Lucene search
K

7 matches found

Snyk
Snyk
added 5 days ago6 views

Directory Traversal

Overview Affected versions of this package are vulnerable to Directory Traversal via the process that handles repository dump creation, which uses release tag names and asset names as filesystem path components. An attacker can manipulate file system paths by providing specially crafted release t...

8.7CVSS6.5AI score0.00181EPSS
Exploits0References2
Packet Storm News
Packet Storm News
added 2026/04/29 12:0 a.m.5 views

PrestaShop Version Hunter

psversionhunter.py fingerprints a PrestaShop installation by comparing the versions of its native modules against the module versions bundled with a known PrestaShop release tag. This is useful when a target does not expose the PrestaShop core version directly but still exposes native module...

5.2AI score
Exploits0
ATTACKERKB
ATTACKERKB
added 2026/03/27 6:4 p.m.4 views

CVE-2025-15617

Wazuh version 4.12.0 contains an exposure vulnerability in GitHub Actions workflow artifacts that allows attackers to extract the GITHUBTOKEN from uploaded artifacts. Attackers can use the exposed token within a limited time window to perform unauthorized actions such as pushing malicious commits...

8.3CVSS5.9AI score0.00387EPSS
Exploits1References3Affected Software1
Positive Technologies
Positive Technologies
added 2026/03/27 12:0 a.m.8 views

PT-2026-28280

Wazuh version 4.12.0 contains an exposure vulnerability in GitHub Actions workflow artifacts that allows attackers to extract the GITHUB TOKEN from uploaded artifacts. Attackers can use the exposed token within a limited time window to perform unauthorized actions such as pushing malicious commit...

8.3CVSS5.9AI score0.00387EPSS
Exploits1References6
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2024-1715

Malicious code in bioql PyPI...

6.8CVSS6.2AI score0.00787EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2025/08/30 12:0 a.m.5 views

Linux Distros Unpatched Vulnerability : CVE-2021-22172

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Improper authorization in GitLab 12.8+ allows a guest user in a private project to view tag data that should be inaccessible on the releases page CVE-2021-22172...

4.3CVSS5AI score0.01023EPSS
Exploits1References2
OSV
OSV
added 2024/03/06 12:40 p.m.8 views

CLSA-2024-1709728814 Update of linux-firmware

Update AMD CPU microcode to 2023-12-05: - Update AMD CPU microcode for processor family 19h: sig 0x00a10f12, sig 0x00aa0f02, sig 0x00aa0f01, sig 0x00a10f11; - Update AMD CPU microcode for processor family 17h: sig 0x00830f10; - Fix adding AMD CPU microcode for processor family 19h; - Fix release...

5.8AI score
Exploits0References1
Rows per page
Query Builder