Lucene search
K

31 matches found

NVD
NVD
added 2026/04/23 8:16 p.m.6 views

CVE-2026-41275

Flowise is a drag & drop user interface to build a customized large language model flow. Prior to 3.1.0, the password reset functionality on cloud.flowiseai.com sends a reset password link over the unsecured HTTP protocol instead of HTTPS. This behavior introduces the risk of a man-in-the-middle...

7.5CVSS0.00192EPSS
Exploits1References2
Opera Security Advisories
Opera Security Advisories
added 2026/03/06 12:0 a.m.16 views

Busting VPN myths: What a VPN can do for your privacy and what it can’t

Privacy Busting VPN myths: What a VPN can do for your privacy and what it can’t Share March 6th, 2026 If you’re reading this blog, you have probably heard of or used a VPN before. The truth is, VPNs are incredibly useful! They are one of the most effective tools for protecting your online privacy...

8.8CVSS7.2AI score0.01654EPSS
Exploits4References1
Packet Storm News
Packet Storm News
added 2026/02/17 12:0 a.m.4 views

TOR Virtual Network Tunneling Tool 0.4.9.5

Tor is a network of virtual tunnels that allows people and groups to improve their privacy and security on the Internet. It also enables software developers to create new communication tools with built-in privacy features. It provides the foundation for a range of applications that allow...

5.7AI score
Exploits0
Packet Storm News
Packet Storm News
added 2025/07/02 12:0 a.m.3 views

TOR Virtual Network Tunneling Tool 0.4.8.17

Tor is a network of virtual tunnels that allows people and groups to improve their privacy and security on the Internet. It also enables software developers to create new communication tools with built-in privacy features. It provides the foundation for a range of applications that allow...

6.8AI score
Exploits0
Talos Blog
Talos Blog
added 2024/07/11 6:0 p.m.20 views

Checking in on the state of cybersecurity and the Olympics

With the 2024 Olympics Opening Ceremony only two weeks away now, there is one thing thats an absolute guarantee of one thing happening during the traditionally unpredictable games: Cyber attacks. Every time there is a new Olympic Games, theres a renewed discussion about how threat actors,...

7.2AI score
Exploits0
CNNVD
CNNVD
added 2024/06/13 12:0 a.m.3 views

ALCASAR Security Vulnerabilities

ALCASAR is a free open source project from ALCASAR Open Source for managing Internet access on public, business or home networks. A security vulnerability exists in ALCASAR versions prior to 3.6.1 that stems from vulnerability to cross-site request forgery and remote code execution attacks...

9.6CVSS7.9AI score0.00352EPSS
Exploits0References3
Prion
Prion
added 2023/11/02 2:15 p.m.20 views

Design/Logic Flaw

Requests to fetch image metadata could be abused to include SQL queries that would be executed unchecked. Exploiting this vulnerability requires at least access to adjacent networks of the imageconverter service, which is not exposed to public networks by default. Arbitrary SQL statements could b...

5.8CVSS8.8AI score0.00371EPSS
Exploits0References2Affected Software1
Fedora
Fedora
added 2021/03/24 2:40 a.m.34 views

[SECURITY] Fedora 33 Update: tor-0.4.5.7-1.fc33

The Tor network is a group of volunteer-operated servers that allows people to improve their privacy and security on the Internet. Tor's users employ this network by connecting through a series of virtual tunnels rather than makin g a direct connection, thus allowing both organizations and...

7.5CVSS2.4AI score0.02096EPSS
Exploits0
Fedora
Fedora
added 2021/01/02 1:9 a.m.71 views

[SECURITY] Fedora 33 Update: tor-0.4.4.6-1.fc33

The Tor network is a group of volunteer-operated servers that allows people to improve their privacy and security on the Internet. Tor's users employ this network by connecting through a series of virtual tunnels rather than makin g a direct connection, thus allowing both organizations and...

2.4AI score
Exploits0
Fedora
Fedora
added 2020/11/21 1:46 a.m.17 views

[SECURITY] Fedora 32 Update: tor-0.4.4.6-1.fc32

The Tor network is a group of volunteer-operated servers that allows people to improve their privacy and security on the Internet. Tor's users employ this network by connecting through a series of virtual tunnels rather than makin g a direct connection, thus allowing both organizations and...

2.4AI score
Exploits0
OSV
OSV
added 2020/09/01 4:15 p.m.20 views

GHSA-MF7C-58Q5-7V65 Downloads Resources over HTTP in npm-test-sqlite3-trunk

Affected versions of npm-test-sqlite3-trunk insecurely download an executable over an unencrypted HTTP connection. In scenarios where an attacker has a privileged network position, it is possible to intercept the response and replace the executable with a malicious one, resulting in code executio...

9.3CVSS8.1AI score0.01752EPSS
Exploits0References2
Fedora
Fedora
added 2020/03/27 10:46 a.m.18 views

[SECURITY] Fedora 30 Update: tor-0.4.2.7-1.fc30

The Tor network is a group of volunteer-operated servers that allows people to improve their privacy and security on the Internet. Tor's users employ this network by connecting through a series of virtual tunnels rather than makin g a direct connection, thus allowing both organizations and...

2.4AI score
Exploits0
RedhatCVE
RedhatCVE
added 2019/10/09 10:51 p.m.27 views

CVE-2018-10928

A flaw was found in RPC request using gfs3symlinkreq in glusterfs server which allows symlink destinations to point to file paths outside of the gluster volume. An authenticated attacker could use this flaw to create arbitrary symlinks pointing anywhere on the server and execute arbitrary code on...

8.8CVSS2.4AI score0.02699EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2019/10/09 10:51 p.m.28 views

CVE-2018-10923

It was found that the "mknod" call derived from mknod2 can create files pointing to devices on a glusterfs server node. An authenticated attacker could use this to create an arbitrary device and read data from any device attached to the glusterfs server node. Mitigation To limit exposure of glust...

8.1CVSS2.6AI score0.01672EPSS
Exploits0References2
Fedora
Fedora
added 2019/03/04 1:51 a.m.23 views

[SECURITY] Fedora 28 Update: tor-0.3.4.11-1.fc28

The Tor network is a group of volunteer-operated servers that allows people to improve their privacy and security on the Internet. Tor's users employ this network by connecting through a series of virtual tunnels rather than makin g a direct connection, thus allowing both organizations and...

7.5CVSS2.4AI score0.04572EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2018/09/04 5:52 a.m.33 views

CVE-2018-10929

A flaw was found in RPC request using gfs2createreq in glusterfs server. An authenticated attacker could use this flaw to create arbitrary files and execute arbitrary code on glusterfs server nodes. Mitigation To limit exposure of gluster server nodes : 1. gluster server should be on LAN and not...

8.8CVSS2.5AI score0.03336EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2018/09/04 5:51 a.m.29 views

CVE-2018-10904

It was found that glusterfs server does not properly sanitize file paths in the "trusted.io-stats-dump" extended attribute which is used by the "debug/io-stats" translator. An attacker can use this flaw to create files and execute arbitrary code. To exploit this, the attacker would require...

8.8CVSS2.7AI score0.03024EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2018/09/04 5:50 a.m.30 views

CVE-2018-10927

A flaw was found in RPC request using gfs3lookupreq in glusterfs server. An authenticated attacker could use this flaw to leak information and execute remote denial of service by crashing gluster brick process. Mitigation To limit exposure of gluster server nodes : 1. gluster server should be on...

8.1CVSS1.5AI score0.02771EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2018/08/30 10:18 p.m.25 views

CVE-2018-15727

Grafana 2.x, 3.x, and 4.x before 4.6.4 and 5.x before 5.2.3 allows authentication bypass because an attacker can generate a valid "remember me" cookie knowing only a username of an LDAP or OAuth user. Mitigation As per upstream Switch to authentication mechanism other than LDAP or OAuth Grafana...

9.8CVSS2.1AI score0.64284EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2018/04/24 2:48 p.m.28 views

CVE-2018-1112

It was found that fix for CVE-2018-1088 introduced a new vulnerability in the way 'auth.allow' is implemented in glusterfs server. An unauthenticated gluster client could mount gluster storage volumes. Mitigation 1. Use TLS Authentication to authenticate gluster clients to limit access to gluster...

8.8CVSS2.2AI score0.05374EPSS
Exploits1References2
Rows per page
Query Builder