Lucene search
K

4331 matches found

RubySec
RubySec
added 2026/05/27 12:0 a.m.64 views

Puma PROXY Protocol v1 Parser Allows Remote Memory Exhaustion

Impact PROXY protocol support for Puma was added in version 5.5.0. When PROXY protocol v1 support is enabled, Puma reads incoming bytes into an internal buffer. It waits for "\r\n" to determine whether a PROXY v1 line is present. If an attacker opens a TCP connection and continuously sends bytes...

5.8AI score0.0007EPSS
Exploits0References1Affected Software1
NVD
NVD
added 2026/05/22 10:16 p.m.24 views

CVE-2026-41075

RT is an open source, enterprise-grade issue and ticket tracking system. Versions 5.0.0 through 5.0.9 and 6.0.0 through 6.0.2 contain an SQL injection vulnerability. An authenticated user can craft input that is incorporated into database queries without proper validation, potentially allowing th...

8.8CVSS0.00344EPSS
Exploits0References3
CVE
CVE
added 2026/05/22 9:17 p.m.48 views

CVE-2026-41075

RT (Request Tracker) is affected by an SQL injection in the JSON search path via the entry_aggregator parameter. Affected versions: 5.0.0–5.0.9 and 6.0.0–6.0.2. Root cause: input incorporated into queries without proper validation, enabling authenticated users to read or modify RT database data. ...

8.8CVSS5.8AI score0.00344EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/05/22 12:0 a.m.14 views

PT-2026-42837

Name of the Vulnerable Software and Affected Versions RT versions 5.0.0 through 5.0.9 RT versions 6.0.0 through 6.0.2 Description An authenticated user can craft input that is incorporated into database queries without proper validation, potentially allowing them to read or modify data in the...

8.8CVSS5.9AI score0.00344EPSS
Exploits0References19
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.6 views

Astra Linux – Vulnerability in Redis

Redis is an open-source, in-memory database that persists data on disk. In versions prior to 8.0.3, as well as in 7.4.5, 7.2.10, and 6.2.19, an authenticated user could use a specially crafted string to trigger an out-of-bounds write operation on the hyperloglog data structure, potentially leadin...

7.8CVSS5.7AI score0.03877EPSS
Exploits4References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.7 views

Astra Linux – Vulnerability in Chromium

Inappropriate implementation of the Pointer Lock feature in Google Chrome on Mac before version 105.0.5195.52 allowed a remote attacker to restrict user navigation through a crafted HTML page...

4.3CVSS6.8AI score0.00522EPSS
Exploits0References2
Snyk
Snyk
added 2026/05/11 3:59 p.m.6 views

Privilege Dropping / Lowering Errors

Overview Affected versions of this package are vulnerable to Privilege Dropping / Lowering Errors in the metrics exporter. An attacker can gain PostgreSQL superuser privileges and execute arbitrary OS commands as the postgres user inside the primary pod by exploiting the ability to plant shadow...

9.9CVSS6.7AI score0.0048EPSS
Exploits0References3
Snyk
Snyk
added 2026/05/06 9:59 p.m.9 views

Authorization Bypass Through User-Controlled Key

Overview Affected versions of this package are vulnerable to Authorization Bypass Through User-Controlled Key in the GET /api/v1/stable/dags/tasks endpoint via improper tenant checks in the listTasksByDAGIds function. An attacker can access sensitive task metadata belonging to other tenants by...

6.5CVSS5.8AI score0.00181EPSS
Exploits0References2
EUVD
EUVD
added 2026/05/05 4:50 p.m.8 views

EUVD-2026-27414

RedisBloom is a probabilistic data structures module for Redis. In all versions of RedisBloom before 2.8.20, the module does not properly validate serialized values processed through the Redis RESTORE command. An authenticated attacker with permission to execute RESTORE on a server with the...

7.7CVSS6.2AI score0.01331EPSS
Exploits0References2
EUVD
EUVD
added 2026/05/05 4:39 p.m.7 views

EUVD-2026-27398

Redis is an in-memory data structure store. In all versions of redis-server with Lua scripting, an authenticated attacker can exploit the master-replica synchronization mechanism to trigger a use-after-free on replicas where replica-read-only is disabled or can be disabled, which may lead to remo...

6.1CVSS6.1AI score0.01782EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/05/05 12:0 a.m.16 views

PT-2026-37091

Name of the Vulnerable Software and Affected Versions Langchain-Chatchat versions prior to 0.3.1.4 Description An issue exists in the Uploaded File Handler component within the get file id function of the file libs/chatchat-server/chatchat/server/api server/openai routes.py. Manipulation of this...

2.6CVSS5.7AI score0.00235EPSS
Exploits0References9
Positive Technologies
Positive Technologies
added 2026/05/05 12:0 a.m.10 views

PT-2026-37087

Name of the Vulnerable Software and Affected Versions OpenCMS versions prior to 21 Description The Admin Import DB feature is susceptible to XML External Entity XXE, a flaw where an application processes XML input containing a reference to an external entity, potentially allowing unauthorized...

9.8CVSS5.8AI score0.003EPSS
Exploits0References8
RedhatCVE
RedhatCVE
added 2026/05/04 10:17 a.m.8 views

CVE-2026-41263

A flaw was found in Traefik. A remote attacker can exploit a timing side-channel vulnerability in Traefik's BasicAuth middleware. This flaw allows an attacker to enumerate valid usernames by observing differences in authentication response times. The vulnerability arises because a constant-time...

6.3CVSS5.7AI score0.00369EPSS
Exploits0References7
Positive Technologies
Positive Technologies
added 2026/05/04 12:0 a.m.11 views

PT-2026-36976

Name of the Vulnerable Software and Affected Versions OpenMRS Core versions prior to 2.7.9 OpenMRS Core versions 2.8.0 through 2.8.5 Description The module upload endpoint 'POST /openmrs/ws/rest/v1/module' is susceptible to a Zip Slip path traversal attack. This occurs during the automatic...

9.4CVSS6.2AI score0.00853EPSS
Exploits1References6
Patchstack
Patchstack
added 2026/05/01 9:16 a.m.6 views

WordPress Restrict – membership, site, content and user access restrictions for WordPress plugin <= 2.3.0 - Unauthenticated Reflected Cross-Site Scripting vulnerability

Unauthenticated Reflected Cross-Site Scripting vulnerability discovered by Asaf Mozes in WordPress Plugin Restrict versions = 2.3.0...

6.1CVSS5.8AI score0.00276EPSS
Exploits0References1Affected Software1
RedhatCVE
RedhatCVE
added 2026/04/28 12:27 p.m.10 views

CVE-2026-6993

A flaw was found in go-kratos kratos. A remote attacker could exploit a vulnerability in the HTTP server's NewServer function, specifically within the http.DefaultServeMux Fallback Handler. This manipulation creates an unintended intermediary, which can lead to the disclosure of sensitive...

6.9CVSS5.5AI score0.00315EPSS
Exploits0References10
Snyk
Snyk
added 2026/04/25 6:30 p.m.9 views

HTTP Request Smuggling

Overview Affected versions of this package are vulnerable to HTTP Request Smuggling via the NewServer function in the HTTP server, specifically within the http.DefaultServeMux Fallback Handler. An attacker can access sensitive information by sending crafted HTTP requests that trigger the unintend...

6.9CVSS5.8AI score0.00315EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/04/24 12:0 a.m.14 views

PT-2026-37175

Name of the Vulnerable Software and Affected Versions nova-toggle-5 versions prior to 1.3.0 Description The toggle endpoint "POST /nova-vendor/nova-toggle/toggle/resource/resourceId" was protected only by web and auth: middleware. This allowed any user authenticated on the configured guard to fli...

6.5CVSS6AI score0.00201EPSS
Exploits0References7
RedhatCVE
RedhatCVE
added 2026/04/23 2:53 p.m.9 views

CVE-2026-33999

A flaw was found in the X.Org X server. This integer underflow vulnerability, specifically in the XKB compatibility map handling, allows an attacker with local or remote X11 server access to trigger a buffer read overrun. This can lead to memory-safety violations and potentially a denial of servi...

7.8CVSS6AI score0.0038EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2026/04/21 11:46 a.m.6 views

CVE-2026-39946

A flaw was found in OpenBao. When OpenBao revoked privileges on a role in the PostgreSQL database secrets engine, it failed to use proper database quoting on schema names. This oversight could lead to role revocation failures or, in rarer instances, allow a management user to perform SQL injectio...

4.9CVSS5.8AI score0.00235EPSS
Exploits0References4
Rows per page
Query Builder