Security Blog
Github Security Blog
added 2026/04/08 12:8 a.m.7 views

WWBN AVideo has an Allowlisted downloadURL media extensions bypass SSRF protection and enable internal response exfiltration (Incomplete fix for CVE-2026-27732)

Summary The fix for CVE-2026-27732 is incomplete. objects/aVideoEncoder.json.php still allows attacker-controlled downloadURL values with common media or archive extensions such as .mp4, .mp3, .zip, .jpg, .png, .gif, and .webm to bypass SSRF validation. The server then fetches the response and...

8.6CVSS6.2AI score0.00235EPSS
Exploits0References3Affected Software1
Positive Technologies
Positive Technologies
added 2026/04/08 12:0 a.m.9 views

PT-2026-31420

Name of the Vulnerable Software and Affected Versions Zammad versions prior to 7.0.1 and prior to 6.5.4 Description Zammad, a web-based open-source helpdesk system, allowed unauthenticated remote attackers to access sensitive internal entity data through the getting started endpoint, even after...

8.7CVSS5.9AI score0.00443EPSS
Exploits0References4
CNNVD
CNNVD
added 2026/04/08 12:0 a.m.9 views

Zammad 访问控制错误漏洞

Zammad is a ticketing management software developed by the German company Zammad. Versions of Zammad prior to 7.0.1 and 6.5.4 contained an access control vulnerability. This vulnerability stemmed from unverified attackers being able to access the “getting started” endpoint, potentially leading to...

8.7CVSS5.8AI score0.00443EPSS
Exploits0References2
NVD
NVD
added 2026/04/07 4:16 p.m.2 views

CVE-2026-35516

LinkAce is a self-hosted archive to collect website links. Prior to 2.5.4, LinkRepository::update and CheckLinksCommand::checkLink do not check for private IPs. An authenticated user can read responses from internal services AWS IMDSv1, cloud metadata, internal APIs by creating a link with a publ...

5CVSS0.00274EPSS
Exploits1References1
CNNVD
CNNVD
added 2026/04/07 12:0 a.m.8 views

LinkAce 代码问题漏洞

LinkAce is a self-hosted repository developed by Kevin Woblick, designed to collect links to your favorite websites. Versions of LinkAce prior to 2.5.4 had code vulnerabilities. These vulnerabilities stemmed from insufficient checks on private IP addresses, allowing authenticated users to read...

5CVSS5.9AI score0.00274EPSS
Exploits1References1
Github Security Blog
Github Security Blog
added 2026/04/03 9:34 p.m.5 views

Budibase: Server-Side Request Forgery via REST Connector with Empty Default Blacklist

Summary | Field | Value | |-------|-------| | Title | SSRF via REST Connector with Empty Default Blacklist Leading to Full Internal Data Exfiltration | | Product | Budibase | | Version | 3.30.6 latest stable as of 2026-02-25 | | Component | REST Datasource Integration + Backend-Core Blacklist...

9.9CVSS6.3AI score0.00377EPSS
Exploits1References6Affected Software1
OSV
OSV
added 2026/04/03 9:34 p.m.4 views

GHSA-7R9J-R86Q-7G45 Budibase: Server-Side Request Forgery via REST Connector with Empty Default Blacklist

Summary | Field | Value | |-------|-------| | Title | SSRF via REST Connector with Empty Default Blacklist Leading to Full Internal Data Exfiltration | | Product | Budibase | | Version | 3.30.6 latest stable as of 2026-02-25 | | Component | REST Datasource Integration + Backend-Core Blacklist...

9.6CVSS6.3AI score0.00377EPSS
Exploits1References6
Snyk
Snyk
added 2026/04/03 4:4 a.m.3 views

Out-of-bounds Read

Overview signalk-server is an An implementation of a Signal K server for boats. Affected versions of this package are vulnerable to Out-of-bounds Read in the from field of JSON-patch operations. An attacker can access internal Node.js functions and prototype state by crafting a payload that targe...

6.5CVSS5.9AI score0.00308EPSS
Exploits1References2
Positive Technologies
Positive Technologies
added 2026/04/02 12:0 a.m.4 views

PT-2026-29804

Summary The /signalk/v1/applicationData/... JSON-patch endpoint allows users to modify stored application data. To prevent Prototype Pollution, the developers implemented an isPrototypePollutionPath guard. However, this guard only checks the path property of incoming JSON-patch objects. It...

5.3CVSS6.5AI score0.00308EPSS
Exploits1References5
Cvelist
Cvelist
added 2026/03/30 3:51 p.m.18 views

CVE-2026-2286 CVE-2026-2286

CrewAI contains a server-side request forgery vulnerability that enables content acquisition from internal and cloud services, facilitated by the RAG search tools not properly validating URLs provided at runtime...

0.00467EPSS
Exploits0References1
Rows per page
Query Builder