Lucene search
K

25 matches found

Nuclei
Nuclei
added 2026/06/15 7:3 a.m.85 views

Gitea Container Registry - Unauthorized Private Image Access

Gitea = 1.26.2. As a temporary workaround, set REQUIRESIGNINVIEW=true in gitea app.ini, though this blocks all anonymous access including public repos. reference: - https://blog.gitea.com/release-of-1.26.2/ - https://github.com/go-gitea/gitea/pull/37290 -...

5.7AI score0.00044EPSS
Exploits1References4
OSV
OSV
added 2026/05/11 4:17 p.m.7 views

PYSEC-2026-150

Wagtail is an open source content management system built on Django. Prior to 7.0.7, 7.3.2, and 7.4, the Documents and Images API incorrectly listed items in private collections. A user with access to the API could see the filename and name of documents and images in private collections. This...

5.3CVSS5.8AI score0.00256EPSS
Exploits0References1
Snyk
Snyk
added 2026/05/08 8:21 p.m.13 views

Improper Handling of Insufficient Permissions or Privileges

Overview wagtail is an open source content management system built on Django. Affected versions of this package are vulnerable to Improper Handling of Insufficient Permissions or Privileges via the API for documents and images. A user with access to the API can access filenames and names of items...

5.3CVSS5.8AI score0.00256EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2012-1606

Malware in sbrugna...

5CVSS6.2AI score0.02401EPSS
Exploits0References8
EUVD
EUVD
added 2025/10/03 8:7 p.m.7 views

EUVD-2022-1990

Malicious code in bioql PyPI...

3.5CVSS4.2AI score0.01172EPSS
Exploits0References5
SUSE CVE
SUSE CVE
added 2025/08/08 11:44 p.m.3 views

SUSE CVE-2015-7561

Kubernetes in OpenShift3 allows remote authenticated users to use the private images of other users should they know the name of said image...

3.1CVSS6.9AI score0.01172EPSS
Exploits0References2
SUSE CVE
SUSE CVE
added 2023/02/15 5:59 a.m.6 views

SUSE CVE-2010-1190

thumb.php in MediaWiki before 1.15.2, when used with access-restriction mechanisms such as imgauth.php, does not check user permissions before providing scaled images, which allows remote attackers to bypass intended access restrictions and read private images via unspecified manipulations...

4.3CVSS6.9AI score0.01429EPSS
Exploits0References4
Snyk
Snyk
added 2022/05/24 5:21 p.m.2 views

Information Exposure

Overview mediawiki/core is a Free software wiki application developed by the Wikimedia Foundation and others. Note: This package is not maintained on Packagist anymore, but newer releases exist. Affected versions of this package are vulnerable to Information Exposure via the imgauth.php process. ...

6.9CVSS6.8AI score0.01302EPSS
Exploits0References2
OSV
OSV
added 2022/05/13 1:9 a.m.9 views

GHSA-2H9C-34V6-3QMR Kubernetes in OpenShift3 Access Control Misconfiguration

Kubernetes in OpenShift3 allows remote authenticated users to use the private images of other users should they know the name of said image...

3.1CVSS3.2AI score0.01172EPSS
Exploits0References5
Github Security Blog
Github Security Blog
added 2022/05/13 1:9 a.m.27 views

Kubernetes in OpenShift3 Access Control Misconfiguration

Kubernetes in OpenShift3 allows remote authenticated users to use the private images of other users should they know the name of said image...

3.5CVSS6.6AI score0.01172EPSS
Exploits0References5Affected Software1
CNVD
CNVD
added 2017/08/08 12:0 a.m.3 views

Red Hat OpenShift3 Kubernetes Sensitive Information Disclosure Vulnerability

Red Hat OpenShift3 is a Platform-as-a-Service PaaS cloud computing platform that builds, tests, deploys and runs applications. A security vulnerability in Red Hat OpenShift3 Kubernetes allows remote attackers to exploit the vulnerability by submitting a special request to access images that are...

3.5CVSS4.4AI score0.01172EPSS
Exploits0References1
NVD
NVD
added 2017/08/07 5:29 p.m.21 views

CVE-2015-7561

Kubernetes in OpenShift3 allows remote authenticated users to use the private images of other users should they know the name of said image...

3.5CVSS3.7AI score0.01172EPSS
Exploits0References2
Prion
Prion
added 2017/08/07 5:29 p.m.18 views

Code injection

Kubernetes in OpenShift3 allows remote authenticated users to use the private images of other users should they know the name of said image...

3.5CVSS6.7AI score0.01172EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2017/08/07 5:0 p.m.71 views

CVE-2015-7561

CVE-2015-7561 in Kubernetes/OpenShift3: remote authenticated users can access other users’ private images if they know the image name. The description provided notes the impact as cross-user image access, but the documents do not specify the root cause details (e.g., how image ownership is enforc...

3.5CVSS3.8AI score0.01172EPSS
Exploits0References2Affected Software2
Cvelist
Cvelist
added 2017/08/07 5:0 p.m.26 views

CVE-2015-7561

Kubernetes in OpenShift3 allows remote authenticated users to use the private images of other users should they know the name of said image...

3.6AI score0.01172EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2017/08/07 12:0 a.m.4 views

PT-2017-7225 · Red Hat +1 · Openshift +1

Name of the Vulnerable Software and Affected Versions: OpenShift3 affected versions not specified Description: The issue allows remote authenticated users to access private images of other users if they know the image name. This is due to an access control misconfiguration in Kubernetes within...

3.5CVSS6.6AI score0.01172EPSS
Exploits0References8
NVD
NVD
added 2012/10/01 12:55 a.m.27 views

CVE-2012-1591

The image module in Drupal 7.x before 7.14 does not properly check permissions when caching derivative image styles of private images, which allows remote attackers to read private image styles...

5CVSS6.4AI score0.02401EPSS
Exploits0References7
UbuntuCve
UbuntuCve
added 2012/10/01 12:55 a.m.36 views

CVE-2012-1591

The image module in Drupal 7.x before 7.14 does not properly check permissions when caching derivative image styles of private images, which allows remote attackers to read private image styles...

5CVSS5.9AI score0.02401EPSS
Exploits0References2
Cvelist
Cvelist
added 2012/10/01 12:0 a.m.36 views

CVE-2012-1591

The image module in Drupal 7.x before 7.14 does not properly check permissions when caching derivative image styles of private images, which allows remote attackers to read private image styles...

6.4AI score0.02401EPSS
Exploits0References7
Debian CVE
Debian CVE
added 2012/10/01 12:0 a.m.39 views

CVE-2012-1591

Removed by vendor...

5CVSS6.8AI score0.02401EPSS
Exploits0
Rows per page
Query Builder