CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

13 matches found

Veracode•added 2026/04/25 5:39 a.m.•6 views

Server-Side Request Forgery

Glances is vulnerable to Server-Side Request Forgery SSRF. The vulnerability is due to insufficient validation of the publicapi configuration parameter in the IP plugin, where attacker-controlled URLs are used directly in outbound HTTP requests without scheme or hostname restrictions, allowing...

8.8CVSS5.8AI score0.0002EPSS

Exploits1References3Affected Software1

SUSE CVE•added 2026/04/22 1:37 a.m.•6 views

SUSE CVE-2026-35587

Glances is an open-source system cross-platform monitoring tool. Prior to version 4.5.4, a Server-Side Request Forgery SSRF vulnerability exists in the Glances IP plugin due to improper validation of the publicapi configuration parameter. The value of publicapi is used directly in outbound HTTP...

8.8CVSS5.9AI score0.0002EPSS

Exploits1References3

EUVD•added 2026/04/21 3:17 p.m.•4 views

EUVD-2026-23990

Glances has SSRF in IP Plugin via publicapi leading to credential leakage...

8.6CVSS5.7AI score0.0002EPSS

Exploits1References4

Github Security Blog•added 2026/04/21 3:17 p.m.•8 views

Glances has SSRF in IP Plugin via public_api leading to credential leakage

Summary A Server-Side Request Forgery SSRF vulnerability exists in the Glances IP plugin due to improper validation of the publicapi configuration parameter. The value of publicapi is used directly in outbound HTTP requests without any scheme restriction or hostname/IP validation. An attacker who...

8.8CVSS5.9AI score0.0002EPSS

Exploits1References5Affected Software1

OSV•added 2026/04/21 3:17 p.m.•3 views

GHSA-G5PQ-48MJ-JVW8 Glances has SSRF in IP Plugin via public_api leading to credential leakage

8.8CVSS5.9AI score0.0002EPSS

Exploits1References5

OSV•added 2026/04/21 12:16 a.m.•2 views

DEBIAN-CVE-2026-35587

8.8CVSS5.7AI score0.0002EPSS

Exploits1References1

AlpineLinux•added 2026/04/20 11:19 p.m.•1 views

CVE-2026-35587

8.8CVSS5.7AI score0.0002EPSS

Exploits1References2

CNNVD•added 2026/04/20 12:0 a.m.•4 views

glances 代码问题漏洞

Glances is a system monitoring tool developed by Nicolas Hennion. Versions of Glances prior to 4.5.4 contained code vulnerabilities. These vulnerabilities stemmed from improper validation of publicapi configuration parameters by the IP plugin, which could lead to server-side request forgeing and...

8.8CVSS5.9AI score0.0002EPSS

Exploits1References2

EUVD•added 2025/10/03 8:7 p.m.•3 views

EUVD-2023-35532

Malicious code in bioql PyPI...

6.5CVSS6.5AI score0.00077EPSS

Exploits0References1

OSV•added 2023/10/18 1:15 p.m.•1 views

CVE-2023-31217

Auth. contributor+ Stored Cross-Site Scripting XSS vulnerability in MyTechTalky User Location and IP plugin = 1.6 versions...

5.4CVSS7.3AI score

Exploits0References1

NVD•added 2023/10/18 1:15 p.m.•8 views

CVE-2023-31217

Auth. contributor+ Stored Cross-Site Scripting XSS vulnerability in MyTechTalky User Location and IP plugin = 1.6 versions...

6.5CVSS5.9AI score0.00077EPSS

Exploits0References1

Prion•added 2023/10/18 1:15 p.m.•11 views

Cross site scripting

Auth. contributor+ Stored Cross-Site Scripting XSS vulnerability in MyTechTalky User Location and IP plugin = 1.6 versions...

4.9CVSS5.2AI score0.00077EPSS

Exploits0References1Affected Software1

CVE•added 2023/10/18 12:47 p.m.•43 views

CVE-2023-31217

CVE-2023-31217 is a stored XSS vulnerability in the WordPress plugin MyTechTalky User Location and IP . Affected versions are reported as 1.6 and earlier (some sources indicate up to 1.7). The issue arises from input handling in the plugin’s user-location/IP feature, enabling stored cross-site sc...

6.5CVSS5.5AI score0.00077EPSS

Exploits0References1Affected Software1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by