Lucene search
+L

12 matches found

OSV
OSV
added 2026/03/20 11:6 p.m.6 views

CVE-2026-33423 Discourse staff can modify any user's group notification level

Discourse is an open-source discussion platform. Prior to versions 2026.3.0-latest.1, 2026.2.1, and 2026.1.2, staff can modify any user's group notification level. Versions 2026.3.0-latest.1, 2026.2.1, and 2026.1.2 contain a patch. No known workarounds are available...

5.3CVSS5.9AI score0.00198EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2026/01/20 6:18 p.m.7 views

CVE-2026-23646

OpenProject is an open-source, web-based project management software. Users of OpenProject versions prior to 16.6.5 and 17.0.1 have the ability to view and end their active sessions via Account Settings → Sessions. When deleting a session, it was not properly checked if the session belongs to the...

6.5CVSS5.6AI score0.00315EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 9:2 a.m.4 views

CVE-2023-25573

metersphere is an open source continuous testing platform. In affected versions an improper access control vulnerability exists in /api/jmeter/download/files, which allows any user to download any file without authentication. This issue may expose all files available to the running process. This...

8.6CVSS6.8AI score0.49851EPSS
Exploits1References1
Tenable Nessus
Tenable Nessus
added 2025/08/18 12:0 a.m.5 views

Linux Distros Unpatched Vulnerability : CVE-2022-24775

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - guzzlehttp/psr7 is a PSR-7 HTTP message library. Versions prior to 1.8.4 and 2.1.1 are vulnerable to improper header parsing. An attacker could sneak in a new...

7.5CVSS7.2AI score0.02384EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2023/11/16 12:0 a.m.8 views

PT-2023-8853

Name of the Vulnerable Software and Affected Versions Vim versions prior to 9.0.2106 Description The issue is related to the function win close in the text editor Vim, where it may try to access an already freed window structure when closing a window. This could potentially allow an attacker to...

5CVSS6.5AI score0.00749EPSS
Exploits0References95
OSV
OSV
added 2022/02/24 7:55 p.m.7 views

CVE-2022-24709 Cross site scripting in @awsui/components-react

@awsui/components-react is the main AWS UI package which contains React components, with TypeScript definitions designed for user interface development. Multiple components in versions before 3.0.367 have been found to not properly neutralize user input and may allow for javascript injection. Use...

8.8CVSS7AI score0.00692EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2020/12/24 12:0 a.m.224 views

GLSA-202012-20 : Mozilla Firefox, Mozilla Thunderbird: Multiple vulnerabilities

The remote host is affected by the vulnerability described in GLSA-202012-20 Mozilla Firefox, Mozilla Thunderbird: Multiple vulnerabilities Multiple vulnerabilities have been discovered in Mozilla Firefox and Mozilla Thunderbird. Please review the CVE identifiers referenced below for details...

8.8CVSS7.7AI score0.01876EPSS
Exploits0References10
Tenable Nessus
Tenable Nessus
added 2019/09/03 12:0 a.m.42 views

GLSA-201908-29 : Dovecot: Multiple vulnerabilities

The remote host is affected by the vulnerability described in GLSA-201908-29 Dovecot: Multiple vulnerabilities Multiple vulnerabilities have been discovered in Dovecot. Please review the CVE identifiers referenced below for details. Impact : An unauthenticated remote attacker could send a special...

9.8CVSS8.7AI score0.62579EPSS
Exploits1References3
Tenable Nessus
Tenable Nessus
added 2017/11/13 12:0 a.m.42 views

GLSA-201711-07 : ImageMagick: Multiple vulnerabilities

The remote host is affected by the vulnerability described in GLSA-201711-07 ImageMagick: Multiple vulnerabilities Multiple vulnerabilities have been discovered in ImageMagick. Please review the referenced CVE identifiers for details. Impact : Remote attackers, by enticing a user to process a...

9.8CVSS6.4AI score0.04018EPSS
Exploits10References44
Gentoo Linux
Gentoo Linux
added 2017/09/17 12:0 a.m.77 views

Git: Command injection

Background Git is a small and fast distributed version control system designed to handle small and large projects. Description Specially crafted ‘ssh://...’ URLs may allow the owner of the repository to execute arbitrary commands on client’s machine if those commands are already installed on the...

8.8CVSS9AI score0.77823EPSS
Exploits9
Tenable Nessus
Tenable Nessus
added 2014/12/15 12:0 a.m.33 views

GLSA-201412-17 : GPL Ghostscript: Multiple vulnerabilities

The remote host is affected by the vulnerability described in GLSA-201412-17 GPL Ghostscript: Multiple vulnerabilities Multiple vulnerabilities have been discovered in GPL Ghostscript. Please review the CVE identifiers referenced below for details. Impact : A context-dependent attacker could enti...

9.3CVSS6.2AI score0.07486EPSS
Exploits6References10
Tenable Nessus
Tenable Nessus
added 2004/11/16 12:0 a.m.28 views

GLSA-200411-22 : Davfs2, lvm-user: Insecure tempfile handling

The remote host is affected by the vulnerability described in GLSA-200411-22 Davfs2, lvm-user: Insecure tempfile handling Florian Schilhabel from the Gentoo Linux Security Audit Team found that Davfs2 insecurely created .pid files in /tmp. Furthermore, Trustix Secure Linux found that the...

2.1CVSS5.6AI score0.00393EPSS
Exploits0References2
Rows per page
Query Builder