CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

12 matches found

Positive Technologies•added 2026/01/26 12:0 a.m.•2 views

PT-2026-21013

Уязвимость прикладного программного интерфейса системы для агрегации и хранения логов Loki связана с неверным ограничением имени пути к каталогу. Эксплуатация уязвимости может позволить нарушителю, действующему удаленно, получить несанкционированный доступ к защищаемой информации с помощью...

5.3CVSS5.8AI score0.00017EPSS

Exploits0References6

EUVD•added 2025/10/07 12:30 a.m.•2 views

EUVD-2013-6276

Malware in sbrugna...

5CVSS9.2AI score0.00403EPSS

Exploits0References4

RedhatCVE•added 2025/05/23 2:4 a.m.•8 views

CVE-2023-6021

LFI in Ray's log API endpoint allows attackers to read any file on the server without authentication. The issue is fixed in version 2.8.1+. Ray maintainers' response can be found here:...

9.8CVSS6.2AI score0.92192EPSS

Exploits21References1

Positive Technologies•added 2025/02/21 12:0 a.m.•1 views

PT-2025-7444 · Gfast · Gfast

Name of the Vulnerable Software and Affected Versions: GFast versions 2 through 3.2 Description: A SQL injection issue was discovered via the SortName parameter at the "/system/loginLog/list" API endpoint. This allows for potential exploitation. Recommendations: For versions 2 through 3.2, as a...

4.2CVSS7.6AI score0.00038EPSS

Exploits0References5

Veracode•added 2025/01/23 2:17 a.m.•7 views

Path Traversal

Ray is vulnerable to Path Traversal. The vulnerability is due to improper validation or sanitization of user input in the log API endpoint, allowing attackers to specify arbitrary file paths and access unauthorized files on the server...

9.8CVSS6.8AI score0.92192EPSS

Exploits21References5Affected Software1

CNNVD•added 2024/06/10 12:0 a.m.•1 views

Harbor SQL Injection Vulnerability

Harbor is an open source registry from Harbor Open Source. Artifacts are protected through policies and role-based access control, ensuring that images are scanned and free of vulnerabilities, and signing images as trusted. A SQL injection vulnerability exists in Harbor v2.8.4, v2.9.2, and v2.10....

5.5CVSS7.7AI score0.00469EPSS

Exploits0References2

Positive Technologies•added 2024/06/02 12:0 a.m.•2 views

PT-2024-19294

Name of the Vulnerable Software and Affected Versions Harbor versions 2.8.1 through 2.8.5 Harbor versions 2.9.0 through 2.9.3 Harbor versions 2.10.0 through 2.10.1 Description A SQL Injection issue allows users with administrator, project admin, or project maintainer roles to execute any Postgres...

5.5CVSS6.1AI score0.00469EPSS

Exploits0References10

OSV•added 2023/11/16 6:30 p.m.•1 views

GHSA-3PWW-QVR8-6MHP Ray Path Traversal vulnerability

LFI in Ray's log API endpoint allows attackers to read any file on the server without authentication. The issue is fixed in version 2.8.1+. Ray maintainers response can be found here:...

9.3CVSS7.1AI score0.92192EPSS

Exploits21References5

Github Security Blog•added 2023/11/16 6:30 p.m.•56 views

Ray Path Traversal vulnerability

LFI in Ray's log API endpoint allows attackers to read any file on the server without authentication. The issue is fixed in version 2.8.1+. Ray maintainers response can be found here:...

9.8CVSS7.3AI score0.92192EPSS

Exploits21References5Affected Software1

NVD•added 2014/05/12 2:55 p.m.•16 views

CVE-2013-6472

MediaWiki before 1.19.10, 1.2x before 1.21.4, and 1.22.x before 1.22.1 allows remote attackers to obtain information about deleted page via the 1 log API, 2 enhanced RecentChanges, and 3 user watchlists...

5CVSS6.6AI score0.00403EPSS

Exploits0References1