Lucene search
K

5 matches found

Positive Technologies
Positive Technologies
added 2026/03/10 12:0 a.m.8 views

PT-2026-24434

LinkAce is a self-hosted archive to collect website links. When a user creates a link via POST /links, the server fetches HTML metadata from the provided URL LinkRepository::create calls HtmlMeta::getFromUrl. The LinkStoreRequest validation rules do not include NoPrivateIpRule, allowing server-si...

7.7CVSS5.8AI score0.00218EPSS
Exploits0References2
ICS
ICS
added 2025/06/05 6:0 a.m.7 views

CyberData 011209 SIP Emergency Intercom

RISK EVALUATION Successful exploitation of these vulnerabilities could allow an attacker to disclose sensitive information, cause a denial-of-service condition, or achieve code execution. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation...

8.1AI score
Exploits0References10
OSV
OSV
added 2019/02/18 11:57 p.m.1 views

GHSA-QX9M-27WH-7FJG Downloads Resources over HTTP in jvminstall

Affected versions of jvminstall insecurely download an executable over an unencrypted HTTP connection. In scenarios where an attacker has a privileged network position, it is possible to intercept the response and replace the executable with a malicious one, resulting in code execution on the...

9.3CVSS7.5AI score0.01682EPSS
Exploits0References3
OSV
OSV
added 2019/02/18 11:54 p.m.3 views

GHSA-3X83-P476-VV95 Downloads Resources over HTTP in selenium-standalone-painful

Affected versions of selenium-standalone-painful insecurely download an executable over an unencrypted HTTP connection. In scenarios where an attacker has a privileged network position, it is possible to intercept the response and replace the executable with a malicious one, resulting in code...

9.3CVSS7.5AI score0.02021EPSS
Exploits0References3
OSV
OSV
added 2019/02/18 11:45 p.m.4 views

GHSA-5PQ8-2Q24-MJ3P Downloads Resources over HTTP in fis-parser-sass-bin

Affected versions of fis-parser-sass-bin insecurely download an executable over an unencrypted HTTP connection. In scenarios where an attacker has a privileged network position, it is possible to intercept the response and replace the executable with a malicious one, resulting in code execution o...

9.3CVSS7.5AI score0.01682EPSS
Exploits0References3
Rows per page
Query Builder