Lucene search
K

5 matches found

Positive Technologies
Positive Technologies
added 5 days ago9 views

PT-2026-55524

Name of the Vulnerable Software and Affected Versions Eclipse Theia versions 1.26.0 and later Description The backend /services/request-service RPC accepts a URL controlled by an attacker from any client connected to the standard /services messaging endpoint. The server performs the HTTP request...

8.5CVSS6.1AI score0.00297EPSS
Exploits0References7
CVE
CVE
added 2025/09/19 3:21 p.m.14 views

CVE-2025-59344

AliasVault API <= 0.23.0 is affected by an SSRF in the favicon extraction flow. The extractor fetches a user-supplied URL, parses HTML, and follows . It validates the initial URL to HTTP(S) default ports but follows redirects and does not block loopback/internal IP ranges, allowing an authenti...

7.7CVSS6.7AI score0.00299EPSS
Exploits0References4
Github Security Blog
Github Security Blog
added 2022/05/13 1:7 a.m.13 views

Traefik Missing Authentication

Containous Traefik 1.6.x before 1.6.6, when --api is used, exposes the configuration and secret if authentication is missing and the API's port is publicly reachable...

7.5CVSS7.2AI score0.02868EPSS
Exploits0References6Affected Software1
Tenable Nessus
Tenable Nessus
added 2015/08/13 12:0 a.m.27 views

FreeBSD : froxlor -- database password information leak (9ee72858-4159-11e5-93ad-002590263bf5)

[email protected] reports : An unauthenticated remote attacker is able to get the database password via webaccess due to wrong file permissions of the /logs/ folder in froxlor version 0.9.33.1 and earlier. The plain SQL password and username may be stored in the /logs/sql-error.log file...

9.8CVSS8.6AI score0.03144EPSS
Exploits0References5
FreeBSD
FreeBSD
added 2015/07/29 12:0 a.m.27 views

froxlor -- database password information leak

[email protected] reports: An unauthenticated remote attacker is able to get the database password via webaccess due to wrong file permissions of the /logs/ folder in froxlor version 0.9.33.1 and earlier. The plain SQL password and username may be stored in the /logs/sql-error.log file...

9.8CVSS9.3AI score0.03144EPSS
Exploits0References2
Rows per page
Query Builder