Lucene search
K

6 matches found

Packet Storm
Packet Storm
added 2026/06/12 12:0 a.m.49 views

📄 FortiSandbox 4.4.7 Authentication Bypass / Command Injection

This Metasploit auxiliary scanner module is designed to collect system and environment information from vulnerable FortiSandbox instances by leveraging two disclosed vulnerabilities: an authentication bypass and a command injection flaw. The module supports multiple collection modes, including...

9.8CVSS5.9AI score0.48668EPSS
Exploits7
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2024-31907

Malicious code in bioql PyPI...

6.5CVSS6.6AI score0.0044EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2025/09/10 12:0 a.m.4 views

Linux Distros Unpatched Vulnerability : CVE-2022-3866

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - HashiCorp Nomad and Nomad Enterprise 1.4.0 up to 1.4.1 workload identity token can list non-sensitive metadata for paths under nomad/ that belong to other jobs ...

5CVSS5.1AI score0.00508EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2022/07/01 4:15 p.m.3 views

CVE-2022-2227

Improper access control in the runner jobs API in GitLab CE/EE affecting all versions prior to 14.10.5, 15.0 prior to 15.0.4, and 15.1 prior to 15.1.1 allows a previous maintainer of a project with a specific runner to access job and project meta data under certain conditions...

4.3CVSS5.9AI score0.00732EPSS
Exploits0References4Affected Software1
OSV
OSV
added 2022/07/01 4:15 p.m.2 views

UBUNTU-CVE-2022-2227

Improper access control in the runner jobs API in GitLab CE/EE affecting all versions prior to 14.10.5, 15.0 prior to 15.0.4, and 15.1 prior to 15.1.1 allows a previous maintainer of a project with a specific runner to access job and project meta data under certain conditions...

4.3CVSS5.8AI score0.00732EPSS
Exploits0References5
Hacker One
Hacker One
added 2019/09/08 3:45 p.m.25 views

New Relic: Passive stored XSS at Synthetics job result page (View resource)

Hey team, I've discovered a stored XSS at Synthetics job result page. There is a View resource link near every URL which was requested by a browser and this link href is the requested URL itself: F577804 All the URLs, the browser interacted with, are saved into the database by a minion, when the...

5.8AI score
Exploits0
Rows per page
Query Builder