Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

7 matches found

CVE
CVEadded 2025/12/18 4:20 p.m.8 views

CVE-2025-14896

CVE-2025-14896 affects Vega. The issue is insufficient sanitization in Vega’s convert() function when safeMode is enabled and the diagram spec is an array. An attacker can craft a malicious Vega diagram specification that can cause requests to arbitrary URLs, including local filesystem paths, pot...

8.7CVSS6.2AI score0.0025EPSS
Exploits0References1
Vulnrichment
Vulnrichmentadded 2023/10/02 11:2 p.m.16 views

CVE-2023-28373 FlashArray SafeMode Immutable Vulnerability

A flaw exists in FlashArray Purity whereby an array administrator by configuring an external key manager can affect the availability of data on the system including snapshots protected by SafeMode...

4.4CVSS6.7AI score0.00434EPSS
Exploits0References1
Cvelist
Cvelistadded 2020/11/23 7:35 p.m.36 views

CVE-2020-15247 Twig Sandbox Escape by authenticated users with access to editing CMS templates when safemode is enabled.

October is a free, open-source, self-hosted CMS platform based on the Laravel PHP Framework. In October CMS from version 1.0.319 and before version 1.0.469, an authenticated backend user with the cms.managepages, cms.managelayouts, or cms.managepartials permissions who would normally not be...

5.2CVSS5.8AI score0.0029EPSS
Exploits0References2
OSV
OSVadded 2018/08/08 10:29 p.m.6 views

GHSA-44VC-FPCG-5CC5 Moderate severity vulnerability that affects safemode

Withdrawn, accidental duplicate publish. The Safemode gem before 1.2.4 for Ruby, when initialized with a delegate object that is a Rails controller, allows context-dependent attackers to obtain sensitive information via the inspect method...

8.1CVSS7.8AI score0.02131EPSS
Exploits0References2
OSV
OSVadded 2018/08/08 10:29 p.m.3 views

GHSA-8474-RC7C-WRHP High severity vulnerability that affects safemode

Withdrawn, accidental duplicate publish. The safemode rubygem, as used in Foreman, versions 1.3.2 and earlier are vulnerable to bypassing safe mode limitations via special Ruby syntax. This can lead to deletion of objects for which the user does not have delete permissions or possibly to privileg...

9.8CVSS9.7AI score0.01627EPSS
Exploits0References2
exploitpack
exploitpackadded 2001/06/30 12:0 a.m.20 views

PHP 4.x - SafeMode Arbitrary File Execution

PHP 4.x - SafeMode Arbitrary File Execution source: https://www.securityfocus.com/bid/2954/info PHP is the Personal HomePage development toolkit, distributed by the PHP.net, and maintained by the PHP Development Team in public domain. A problem with the toolkit could allow elevated privileges, an...

Exploits0
Exploit DB
Exploit DBadded 2001/06/30 12:0 a.m.36 views

PHP 4.x - SafeMode Arbitrary File Execution

source: https://www.securityfocus.com/bid/2954/info PHP is the Personal HomePage development toolkit, distributed by the PHP.net, and maintained by the PHP Development Team in public domain. A problem with the toolkit could allow elevated privileges, and potentially unauthorized access to...

7.4AI score
Exploits0
Rows per page
Query Builder