Lucene search
K

3479 matches found

Nuclei
Nuclei
added yesterday39 views

PaperCut NG - Authentication Bypass

This vulnerability allows remote attackers to bypass authentication on affected installations of PaperCut NG 22.0.5 Build 63914. Authentication is not required to exploit this vulnerability. The specific flaw exists within the SecurityRequestFilter class. The issue results from improper...

8.2CVSS7.1AI score0.77388EPSS
Exploits2References3
Snyk
Snyk
added 2026/07/04 11:13 a.m.4 views

Improper Resource Shutdown or Release

Overview Affected versions of this package are vulnerable to Improper Resource Shutdown or Release in the NGSetupRequest process. An attacker can cause the service to become unavailable by sending specially crafted requests remotely. Remediation Upgrade github.com/omec-project/amf/ngap to version...

5.3CVSS5.9AI score0.00317EPSS
Exploits0References2
Snyk
Snyk
added 2026/07/04 11:13 a.m.7 views

Improper Resource Shutdown or Release

Overview Affected versions of this package are vulnerable to Improper Resource Shutdown or Release in the NGSetupRequest process. An attacker can cause the service to become unavailable by sending specially crafted requests remotely. Remediation Upgrade github.com/omec-project/amf/gmm to version...

5.3CVSS5.9AI score0.00317EPSS
Exploits0References2
OSV
OSV
added 2026/06/29 11:50 a.m.7 views

PYSEC-2026-494 Excessive Attack Surface in pyload-ng

Excessive Attack Surface in GitHub repository pyload/pyload prior to 0.5.0b3.dev41...

9.8CVSS5.8AI score0.0072EPSS
Exploits1References6
OSV
OSV
added 2026/06/29 11:50 a.m.4 views

PYSEC-2026-499 pyload-ng vulnerable to RCE with js2py sandbox escape

Summary Any pyload-ng running under python3.11 or below are vulnerable under RCE. Attacker can send a request containing any shell command and the victim server will execute it immediately. Details js2py has a vulnerability of sandbox escape assigned as CVE-2024-28397, which is used by the...

9.8CVSS6.8AI score0.16513EPSS
Exploits22References7
OSV
OSV
added 2026/06/29 11:50 a.m.4 views

PYSEC-2026-493 pyLoad CNL Blueprint allows Path Traversal through `dlc_path` which leads to Remote Code Execution (RCE)

Summary Path Traversal in pyLoad-ng CNL Blueprint via package parameter allows Arbitrary File Write leading to Remote Code Execution RCE The addcrypted endpoint in pyload-ng suffers from an unsafe path construction vulnerability, allowing unauthenticated attackers to write arbitrary files outside...

9.8CVSS6.6AI score0.01191EPSS
Exploits1References7
Tenable Nessus
Tenable Nessus
added 2026/06/23 12:0 a.m.9 views

Linux Distros Unpatched Vulnerability : CVE-2026-54267

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Angular is a development platform for building mobile and desktop web applications using TypeScript/JavaScript and other languages. Prior to 22.0.1, 21.2.17, an...

8.6CVSS6AI score0.00179EPSS
Exploits0References3
OSV
OSV
added 2026/06/22 4:16 p.m.12 views

DEBIAN-CVE-2026-54267

Angular is a development platform for building mobile and desktop web applications using TypeScript/JavaScript and other languages. Prior to 22.0.1, 21.2.17, and 20.3.25, to optimize client-side bootstrap in Server-Side Rendered SSR environments, Angular supports Hydration via...

6.1CVSS5.8AI score0.00179EPSS
Exploits0References1
NVD
NVD
added 2026/06/22 4:16 p.m.16 views

CVE-2026-54267

Angular is a development platform for building mobile and desktop web applications using TypeScript/JavaScript and other languages. Prior to 22.0.1, 21.2.17, and 20.3.25, to optimize client-side bootstrap in Server-Side Rendered SSR environments, Angular supports Hydration via...

8.6CVSS0.00179EPSS
Exploits0References3
EUVD
EUVD
added 2026/06/22 3:30 p.m.12 views

EUVD-2026-38271

Angular is a development platform for building mobile and desktop web applications using TypeScript/JavaScript and other languages. Prior to 22.0.1, 21.2.17, and 20.3.25, to optimize client-side bootstrap in Server-Side Rendered SSR environments, Angular supports Hydration via...

8.6CVSS5.9AI score0.00179EPSS
Exploits0References3
Debian CVE
Debian CVE
added 2026/06/22 3:30 p.m.10 views

CVE-2026-54267

Angular is a development platform for building mobile and desktop web applications using TypeScript/JavaScript and other languages. Prior to 22.0.1, 21.2.17, and 20.3.25, to optimize client-side bootstrap in Server-Side Rendered SSR environments, Angular supports Hydration via...

8.6CVSS5.8AI score0.00179EPSS
Exploits0
OSV
OSV
added 2026/06/22 3:30 p.m.6 views

CVE-2026-54267 Angular Client Hydration DOM Clobbering & Response-Cache Poisoning

Angular is a development platform for building mobile and desktop web applications using TypeScript/JavaScript and other languages. Prior to 22.0.1, 21.2.17, and 20.3.25, to optimize client-side bootstrap in Server-Side Rendered SSR environments, Angular supports Hydration via...

8.6CVSS5.9AI score0.00179EPSS
Exploits0References5
RedhatCVE
RedhatCVE
added 2026/06/22 7:3 a.m.14 views

CVE-2026-12804

A flaw was found in lemonldap-ng. A remote attacker could exploit this vulnerability by manipulating the 'url' argument within the SAML Common Domain Cookie Endpoint. This manipulation results in an open redirect, potentially leading to users being redirected to arbitrary malicious websites...

5.3CVSS5.8AI score0.00264EPSS
Exploits0References7
Tenable Nessus
Tenable Nessus
added 2026/06/22 12:0 a.m.10 views

Linux Distros Unpatched Vulnerability : CVE-2026-12804

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A vulnerability was detected in lemonldap-ng up to 2.23.0. Impacted is an unknown function in the library lemonldap-ng-portal/lib/Lemonldap/NG/Portal/CDC.pm of...

5.3CVSS5.3AI score0.00264EPSS
Exploits0References3
OSV
OSV
added 2026/06/21 7:16 p.m.4 views

DEBIAN-CVE-2026-12804

A vulnerability was detected in lemonldap-ng up to 2.23.0. Impacted is an unknown function in the library lemonldap-ng-portal/lib/Lemonldap/NG/Portal/CDC.pm of the component SAML Common Domain Cookie Endpoint. Performing a manipulation of the argument url results in open redirect. The attack is...

5.3CVSS5.2AI score0.00264EPSS
Exploits0References1
OSV
OSV
added 2026/06/21 7:16 p.m.4 views

UBUNTU-CVE-2026-12804

A vulnerability was detected in lemonldap-ng up to 2.23.0. Impacted is an unknown function in the library lemonldap-ng-portal/lib/Lemonldap/NG/Portal/CDC.pm of the component SAML Common Domain Cookie Endpoint. Performing a manipulation of the argument url results in open redirect. The attack is...

5.3CVSS5.2AI score0.00264EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/06/21 6:30 p.m.4 views

CVE-2026-12804

A vulnerability was detected in lemonldap-ng up to 2.23.0. Impacted is an unknown function in the library lemonldap-ng-portal/lib/Lemonldap/NG/Portal/CDC.pm of the component SAML Common Domain Cookie Endpoint. Performing a manipulation of the argument url results in open redirect. The attack is...

5.3CVSS5.3AI score0.00264EPSS
Exploits0References7
CVE
CVE
added 2026/06/21 6:30 p.m.15 views

CVE-2026-12804

Affected software: lemonldap-ng up to 2.23.0. Vulnerable component/file: lemonldap-ng-portal/lib/Lemonldap/NG/Portal/CDC.pm within the SAML Common Domain Cookie Endpoint. Root cause: manipulation of the argument url causes an open redirect. Impact: enables remote exploitation; attack vector is ne...

5.3CVSS5.3AI score0.00264EPSS
Exploits0References6
EUVD
EUVD
added 2026/06/21 6:30 p.m.9 views

EUVD-2026-38190

A vulnerability was detected in lemonldap-ng up to 2.23.0. Impacted is an unknown function in the library lemonldap-ng-portal/lib/Lemonldap/NG/Portal/CDC.pm of the component SAML Common Domain Cookie Endpoint. Performing a manipulation of the argument url results in open redirect. The attack is...

5.3CVSS5.5AI score0.00264EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2026/06/21 6:30 p.m.6 views

CVE-2026-12804 lemonldap-ng SAML Common Domain Cookie Endpoint CDC.pm redirect

A vulnerability was detected in lemonldap-ng up to 2.23.0. Impacted is an unknown function in the library lemonldap-ng-portal/lib/Lemonldap/NG/Portal/CDC.pm of the component SAML Common Domain Cookie Endpoint. Performing a manipulation of the argument url results in open redirect. The attack is...

5.3CVSS5.3AI score0.00264EPSS
Exploits0References4
Rows per page
Query Builder