Lucene search
K

19 matches found

OSV
OSV
added 3 days ago4 views

GHSA-GVHC-WV3V-7PF8 Kite has an authenticated cluster RBAC bypass in /api/v1/overview

Summary Authenticated Kite users with any role can request /api/v1/overview for a cluster that their roles do not permit by selecting that cluster with x-cluster-name. The overview route is registered before middleware.RBACMiddleware and GetOverview only checks lenuser.Roles 0, so it returns...

4.3CVSS6AI score
Exploits0References2
NVD
NVD
added 4 days ago7 views

CVE-2026-46592

Improper Input Validation, Unintended Proxy or Intermediary 'Confused Deputy' vulnerability in Apache Camel CXF SOAP component. The camel-cxf producer selects which SOAP operation to invoke on the backend service from the operationName and operationNamespace Exchange header, whose constant values...

7.5CVSS0.00396EPSS
Exploits0References2
EUVD
EUVD
added 4 days ago7 views

EUVD-2026-41842

Improper Input Validation, Unintended Proxy or Intermediary 'Confused Deputy' vulnerability in Apache Camel DAPR component. The camel-dapr Dapr Pub/Sub consumer DaprPubSubConsumer copied two fields from each inbound CloudEvent - its Pub/Sub component name and its topic - into the...

6.5CVSS6AI score0.00426EPSS
Exploits0References1
Cvelist
Cvelist
added 4 days ago33 views

CVE-2026-46592 Apache Camel: Camel-CXF: The SOAP operation-selection headers used non-Camel-prefixed names (operationName, operationNamespace) that bypass the HTTP header filter, allowing an HTTP client to redirect the invoked SOAP operation

Improper Input Validation, Unintended Proxy or Intermediary 'Confused Deputy' vulnerability in Apache Camel CXF SOAP component. The camel-cxf producer selects which SOAP operation to invoke on the backend service from the operationName and operationNamespace Exchange header, whose constant values...

0.00396EPSS
Exploits0References1
CVE
CVE
added 4 days ago11 views

CVE-2026-46592

This CVE concerns Apache Camel CXF SOAP component where the operationName/operationNamespace headers bypass the HTTP header filter, enabling a potential confused-deputy redirection to invoke a different WSDL operation. Affected range: Camel 4.0.0–4.14.8, 4.15.0–4.18.3, 4.19.0–4.21.0. Mitigation: ...

7.5CVSS6AI score0.00396EPSS
Exploits0References2Affected Software1
EUVD
EUVD
added 4 days ago4 views

EUVD-2026-41836

Improper Input Validation, Unintended Proxy or Intermediary 'Confused Deputy' vulnerability in Apache Camel CXF SOAP component. The camel-cxf producer selects which SOAP operation to invoke on the backend service from the operationName and operationNamespace Exchange header, whose constant values...

7.5CVSS6AI score0.00396EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/22 2:55 p.m.35 views

CVE-2026-53655 node-tar applies PAX size override to intermediary GNU long-name/long-link headers, causing tar parser interpretation differential (file smuggling)

node-tar is a full-featured Tar for Node.js. Prior to 7.5.16, tar node-tar applies a PAX extended header's size= record and other PAX overrides to the next header entry of any type, including intermediary metadata headers such as a GNU long-name L or long-link K entry. Per POSIX pax, a PAX extend...

6.9CVSS0.00107EPSS
Exploits1References1
NVD
NVD
added 2026/05/14 7:16 a.m.12 views

CVE-2026-3718

The ManageWP Worker plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'MWP-Key-Name' HTTP request header in all versions up to, and including, 4.9.31. This is due to insufficient input sanitization and output escaping of attacker-controlled header values. This makes it...

7.2CVSS0.00264EPSS
Exploits0References2
EUVD
EUVD
added 2026/05/14 6:44 a.m.15 views

EUVD-2026-30246

The ManageWP Worker plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'MWP-Key-Name' HTTP request header in all versions up to, and including, 4.9.31. This is due to insufficient input sanitization and output escaping of attacker-controlled header values. This makes it...

7.2CVSS6AI score0.00264EPSS
Exploits0References2
OSV
OSV
added 2026/05/07 9:6 p.m.7 views

GHSA-G49P-4QXJ-88V3 Note Mark: Arbitrary File Write via Path Traversal in Asset Names Leads to Remote Code Execution

Description The Note Mark application allows authenticated users to upload assets to notes via POST /api/notes/noteID/assets, where the asset filename is provided through the X-Name HTTP request header. This value is stored directly in the database without any sanitization or validation - no path...

8.6CVSS6.3AI score0.00495EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2026/05/07 12:0 a.m.21 views

PT-2026-38621

Name of the Vulnerable Software and Affected Versions Note Mark versions 0.13.0 through 0.19.3 Description Authenticated users can upload assets to notes via the "/api/notes/noteID/assets" endpoint. The application stores the asset filename provided in the X-Name HTTP request header directly in t...

8.6CVSS6AI score0.00495EPSS
Exploits0References6
CVE
CVE
added 2025/10/28 2:2 a.m.13 views

CVE-2025-12346

MaxSite CMS

8.8CVSS6.4AI score0.00357EPSS
Exploits1References4Affected Software1
OSV
OSV
added 2025/10/28 2:2 a.m.5 views

CVE-2025-12346 MaxSite CMS HTTP Header uploads-require-maxsite.php unrestricted upload

A vulnerability was detected in MaxSite CMS up to 109. This vulnerability affects unknown code of the file application/maxsite/admin/plugins/autopost/uploads-require-maxsite.php of the component HTTP Header Handler. Performing manipulation of the argument X-Requested-FileName/X-Requested-FileUpDi...

5.3CVSS6.3AI score0.00357EPSS
Exploits1References6
CNVD
CNVD
added 2021/01/18 12:0 a.m.3 views

Theonedev Onedev Code Issue Vulnerability

Theonedev Onedev is a JAVA-based all-in-one DevOps platform from the Theonedev team. The platform supports container build, orchestration, CI, Git management, team collaboration and other features to help developers build a simple, powerful development platform. Theonedev A code issue vulnerabili...

10CVSS7.2AI score0.01198EPSS
Exploits0References1
CNNVD
CNNVD
added 2021/01/15 12:0 a.m.7 views

Theonedev Onedev 代码问题漏洞

Theonedev Onedev is a JAVA-based all-in-one DevOps platform from the Theonedev team. The platform supports container build, orchestration, CI, Git management, team collaboration and other features to help developers build a simple, powerful development platform. Theonedev A code issue vulnerabili...

10CVSS7.5AI score0.01198EPSS
Exploits0References3
CNVD
CNVD
added 2018/04/10 12:0 a.m.4 views

FiberHome VDSL2 Modem HG 150-UB Security Bypass Vulnerability

FiberHome VDSL2 Modem HG 150-UB is a modem product from China FiberHome. A security vulnerability exists in the FiberHome VDSL2 Modem HG 150-UB. The vulnerability can be exploited to bypass authentication with the 'Cookie: Name=0admin' header...

9.8CVSS7.1AI score0.15255EPSS
Exploits2References1
OSV
OSV
added 2017/01/15 2:59 a.m.2 views

DEBIAN-CVE-2017-5488

Multiple cross-site scripting XSS vulnerabilities in wp-admin/update-core.php in WordPress before 4.7.1 allow remote attackers to inject arbitrary web script or HTML via the 1 name or 2 version header of a plugin...

6.1CVSS7.1AI score0.01755EPSS
Exploits0References1
RedHat Linux
RedHat Linux
added 2015/11/23 9:34 p.m.6 views

Ceph: RGW returns requested bucket name raw in Bucket response header

A feature in Ceph Object Gateway RGW allows to return a specific HTTP header that contains the name of a bucket that was accessed. It was found that the returned HTTP headers were not sanitized. An unauthenticated attacker could use this flaw to craft HTTP headers in responses that would confuse...

4.3CVSS5.8AI score0.01907EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2013/10/04 12:0 a.m.5 views

PT-2013-4959 · Apache · Apache Camel

Name of the Vulnerable Software and Affected Versions: Apache Camel versions 2.9.0 through 2.9.6 Apache Camel versions 2.10.0 through 2.10.6 Apache Camel versions 2.11.0 through 2.11.1 Apache Camel version 2.12.0 Description: The issue allows remote attackers to execute arbitrary simple language...

6.8CVSS9.6AI score0.08523EPSS
Exploits0References24
Rows per page
Query Builder