Lucene search
K

5 matches found

ATTACKERKB
ATTACKERKB
added 14 hours ago6 views

CVE-2026-8804

Puppet resourceapi shipped in Puppet Core 8.x and Puppet Enterprise 2023.8.x and 2025.x does not preserve the sensitive flag on parameters defined via the resource-api, causing values such as passwords to be stored in cleartext in the agent's local transaction state cache. Affected versions of th...

6.7CVSS5.9AI score
Exploits0References2Affected Software2
CVE
CVE
added 14 hours ago13 views

CVE-2026-8804

The CVE concerns Puppet’s resource_api (bundled with Puppet Core 8.x and Puppet Enterprise 2023.8.x and 2025.x). A vulnerability exists where the sensitive flag on parameters defined via the resource-api is not preserved, causing values such as passwords to be stored in cleartext in the agent’s l...

6.7CVSS5.9AI score
Exploits0References1
EUVD
EUVD
added 14 hours ago4 views

EUVD-2026-41516

Puppet resourceapi shipped in Puppet Core 8.x and Puppet Enterprise 2023.8.x and 2025.x does not preserve the sensitive flag on parameters defined via the resource-api, causing values such as passwords to be stored in cleartext in the agent's local transaction state cache. Affected versions of th...

6.7CVSS5.9AI score
Exploits0References1
NVD
NVD
added 2025/10/17 6:15 p.m.2 views

CVE-2025-62421

DataEase is a data visualization and analytics platform. In DataEase versions through 2.10.13, a stored cross-site scripting vulnerability exists due to improper file upload validation and authentication bypass. The StaticResourceApi interface defines a route upload/fileId that uses a URL path...

6.9CVSS0.0026EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2022/09/09 8:15 p.m.3 views

CVE-2022-38638

Casdoor v1.97.3 was discovered to contain an arbitrary file write vulnerability via the fullFilePath parameter at /api/upload-resource...

9.1CVSS5.9AI score0.00965EPSS
Exploits1References2
Rows per page
Query Builder