Lucene search
K

7 matches found

OSV
OSV
added 2026/03/27 7:11 a.m.9 views

BIT-DISCOURSE-2026-33422 Discourse exposes ip_address of flagged user

Discourse is an open-source discussion platform. Prior to versions 2026.3.0, 2026.2.1, and 2026.1.2, the ipaddress of a flagged user is exposed to any user who can access the review queue, including users who should not be able to see IP addresses. Versions 2026.3.0, 2026.2.1, and 2026.1.2 contai...

4.3CVSS5.9AI score0.00284EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2025/10/13 12:0 a.m.8 views

PT-2025-41771

Name of the Vulnerable Software and Affected Versions Uniweb/SoliPACS WebServer developed by EBM Technologies affected versions not specified Description A missing authentication issue exists in Uniweb/SoliPACS WebServer developed by EBM Technologies. This allows unauthenticated remote attackers ...

6.9CVSS6.7AI score0.00342EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2024/01/09 12:0 a.m.34 views

Ubuntu 16.04 ESM / 18.04 ESM / 20.04 LTS / 22.04 LTS : Go vulnerabilities (USN-6038-2)

The remote Ubuntu 16.04 ESM / 18.04 ESM / 20.04 LTS / 22.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-6038-2 advisory. USN-6038-1 fixed several vulnerabilities in Go 1.18. This update provides the corresponding updates for Go 1.13 and G...

9.8CVSS7.3AI score0.05623EPSS
Exploits6References19
Tenable Nessus
Tenable Nessus
added 2023/11/06 12:0 a.m.26 views

Rocky Linux 9 : grafana-pcp (RLSA-2022:8250)

The remote Rocky Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2022:8250 advisory. - Acceptance of some invalid Transfer-Encoding headers in the HTTP/1 client in net/http before Go 1.17.12 and Go 1.18.4 allows HTTP request smuggling if...

7.5CVSS7.1AI score0.01618EPSS
Exploits2References13
Tenable Nessus
Tenable Nessus
added 2023/05/14 12:0 a.m.31 views

AlmaLinux 9 : git-lfs (ALSA-2023:2357)

The remote AlmaLinux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the ALSA-2023:2357 advisory. - Acceptance of some invalid Transfer-Encoding headers in the HTTP/1 client in net/http before Go 1.17.12 and Go 1.18.4 allows HTTP request smuggling if...

7.5CVSS7AI score0.05623EPSS
Exploits4References11
Tenable Nessus
Tenable Nessus
added 2022/11/04 12:0 a.m.30 views

Amazon Linux 2022 : golist (ALAS2022-2022-192)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2022-2022-192 advisory. A flaw was found in golang. The HTTP/1 client accepted invalid Transfer-Encoding headers indicating chunked encoding. This issue could allow request smuggling, but only if combined with an...

9.3CVSS7.4AI score0.0995EPSS
Exploits7References31
Tenable Nessus
Tenable Nessus
added 2022/10/26 12:0 a.m.36 views

Oracle Linux 8 : git-lfs (ELSA-2022-7129)

The remote Oracle Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the ELSA-2022-7129 advisory. 2.13.3-3 - Rebuild with new Golang - Resolves: rhbz2131795 Tenable has extracted the preceding description block directly from the Oracle Linux securit...

7.5CVSS7.2AI score0.02607EPSS
Exploits5References10
Rows per page
Query Builder