Lucene search
K

5 matches found

OSV
OSV
added 2026/04/16 11:36 p.m.4 views

BIT-AUTHENTIK-2024-47077 authentik cross-provider token validation problems

authentik is an open-source identity provider. Prior to versions 2024.8.3 and 2024.6.5, access tokens issued to one application can be stolen by that application and used to impersonate the user against any other proxy provider. Also, a user can steal an access token they were legitimately issued...

6.5CVSS5.7AI score0.00417EPSS
Exploits0References6
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2020-18822

Malware in sbrugna...

9.1CVSS9.2AI score0.0059EPSS
Exploits0References2
NVD
NVD
added 2025/01/29 12:15 p.m.14 views

CVE-2024-54461

The file names constructed within fileselector are missing sanitization checks leaving them vulnerable to malicious document providers. This may result in cases where a user with a malicious document provider installed can select a document file from that provider while using your app and could...

7.1CVSS0.00198EPSS
Exploits0References1
CNNVD
CNNVD
added 2024/05/16 12:0 a.m.5 views

LlamaIndex Code Injection Vulnerability

LlamaIndex is a data framework for LLM applications by the individual developer Jerry Liu. A code injection vulnerability exists in LlamaIndex version 0.9.47, which stems from improper use of the eval function and allows a malicious or compromised LLM hosting provider to execute arbitrary command...

8.8CVSS8.1AI score0.02118EPSS
Exploits1References3
CNVD
CNVD
added 2018/09/17 12:0 a.m.2 views

Tianjin Jin Yi Fang Network Information Technology Co., Ltd. Yi Fang Network APP has information leakage vulnerability

Bfang.com app is the exclusive software for registered users of Tianjin Bfang.com. Covering a wealth of real estate, houses, high-rise, villas, SOHO, stores. CAPTCHA information leakage: This vulnerability is mainly in the registration, the server will return the verification code to the client,...

6.8AI score
Exploits0
Rows per page
Query Builder