21 matches found
CVE-2026-54350
Budibase is an open-source low-code platform. Prior to 3.39.12, an unauthenticated visitor of any published Budibase app reads every document of the backing MongoDB, CouchDB, Elasticsearch, DynamoDB-PartiQL, or REST-with-JSON-body collection and, where the builder has published a PUBLIC write...
Budibase has nonymous NoSQL operator injection via published-app query templates
Summary enrichContext at packages/server/src/sdk/workspace/queries/queries.ts:121-138 substitutes parameter values into the raw JSON body of a query, then JSON.parses the result. The validator validateQueryInputs at packages/server/src/api/controllers/query/index.ts:61-71 rejects only Handlebars...
CVE-2026-43880
WWBN AVideo is an open source video platform. In versions up to and including 29.0, objects/sendEmail.json.php exposes two branches depending on whether contactForm=1 is submitted. When the parameter is omitted, the endpoint sets $sendTo to an attacker-supplied email and, for unauthenticated...
CVE-2026-43880 WWBN AVideo: Unauthenticated Arbitrary Email Sending via sendEmail.json.php Allows Phishing from Site's Legitimate From Address
WWBN AVideo is an open source video platform. In versions up to and including 29.0, objects/sendEmail.json.php exposes two branches depending on whether contactForm=1 is submitted. When the parameter is omitted, the endpoint sets $sendTo to an attacker-supplied email and, for unauthenticated...
CVE-2026-43880
CVE-2026-43880 involves WWBN AVideo’s endpoint objects/sendEmail.json.php, where unauthenticated calls can send emails using the site’s SMTP and the site’s From/Reply-To identity. When contactForm is omitted, an attacker-supplied email becomes the recipient, while the message From/Reply-To uses t...
AVideo: Unauthenticated Arbitrary Email Sending via sendEmail.json.php Enables Phishing from the Site’s Legitimate From Address
Summary objects/sendEmail.json.php exposes two branches depending on whether contactForm=1 is submitted. When the parameter is omitted, the endpoint sets $sendTo to an attacker-supplied email and, for unauthenticated callers, uses the site's own contact email as the message From:/Reply-To:. The...
PT-2026-37296
Name of the Vulnerable Software and Affected Versions AVideo versions prior to 29.0 Description An issue exists in the 'objects/sendEmail.json.php' endpoint where the absence of the contactForm parameter allows unauthenticated users to send emails to arbitrary recipients. When this parameter is...
EUVD-2025-13305
Malicious code in bioql PyPI...
Unspecified Vulnerability in Gnu Screen
Gnu Screen is an application from the American GNU community. It provides the effect of getting multiple virtual terminals on one physical terminal. Gnu Screen suffers from a security vulnerability that stems from a pseudo-terminal default mode change, which can be exploited by an attacker to cau...
GNU Screen 安全漏洞
Gnu Screen is an application from the American GNU community. It provides the effect of getting multiple virtual terminals on one physical terminal. Gnu Screen suffers from a security vulnerability that stems from a pseudo-terminal default mode change, which can be exploited by an attacker to cau...
CVE-2025-0782
A vulnerability in the S3 bucket configuration for h2oai/h2o-3 allows public write access to the 'h2o-release' bucket. This issue affects all versions and could enable an attacker to overwrite any file in the bucket. As users download binary files such as JARs from this bucket, this vulnerability...
CVE-2025-0782
Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority...
CVE-2025-0782
Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority...
CVE-2025-0782
CVE-2025-0782 is tied to a vulnerability in the S3 bucket configuration used by h2oai/h2o-3, where public write access to the bucket named “h2o-release” could allow an attacker to overwrite any file and potentially enable remote code execution for users downloading binaries. The primary exploit v...
CVE-2025-0782
...
PT-2025-18919 · H2O.Ai · H2O-3
Name of the Vulnerable Software and Affected Versions: h2oai/h2o-3 affected versions not specified Description: A vulnerability in the S3 bucket configuration allows public write access to the 'h2o-release' bucket. This could enable an attacker to overwrite any file in the bucket, potentially...
The vulnerability of Cisco IOS XR operating systems arises from the lack of control over public write permissions for installed application files. This allows attackers to circumvent existing security restrictions.
The vulnerability of Cisco IOS XR operating systems lies in the lack of control over public write permissions for installed application files. Exploiting this vulnerability can allow a perpetrator to circumvent existing security restrictions...
The vulnerability of the validation component of the Aurora operating system, related to the lack of control over public rights to write the installed application files, allows a perpetrator to compromise the confidentiality, integrity, and accessibility of the protected information.
The vulnerability of the validation component of the “Aurora” operating system is related to the lack of control over public rights to write the files that are installed by applications. Exploiting this vulnerability can lead to violations of data confidentiality, integrity, and accessibility...
PT-2024-6136 · Аврора · Аврора
Name of the Vulnerable Software and Affected Versions: Аврора affected versions not specified Description: The issue is related to a component validation vulnerability in the Аврора operating system, which is caused by the lack of control over public write permissions for installed application...
$100K Paid Out for Google Cloud Shell Root Compromise
Google has awarded its inaugural annual top prize for the Google Cloud Platform GCP, for vulnerabilities found in the Google Cloud Shell. The find — a container escape that leads to host root access and the ability to use privileged containers — has earned $100,000 for Dutch researcher Wouter ter...