Lucene search
K

8 matches found

CVE
CVE
added 2026/06/22 10:9 p.m.32 views

CVE-2026-54236

CVE-2026-54236 affects vLLM versions before 0.23.1rc0. Five code paths bypass the sanitize_message global exception handler, leaking heap addresses via exception messages: (1) Anthropic API router POST /v1/messages and POST /v1/messages/count_tokens (vllm/entrypoints/anthropic/api_router.py), (2)...

5.3CVSS5.9AI score0.00796EPSS
Exploits1References3Affected Software1
EUVD
EUVD
added 2026/06/10 12:31 a.m.12 views

EUVD-2026-35877

BuddyPress 14.4.0 contains an insecure direct object reference vulnerability in the messages REST API that allows authenticated attackers to access arbitrary private message threads by supplying a userid parameter in the request. Attackers can pass another user's identifier to the...

8.6CVSS5.6AI score0.00294EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2026/03/19 12:0 a.m.5 views

PT-2026-26427

Name of the Vulnerable Software and Affected Versions Discourse versions prior to 2026.3.0-latest.1 Discourse versions prior to 2026.2.1 Discourse versions prior to 2026.1.2 Description Discourse, an open-source discussion platform, has authorization issues within its chat direct message API...

5.4CVSS5.9AI score0.00156EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2024/11/14 12:0 a.m.9 views

Fedora 41 : webkitgtk (2024-b142cc07d0)

The remote Fedora 41 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2024-b142cc07d0 advisory. Fix login QR code not shown in WhatsApp web. Disable PSON by default again in GTK 3 API versions. Disable DMABuf video sink by default to prevent fi...

6.5CVSS7.5AI score0.00915EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2024/10/08 12:0 a.m.20 views

Fedora 39 : webkitgtk (2024-e1357fc22f)

The remote Fedora 39 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2024-e1357fc22f advisory. Fix login QR code not shown in WhatsApp web. Disable PSON by default again in GTK 3 API versions. Disable DMABuf video sink by default to prevent fi...

6.5CVSS7.5AI score0.00915EPSS
Exploits0References3
CNNVD
CNNVD
added 2024/01/25 12:0 a.m.5 views

kafka-ui OS Command Injection Vulnerability

kafka-ui is an open source Web UI for Apache Kafka. A security vulnerability in kafka-ui versions 0.4.0 through 0.7.1 exists that originates from a vulnerability that could allow a remote attacker to execute arbitrary code via parameter q in /api/clusters/local/topics/messages...

8.8CVSS7.7AI score0.85025EPSS
Exploits5References3
Tenable Nessus
Tenable Nessus
added 2020/03/25 12:0 a.m.39 views

Fedora 31 : webkit2gtk3 (2020-f25793aac4)

Update to WebKitGTK 2.28.0. - Add API to enable Process Swap on Cross-site Navigation. - Add user messages API for the communication with the web extension. - Add support for same-site cookies. - Service workers are enabled by default. - Add support for Pointer Lock API. - Add flatpak sandbox...

9.8CVSS6.7AI score0.05028EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2020/03/20 12:0 a.m.35 views

Fedora 30 : webkit2gtk3 (2020-f3fa778924)

Update to WebKitGTK 2.28.0. - Add API to enable Process Swap on Cross-site Navigation. - Add user messages API for the communication with the web extension. - Add support for same-site cookies. - Service workers are enabled by default. - Add support for Pointer Lock API. - Add flatpak sandbox...

9.8CVSS6.7AI score0.05028EPSS
Exploits0References2
Rows per page
Query Builder