Lucene search
K

34 matches found

RedhatCVE
RedhatCVE
added 2026/06/05 7:51 p.m.8 views

CVE-2013-10075

Apache::Session versions through 1.94 for Perl re-creates deleted sessions. The session stores Apache::Session::Store::File and Apache::Session::Store::DBFile will create a session that does not exist. This can lead to sessions being revived, potentially with data that was to be deleted...

9.1CVSS5.4AI score0.00356EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/05/26 7:47 p.m.25 views

CVE-2026-44843 LangChain: Unsafe deserialization of attacker-controlled LangChain objects through overly broad `load()` allowlists

LangChain is a framework for building agents and LLM-powered applications. Prior to 0.3.85 and 1.3.3, LangChain contains older runtime code paths that deserialize run inputs, run outputs, or other application-controlled payloads using overly broad object allowlists. These paths may call load with...

8.2CVSS6AI score0.00406EPSS
Exploits0References1
CVE
CVE
added 2026/05/26 7:47 p.m.68 views

CVE-2026-44843

LangChain CVE-2026-44843 affects LangChain-core runtimes prior to 0.3.85 and 1.3.3, which use older code paths with broad object allowlists that can revive trusted LangChain-serializable objects via load()/loads() calls. This may let attacker-controlled serialized constructor dictionaries instant...

8.2CVSS6AI score0.00406EPSS
Exploits0References1Affected Software1
SUSE CVE
SUSE CVE
added 2026/05/09 3:23 a.m.7 views

SUSE CVE-2013-10075

Apache::Session versions through 1.94 for Perl re-creates deleted sessions. The session stores Apache::Session::Store::File and Apache::Session::Store::DBFile will create a session that does not exist. This can lead to sessions being revived, potentially with data that was to be deleted...

9.1CVSS5.8AI score0.00356EPSS
Exploits0References3
EUVD
EUVD
added 2026/05/08 9:31 a.m.11 views

EUVD-2013-7294

Apache::Session versions through 1.94 for Perl re-creates deleted sessions. The session stores Apache::Session::Store::File and Apache::Session::Store::DBFile will create a session that does not exist. This can lead to sessions being revived, potentially with data that was to be deleted...

9.1CVSS5.8AI score0.00356EPSS
Exploits0References2
NVD
NVD
added 2026/05/08 8:16 a.m.35 views

CVE-2013-10075

Apache::Session versions through 1.94 for Perl re-creates deleted sessions. The session stores Apache::Session::Store::File and Apache::Session::Store::DBFile will create a session that does not exist. This can lead to sessions being revived, potentially with data that was to be deleted...

9.1CVSS0.00356EPSS
Exploits0References2
OSV
OSV
added 2026/05/08 8:16 a.m.6 views

UBUNTU-CVE-2013-10075

Apache::Session versions through 1.94 for Perl re-creates deleted sessions. The session stores Apache::Session::Store::File and Apache::Session::Store::DBFile will create a session that does not exist. This can lead to sessions being revived, potentially with data that was to be deleted...

9.1CVSS5.8AI score0.00356EPSS
Exploits0References5
UbuntuCve
UbuntuCve
added 2026/05/08 8:16 a.m.8 views

CVE-2013-10075

Apache::Session versions through 1.94 for Perl re-creates deleted sessions. The session stores Apache::Session::Store::File and Apache::Session::Store::DBFile will create a session that does not exist. This can lead to sessions being revived, potentially with data that was to be deleted...

9.1CVSS5.8AI score0.00356EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2026/05/08 7:44 a.m.10 views

CVE-2013-10075 Apache::Session versions through 1.94 for Perl re-creates deleted sessions

Apache::Session versions through 1.94 for Perl re-creates deleted sessions. The session stores Apache::Session::Store::File and Apache::Session::Store::DBFile will create a session that does not exist. This can lead to sessions being revived, potentially with data that was to be deleted...

5.8AI score0.00356EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/05/08 7:44 a.m.7 views

CVE-2013-10075

Apache::Session versions through 1.94 for Perl re-creates deleted sessions. The session stores Apache::Session::Store::File and Apache::Session::Store::DBFile will create a session that does not exist. This can lead to sessions being revived, potentially with data that was to be deleted...

5.8AI score0.00356EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/05/08 12:0 a.m.16 views

PT-2026-38683

Apache::Session versions through 1.94 for Perl re-creates deleted sessions. The session stores Apache::Session::Store::File and Apache::Session::Store::DB File will create a session that does not exist. This can lead to sessions being revived, potentially with data that was to be deleted...

9.1CVSS5.8AI score0.00356EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/05/08 12:0 a.m.7 views

Linux Distros Unpatched Vulnerability : CVE-2013-10075

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Apache::Session versions through 1.94 for Perl re-creates deleted sessions. The session stores Apache::Session::Store::File and Apache::Session::Store::DBFile...

9.1CVSS5.5AI score0.00356EPSS
Exploits0References3
Veracode
Veracode
added 2025/10/29 10:13 a.m.5 views

Client-Side Path Traversal

Nuxt is vulnerable to Client-Side Path Traversal. The vulnerability is due to improper validation of user-controlled data within the Island payload revival mechanism, which allows an attacker to craft malicious nuxtisland objects that manipulate client-side requests to arbitrary endpoints within...

3.1CVSS7.1AI score0.00347EPSS
Exploits1References3Affected Software1
RedhatCVE
RedhatCVE
added 2025/09/19 7:23 p.m.5 views

CVE-2025-59414

Nuxt is an open-source web development framework for Vue.js. Prior to 3.19.0 and 4.1.0, A client-side path traversal vulnerability in Nuxt's Island payload revival mechanism allowed attackers to manipulate client-side requests to different endpoints within the same application domain when specifi...

3.1CVSS6.6AI score0.00347EPSS
Exploits1References1
Github Security Blog
Github Security Blog
added 2025/09/17 8:42 p.m.6 views

Nuxt has Client-Side Path Traversal in Nuxt Island Payload Revival

Summary A client-side path traversal vulnerability in Nuxt's Island payload revival mechanism allowed attackers to manipulate client-side requests to different endpoints within the same application domain when specific prerendering conditions are met. Technical Details The vulnerability occurs in...

3.1CVSS6.5AI score0.00347EPSS
Exploits1References4Affected Software1
Snyk
Snyk
added 2025/09/17 7:43 p.m.4 views

Directory Traversal

Overview Affected versions of this package are vulnerable to Directory Traversal via the client-side Island payload revival process. An attacker can access unauthorized files or endpoints by crafting a malicious nuxtisland object containing path traversal sequences, which are then deserialized an...

3.1CVSS7.4AI score0.00347EPSS
Exploits1References2
NVD
NVD
added 2025/09/17 7:15 p.m.8 views

CVE-2025-59414

Nuxt is an open-source web development framework for Vue.js. Prior to 3.19.0 and 4.1.0, A client-side path traversal vulnerability in Nuxt's Island payload revival mechanism allowed attackers to manipulate client-side requests to different endpoints within the same application domain when specifi...

3.1CVSS0.00347EPSS
Exploits1References2
Vulnrichment
Vulnrichment
added 2025/09/17 6:39 p.m.1 views

CVE-2025-59414 Nuxt Client-Side Path Traversal in Nuxt Island Payload Revival

Nuxt is an open-source web development framework for Vue.js. Prior to 3.19.0 and 4.1.0, A client-side path traversal vulnerability in Nuxt's Island payload revival mechanism allowed attackers to manipulate client-side requests to different endpoints within the same application domain when specifi...

3.1CVSS6.2AI score0.00347EPSS
Exploits1References2
CVE
CVE
added 2025/09/17 6:39 p.m.30 views

CVE-2025-59414

Nuxt (Vue.js framework) exposes a client-side path traversal in the Island payload revival during prerendering. The vulnerability occurs in the revive-payload.client.ts flow when serialized __nuxt_island objects trigger Island fetches via /__nuxt_island/${key}.json, with key potentially containin...

3.1CVSS6.2AI score0.00347EPSS
Exploits1References2Affected Software1
OSV
OSV
added 2025/09/17 6:39 p.m.5 views

CVE-2025-59414 Nuxt Client-Side Path Traversal in Nuxt Island Payload Revival

Nuxt is an open-source web development framework for Vue.js. Prior to 3.19.0 and 4.1.0, A client-side path traversal vulnerability in Nuxt's Island payload revival mechanism allowed attackers to manipulate client-side requests to different endpoints within the same application domain when specifi...

3.1CVSS6.3AI score0.00347EPSS
Exploits1References4
Rows per page
Query Builder