Lucene search
K

7 matches found

RedhatCVE
RedhatCVE
•added 2026/03/26 3:3 p.m.•5 views

CVE-2026-32097

PingPong is a platform for using large language models LLMs for teaching and learning. Prior to 7.27.2, an authenticated user may be able to retrieve or delete files outside the intended authorization scope. This issue could result in retrieval or deletion of private files, including user-uploade...

8.8CVSS5.8AI score0.00288EPSS
Exploits0References1
Positive Technologies
Positive Technologies
•added 2026/03/11 12:0 a.m.•3 views

PT-2026-24816

🚨 CVE-2026-32097 PingPong is a platform for using large language models LLMs for teaching and learning. Prior to 7.27.2, an authenticated user may be able to retrieve or delete files outside the intended authorization scope. This issue could result in retrieval or deletion of private files,...

8.8CVSS5.7AI score0.00288EPSS
Exploits0References6
Vulnrichment
Vulnrichment
•added 2025/12/17 10:44 p.m.•4 views

CVE-2023-53930 ProjectSend r1605 Insecure Direct Object Reference File Download Vulnerability

ProjectSend r1605 contains an insecure direct object reference vulnerability that allows unauthenticated attackers to download private files by manipulating the download ID parameter. Attackers can access any user's private files by changing the 'id' parameter in the download request to process.p...

7.5CVSS6.6AI score0.00323EPSS
Exploits1References3
Cvelist
Cvelist
•added 2025/12/17 10:44 p.m.•22 views

CVE-2023-53930 ProjectSend r1605 Insecure Direct Object Reference File Download Vulnerability

ProjectSend r1605 contains an insecure direct object reference vulnerability that allows unauthenticated attackers to download private files by manipulating the download ID parameter. Attackers can access any user's private files by changing the 'id' parameter in the download request to process.p...

7.5CVSS0.00323EPSS
Exploits1References3
Snyk
Snyk
•added 2022/11/28 10:31 a.m.•3 views

Directory Traversal

Overview static-dev-server is an A simple http server to serve static resource files from a local directory and auto reload when file change. Affected versions of this package are vulnerable to Directory Traversal. This is because when paths from users to the root directory are joined, the assets...

7.5CVSS7.4AI score0.00959EPSS
Exploits1References2
CNNVD
CNNVD
•added 2022/11/01 12:0 a.m.•70 views

GitHub Enterprise Server å®‰å…Øę¼ę“ž

GitHub Enterprise Server is a U.S. GitHub open source application. It provides a platform for setting up your own GitHub instance as a virtual appliance, thus providing a scalable, easy-to-manage platform. A security vulnerability exists in GitHub Enterprise Server 3.6 and earlier versions, which...

5.7CVSS5.9AI score0.00634EPSS
Exploits0References6
ATTACKERKB
ATTACKERKB
•added 2022/06/07 7:15 p.m.•4 views

CVE-2022-30731

Improper access control vulnerability in My Files prior to version 13.1.00.193 allows attackers to access arbitrary private files in My Files application...

5.5CVSS5.9AI score0.0019EPSS
Exploits0References2
Rows per page
Query Builder