Lucene search
K

7 matches found

EUVD
EUVD
added 2026/06/23 3:41 p.m.7 views

EUVD-2026-38471

n8n is an open source workflow automation platform. Prior to 2.25.7 and 2.26.2, an authenticated user with permission to create or modify workflows could pollute the sandbox used by the Merge node's SQL Query mode. Because the sandbox context was cached and reused across all workflow executions o...

6CVSS6AI score0.00316EPSS
Exploits0References1
Packet Storm
Packet Storm
added 2026/02/23 12:0 a.m.137 views

📄 Termius 9.9.0 Remote Code Execution

This Metasploit module demonstrates a remote code execution vulnerability in the Termius Electron application caused by an exposed symbol in the global JavaScript Symbol Registry. By accessing a shared Symbol.for key that unintentionally references preloaded Node.js modules, attacker-controlled...

6.8AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/11/11 12:41 a.m.2 views

Malicious code in complex-jade-tern (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 815a719b585b622b13ca83a1818128b59319277cbb85f5dbc1326fde0604a5a4 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

6.9AI score
Exploits0
OSV
OSV
added 2024/02/28 6:19 p.m.4 views

DRUPAL-CONTRIB-2024-012

This module gives each node a 'private' checkbox. If it's set, the node can only be seen by the node author, or users with the 'access private content' permission. The module incorrectly grants access to private nodes under certain specific circumstances. This vulnerability is mitigated by the fa...

5.5CVSS6.7AI score0.00182EPSS
Exploits0References1
Hacker One
Hacker One
added 2020/04/21 12:58 a.m.32 views

Monero: Unix time unlock_time values have dangerous validation rules enabling a number of exploits

Initially found by TheCharlatan, discussed with and expanded on by Isthmus, impacts all releases of monero and monero wallets Description The unlocktime field in monero transaction dictates when a transaction's outputs can be spent again. This rule is enforced by the consensus code in...

6.5AI score
Exploits0
CNVD
CNVD
added 2020/03/09 12:0 a.m.3 views

SAP NetWeaver AS Java Information Disclosure Vulnerability (CNVD-2020-18535)

SAP NetWeaver Application Server Java is a German SAP SAP company provides a Java runtime environment of the application server. The product is mainly used to develop and run Java EE applications. An information disclosure vulnerability exists in SAP NetWeaver AS Java. An attacker can exploit thi...

5.8CVSS6.2AI score0.00896EPSS
Exploits0References1
CNVD
CNVD
added 2019/12/09 12:0 a.m.2 views

SROS 2 Information Disclosure Vulnerability

SROS 2 is a tool for generating and distributing SROS keys. SROS 2 suffers from an information disclosure vulnerability. An attacker can exploit this vulnerability to disclose information about the nodes associated with ROS 2...

7.5CVSS6.2AI score0.02146EPSS
Exploits1References1
Rows per page
Query Builder