Lucene search
K

126628 matches found

AlpineLinux
AlpineLinux
added 2026/04/01 12:0 a.m.5 views

CVE-2026-25834

Mbed TLS v3.3.0 up to 3.6.5 and 4.0.0 allows Algorithm Downgrade...

6.5CVSS5.8AI score0.00135EPSS
Exploits0
Positive Technologies
Positive Technologies
added 2026/04/01 12:0 a.m.7 views

PT-2026-29824

Summary run python in praisonai constructs a shell command string by interpolating user-controlled code into python3 -c "" and passing it to subprocess.run..., shell=True. The escaping logic only handles and ", leaving $ and backtick substitutions unescaped, allowing arbitrary OS command executio...

7.8CVSS6.3AI score0.00545EPSS
Exploits1References4
Tenable Nessus
Tenable Nessus
added 2026/04/01 12:0 a.m.12 views

Amazon Linux 2023 : python3.13-tornado (ALAS2023-2026-1528)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2026-1528 advisory. Tornado is a Python web framework and asynchronous networking library. In versions 6.5.2 and below, the supplied reason phrase is used unescaped in HTTP headers where it could be used for head...

8.7CVSS6.6AI score0.00396EPSS
Exploits0References10
OpenVAS
OpenVAS
added 2026/04/01 12:0 a.m.4 views

Fedora: Security Advisory (FEDORA-2026-99de392ccb)

The remote host is missing an update for the SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

6.5CVSS5.9AI score0.00379EPSS
Exploits1References4
Snyk
Snyk
added 2026/04/01 12:0 a.m.2 views

Selection of Less-Secure Algorithm During Negotiation ('Algorithm Downgrade')

Overview Affected versions of this package are vulnerable to Selection of Less-Secure Algorithm During Negotiation 'Algorithm Downgrade' in the TLS 1.3 session resumption logic if the subsequent ClientHello negotiates TLS 1.2 back. An attacker can gain unauthorized access by impersonating a...

9.1CVSS5.8AI score0.00241EPSS
Exploits0References2
OSV
OSV
added 2026/03/31 11:15 p.m.2 views

GHSA-4WWR-7H7C-CHQR AVideo's CSRF on Admin Plugin Configuration Enables Payment Credential Hijacking

Summary AVideo's admin plugin configuration endpoint admin/save.json.php lacks any CSRF token validation. There is no call to isGlobalTokenValid or verifyToken before processing the request. Combined with the application's explicit SameSite=None cookie policy, an attacker can forge cross-origin...

8.1CVSS6.1AI score0.00233EPSS
Exploits1References3
Github Security Blog
Github Security Blog
added 2026/03/31 11:15 p.m.5 views

AVideo's CSRF on Admin Plugin Configuration Enables Payment Credential Hijacking

Summary AVideo's admin plugin configuration endpoint admin/save.json.php lacks any CSRF token validation. There is no call to isGlobalTokenValid or verifyToken before processing the request. Combined with the application's explicit SameSite=None cookie policy, an attacker can forge cross-origin...

8.1CVSS6.1AI score0.00233EPSS
Exploits1References3Affected Software1
Snyk
Snyk
added 2026/03/31 11:10 p.m.3 views

Access Control Bypass

Overview admidio/admidio is a free open source user management system for websites of organizations and groups. Affected versions of this package are vulnerable to Access Control Bypass due to improper enforcement of access control in the admmyfiles directory when Apache is configured with...

8.7CVSS5.8AI score0.00575EPSS
Exploits1References2
Github Security Blog
Github Security Blog
added 2026/03/31 11:10 p.m.3 views

Admidio allows Unauthenticated Access to Role-Restricted documents via neutralized .htaccess

Summary Admidio relies on admmyfiles/.htaccess to deny direct HTTP access to uploaded documents. The Docker image ships with AllowOverride None in the Apache configuration, which causes Apache to silently ignore all .htaccess files. As a result, any file uploaded to the documents module regardles...

7.5CVSS5.9AI score0.00575EPSS
Exploits1References4Affected Software1
OSV
OSV
added 2026/03/31 11:10 p.m.2 views

GHSA-7FH7-8XQM-3G88 Admidio allows Unauthenticated Access to Role-Restricted documents via neutralized .htaccess

Summary Admidio relies on admmyfiles/.htaccess to deny direct HTTP access to uploaded documents. The Docker image ships with AllowOverride None in the Apache configuration, which causes Apache to silently ignore all .htaccess files. As a result, any file uploaded to the documents module regardles...

7.5CVSS5.9AI score0.00575EPSS
Exploits1References4
OSV
OSV
added 2026/03/31 10:53 p.m.6 views

GHSA-VV7Q-7JX5-F767 FastMCP OpenAPI Provider has an SSRF & Path Traversal Vulnerability

Technical Description The OpenAPIProvider in FastMCP exposes internal APIs to MCP clients by parsing OpenAPI specifications. The RequestDirector class is responsible for constructing HTTP requests to the backend service. A critical vulnerability exists in the buildurl method. When an OpenAPI...

10CVSS6AI score0.00988EPSS
Exploits1References6
Github Security Blog
Github Security Blog
added 2026/03/31 10:53 p.m.9 views

FastMCP OpenAPI Provider has an SSRF & Path Traversal Vulnerability

Technical Description The OpenAPIProvider in FastMCP exposes internal APIs to MCP clients by parsing OpenAPI specifications. The RequestDirector class is responsible for constructing HTTP requests to the backend service. A critical vulnerability exists in the buildurl method. When an OpenAPI...

10CVSS6AI score0.00988EPSS
Exploits1References6Affected Software1
OSV
OSV
added 2026/03/31 10:27 p.m.1 views

GHSA-QXMC-6F24-G86G baserCMS has OS Command Injection Leading to Remote Code Execution (RCE)

Summary In the core update functionality of baserCMS, some parameters sent from the admin panel are passed to the exec function without proper validation or escaping. This issue allows an authenticated CMS administrator to execute arbitrary OS commands on the server Remote Code Execution, RCE. Th...

9.1CVSS6.5AI score0.02282EPSS
Exploits1References5
Github Security Blog
Github Security Blog
added 2026/03/31 10:27 p.m.5 views

baserCMS has OS Command Injection Leading to Remote Code Execution (RCE)

Summary In the core update functionality of baserCMS, some parameters sent from the admin panel are passed to the exec function without proper validation or escaping. This issue allows an authenticated CMS administrator to execute arbitrary OS commands on the server Remote Code Execution, RCE. Th...

9.1CVSS6.5AI score0.02282EPSS
Exploits1References5Affected Software1
NVD
NVD
added 2026/03/31 9:16 p.m.4 views

CVE-2026-34739

WWBN AVideo is an open source video platform. In versions 26.0 and prior, the UserLocation plugin's testIP.php page reflects the ip request parameter directly into an HTML input element without applying htmlspecialchars or any other output encoding. This allows an attacker to inject arbitrary HTM...

6.1CVSS0.0022EPSS
Exploits1References1
NVD
NVD
added 2026/03/31 9:16 p.m.13 views

CVE-2026-34611

WWBN AVideo is an open source video platform. In versions 26.0 and prior, the AVideo endpoint objects/emailAllUsers.json.php allows administrators to send HTML emails to every registered user on the platform. While the endpoint verifies admin session status, it does not validate a CSRF token...

6.5CVSS0.00157EPSS
Exploits1References1
NVD
NVD
added 2026/03/31 9:16 p.m.6 views

CVE-2026-34613

WWBN AVideo is an open source video platform. In versions 26.0 and prior, the AVideo endpoint objects/pluginSwitch.json.php allows administrators to enable or disable any installed plugin. The endpoint checks for an active admin session but does not validate a CSRF token. Additionally, the plugin...

6.5CVSS0.00201EPSS
Exploits1References1
NVD
NVD
added 2026/03/31 9:16 p.m.7 views

CVE-2026-34381

Admidio is an open-source user management solution. From version 5.0.0 to before version 5.0.8, Admidio relies on admmyfiles/.htaccess to deny direct HTTP access to uploaded documents. The Docker image ships with AllowOverride None in the Apache configuration, which causes Apache to silently igno...

7.5CVSS0.00575EPSS
Exploits1References2
NVD
NVD
added 2026/03/31 9:16 p.m.11 views

CVE-2026-34394

WWBN AVideo is an open source video platform. In versions 26.0 and prior, AVideo's admin plugin configuration endpoint admin/save.json.php lacks any CSRF token validation. There is no call to isGlobalTokenValid or verifyToken before processing the request. Combined with the application's explicit...

8.1CVSS0.00233EPSS
Exploits1References1
ATTACKERKB
ATTACKERKB
added 2026/03/31 8:56 p.m.4 views

CVE-2026-34739

WWBN AVideo is an open source video platform. In versions 26.0 and prior, the UserLocation plugin's testIP.php page reflects the ip request parameter directly into an HTML input element without applying htmlspecialchars or any other output encoding. This allows an attacker to inject arbitrary HTM...

6.1CVSS6AI score0.0022EPSS
Exploits1References2Affected Software1
Rows per page
Query Builder