Lucene search
K

88 matches found

CNNVD
CNNVD
added 2026/04/21 12:0 a.m.12 views

WWBN AVideo 代码问题漏洞

WWBN AVideo is a video platform building system developed by the WWBN team using PHP. Versions of WWBN AVideo prior to 29.0 contained code vulnerabilities. These vulnerabilities stemmed from the isSSRFSafeURL function in objects/functions.php, which had a short-circuit syntax within the same...

7.7CVSS5.9AI score0.003EPSS
Exploits1References1
NVD
NVD
added 2026/04/09 5:16 p.m.11 views

CVE-2026-39974

n8n-MCP is a Model Context Protocol MCP server that provides AI assistants with comprehensive access to n8n node documentation, properties, and operations. Prior to 2.47.4, an authenticated Server-Side Request Forgery in n8n-mcp allows a caller holding a valid AUTHTOKEN to cause the server to iss...

8.5CVSS0.00316EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/04/06 12:0 a.m.4 views

PT-2026-30739

Name of the Vulnerable Software and Affected Versions Open edX Platform affected versions not specified Description The Open edX Platform allows for the creation and delivery of online learning content. The view survey API endpoint is susceptible to an open redirect issue due to the lack of...

6.1CVSS5.8AI score0.00223EPSS
Exploits1References6
OSV
OSV
added 2026/03/26 6:8 p.m.6 views

GHSA-G39V-QRJ6-JXRH AVideo: IDOR in AI Plugin Allows Stealing Other Users' AI-Generated Metadata and Transcriptions

Summary The AI plugin's save.json.php endpoint loads AI response objects using an attacker-controlled $REQUEST'id' parameter without validating that the AI response belongs to the specified video. An authenticated user with AI permissions can reference any AI response ID — including those generat...

4.3CVSS5.9AI score0.00214EPSS
Exploits1References4
ATTACKERKB
ATTACKERKB
added 2026/03/25 10:44 p.m.5 views

CVE-2026-33911

OpenEMR is a free and open source electronic health records and medical practice management application. Prior to version 8.0.0.3, the POST parameter title is reflected back in a JSON response built with jsonencode. Because the response is served with a text/html Content-Type, the browser...

5.4CVSS6AI score0.00228EPSS
Exploits0References4Affected Software1
Github Security Blog
Github Security Blog
added 2026/03/12 2:23 p.m.9 views

SiYuan has a Full-Read SSRF via /api/network/forwardProxy

Summary The /api/network/forwardProxy endpoint allows authenticated users to make arbitrary HTTP requests from the server. The endpoint accepts a user-controlled URL and makes HTTP requests to it, returning the full response body and headers. There is no URL validation to prevent requests to...

8.3CVSS5.9AI score0.00278EPSS
Exploits1References3Affected Software1
UbuntuCve
UbuntuCve
added 2026/02/23 8:28 p.m.6 views

CVE-2025-67733

Valkey is a distributed key-value database. Prior to versions 9.0.2, 8.1.6, 8.0.7, and 7.2.12, a malicious user can use scripting commands to inject arbitrary information into the response stream for the given client, potentially corrupting or returning tampered data to other users on the same...

8.5CVSS5.9AI score0.00586EPSS
Exploits0References3
AlpineLinux
AlpineLinux
added 2026/02/23 7:39 p.m.2 views

CVE-2025-67733

Valkey is a distributed key-value database. Prior to versions 9.0.2, 8.1.6, 8.0.7, and 7.2.12, a malicious user can use scripting commands to inject arbitrary information into the response stream for the given client, potentially corrupting or returning tampered data to other users on the same...

8.5CVSS5.7AI score0.00586EPSS
Exploits0
Github Security Blog
Github Security Blog
added 2026/02/16 3:32 p.m.6 views

Mattermost fails to properly validate team membership when processing channel mentions

Mattermost versions 11.1.x = 11.1.2, 10.11.x = 10.11.9, 11.2.x = 11.2.1 fail to properly validate team membership when processing channel mentions which allows authenticated users to determine the existence of teams and their URL names via posting channel shortlinks and observing the...

4.3CVSS5.5AI score0.00162EPSS
Exploits0References4Affected Software2
Packet Storm
Packet Storm
added 2026/01/28 12:0 a.m.152 views

📄 Django Summernote 0.8.20.0 Unrestricted File Upload Scanner

This Metasploit Auxiliary Scanner module detects unrestricted file upload vulnerabilities in django-summernote. It targets misconfigurations where image validation depends on the Pillow library and allows non-image files to be uploaded when Pillow is missing. The module safely scans common upload...

5.9AI score
Exploits0
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2007-3383

Malware in sbrugna...

5CVSS6.4AI score0.02149EPSS
Exploits0References7
EUVD
EUVD
added 2025/10/03 8:7 p.m.11 views

EUVD-2022-4181

Malicious code in bioql PyPI...

4CVSS4.2AI score0.00442EPSS
Exploits0References3
Microsoft CVE
Microsoft CVE
added 2025/09/04 3:42 a.m.8 views

Libopensc: uninitialized values after incorrect check or usage of apdu response values in libopensc

...

3.9CVSS6.7AI score0.00355EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2025/08/30 12:0 a.m.5 views

Linux Distros Unpatched Vulnerability : CVE-2019-16779

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In RubyGem excon before 0.71.0, there was a race condition around persistent connections, where a connection which is interrupted such as by a timeout would lea...

5.9CVSS5.8AI score0.014EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/08/30 12:0 a.m.3 views

Linux Distros Unpatched Vulnerability : CVE-2025-32366

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In ConnMan through 1.44, parserr in dnsproxy.c has a memcpy length that depends on an RR RDLENGTH value, i.e., rdlen=ntohsrr-rdlen and...

4.8CVSS5.9AI score0.0035EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2025/08/04 11:22 p.m.1 views

SUSE CVE-2025-54956

The gh package before 1.5.0 for R delivers an HTTP response in a data structure that includes the Authorization header from the corresponding HTTP request...

3.2CVSS7AI score0.0014EPSS
Exploits0References3
OSV
OSV
added 2025/06/09 6:15 a.m.4 views

CVE-2025-47711

There's a flaw in the nbdkit server when handling responses from its plugins regarding the status of data blocks. If a client makes a specific request for a very large data range, and a plugin responds with an even larger single block, the nbdkit server can encounter a critical internal error,...

6.5CVSS7AI score0.00361EPSS
Exploits0References2
SUSE CVE
SUSE CVE
added 2024/06/04 12:55 p.m.4 views

SUSE CVE-2021-37939

It was discovered that Kibana's JIRA connector & IBM Resilient connector could be used to return HTTP response data on internal hosts, which may be intentionally hidden from public view. Using this vulnerability, a malicious user with the ability to create connectors, could utilize these connecto...

4CVSS4.4AI score0.00442EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2024/05/23 12:0 a.m.7 views

PT-2025-48535

Name of the Vulnerable Software and Affected Versions python3.9 python3.11 python3.13 Description When reading an HTTP response from a server, if no read amount is specified, the default behavior is to use Content-Length. This allows a malicious server to cause the client to read large amounts of...

7.8CVSS6.5AI score0.01525EPSS
Exploits0References219
OSV
OSV
added 2024/03/06 10:56 a.m.20 views

BIT-ENVOY-2021-43825 Use-after-free in Envoy

Envoy is an open source edge and service proxy, designed for cloud-native applications. Sending a locally generated response must stop further processing of request or response data. Envoy tracks the amount of buffered request and response data and aborts the request if the amount of buffered dat...

7.5CVSS7AI score0.00864EPSS
Exploits0References3
Rows per page
Query Builder