Lucene search
K

7 matches found

GithubExploit
GithubExploit
added 2026/04/27 7:48 p.m.146 views

Exploit for Improper Access Control in Nodejs Node.Js

CVE-2026-21636 - Node.js Permission Model UDS/Network Bypass...

10CVSS6.6AI score0.00663EPSS
Exploits1
EUVD
EUVD
added 2025/10/03 8:7 p.m.7 views

EUVD-2022-34599

Malicious code in bioql PyPI...

6.5CVSS6.6AI score0.00763EPSS
Exploits0References1
Github Security Blog
Github Security Blog
added 2025/10/01 9:20 p.m.14 views

marimo vulnerable to proxy abuse of /mpl/{port}/

Summary The /mpl// endpoint, which is accessible without authentication on default Marimo installations allows for external attackers to reach internal services and arbitrary ports. Details From our understanding, this route is used internally to provide access to interactive matplotlib...

7.7AI score
Exploits0References5Affected Software1
CVE
CVE
added 2025/06/23 8:42 p.m.92 views

CVE-2025-2828

CVE-2025-2828 describes an SSRF flaw in the RequestsToolkit of langchain-ai/langchain (langchain_community.agent_toolkits.openapi.toolkit.RequestsToolkit) affecting version 0.0.27. The vulnerability arises from insufficiently restricted requests to remote internet addresses, enabling an attacker ...

10CVSS8.3AI score0.14059EPSS
Exploits1References2Affected Software1
Github Security Blog
Github Security Blog
added 2025/01/21 7:58 p.m.21 views

Infinite loop and Blind SSRF found inside the Webfinger mechanism in @fedify/fedify

Summary This vulnerability allows a user to maneuver the Webfinger mechanism to perform a GET request to any internal resource on any Host, Port, URL combination regardless of present security mechanisms, and forcing the victim’s server into an infinite loop causing Denial of Service. Moreover,...

5.4CVSS7.1AI score0.00572EPSS
Exploits0References6Affected Software1
ATTACKERKB
ATTACKERKB
added 2022/10/04 12:0 a.m.3 views

CVE-2022-30613

IBM QRadar SIEM 7.4 and 7.5 could disclose sensitive information via a local service to a privileged user. IBM X-Force ID: 227366...

5.5CVSS5.8AI score0.00189EPSS
Exploits0References3Affected Software1
OSV
OSV
added 2019/08/17 5:15 p.m.3 views

CVE-2019-13069

extenua SilverSHielD 6.x fails to secure its ProgramData folder, leading to a Local Privilege Escalation to SYSTEM. The attacker must replace SilverShield.config.sqlite with a version containing an additional user account, and then use SSH and port forwarding to reach a 127.0.0.1 service...

7.8CVSS7.1AI score0.01171EPSS
Exploits3References2
Rows per page
Query Builder