Lucene search
+L

6 matches found

nvd
nvd
added 2 days ago5 views

CVE-2026-55445

Qinglong is a timed task management platform supporting Python3, JavaScript, Shell, and Typescript. Prior to 2.20.1, the init guard middleware in back/loaders/express.ts checks /api/user/init but not /open/user/init, while rewrite'/open/', '/api/$1' rewrites the whitelisted /open/ path after JWT...

9.3CVSS0.00404EPSS
Exploits0References3
osv
osv
added 2026/06/08 10:16 a.m.13 views

USN-8396-1 apache2 vulnerabilities

It was discovered that the Apache HTTP Server modrewrite module incorrectly handled certain privileges. A local attacker could possibly use this issue to obtain sensitive information. CVE-2026-24072 Andrew Lacambra, Elhanan Haenel, Tianshuo Han, and Tristan Madani discovered that the Apache HTTP...

9.8CVSS5.7AI score0.01376EPSS
Exploits1References5
redhat
redhat
added 2026/04/15 5:31 p.m.3 views

tomcat: org.apache.tomcat/tomcat-catalina: Apache Tomcat: Directory traversal via rewrite with possible RCE

A directory traversal vulnerability in Apache Tomcat caused by improper URL normalization during request rewriting. When specific rewrite rules are used, an attacker could craft a malicious request to bypass access restrictions and reach protected directories such as /WEB-INF/ or /META-INF/. If...

7.5CVSS7.2AI score0.66535EPSS
Exploits4References6
redhat
redhat
added 2025/11/06 4:32 p.m.5 views

tomcat: org.apache.tomcat/tomcat-catalina: Apache Tomcat: Directory traversal via rewrite with possible RCE

A directory traversal vulnerability in Apache Tomcat caused by improper URL normalization during request rewriting. When specific rewrite rules are used, an attacker could craft a malicious request to bypass access restrictions and reach protected directories such as /WEB-INF/ or /META-INF/. If...

7.5CVSS7.1AI score0.66535EPSS
Exploits4References6
redhat
redhat
added 2024/07/23 8:57 a.m.3 views

httpd: Potential SSRF in mod_rewrite

A flaw was found in the modrewrite module of httpd. A potential SSRF allows an attacker to cause unsafe rules used in the RewriteRule directive to unexpectedly set up URLs to be handled by the modproxy module...

7.5CVSS7AI score0.35447EPSS
Exploits0References5
bdu_fstec
bdu_fstec
added 2021/11/10 12:0 a.m.7 views

The vulnerability of the command-line interface (CLI) of Cisco IOS XE SD-WAN software allows a attacker to re-record any files.

The vulnerability of the Cisco IOS XE SD-WAN software’s command-line interface is related to an incorrect definition of the link before accessing the file. Exploiting this vulnerability could allow a attacker to re-write any files at will...

5.5CVSS7AI score0.00242EPSS
Exploits0References3Affected Software1
Rows per page
Query Builder