Lucene search
K

31 matches found

Wolfi
Wolfi
added 2026/04/11 2:51 a.m.8 views

GHSA-FV83-X2XW-2J55 vulnerabilities

Vulnerabilities for packages: flux, omnibump, sftpgo-plugin-eventsearch, rabbitmq-messaging-topology-operator, flux-notification-controller, stakater-reloader, dgraph, flux-image-reflector-controller, github-mcp-server, karpenter, osv-scanner, apko, aws-load-balancer-controller,...

5.8AI score
Exploits0
Wolfi
Wolfi
added 2026/04/11 2:51 a.m.11 views

CVE-2026-32281 vulnerabilities

Vulnerabilities for packages: pdfcpu, grafana-mimir, tetragon, chart-testing, crossplane-provider-azure-sql, seaweedfs, container-object-storage-interface, wgcf, cloud-provider-vsphere, nri-mongodb, addon-resizer, vault-benchmark, doppler-kubernetes-operator, mongodb-kubernetes-operator,...

7.5CVSS7.1AI score0.00349EPSS
Exploits0
OSV
OSV
added 2026/04/01 9:33 a.m.1 views

CLEANSTART-2026-NV36169 Security fixes for CVE-2025-61732, CVE-2025-66564, CVE-2025-68121, CVE-2026-24686, CVE-2026-25679, CVE-2026-26958, CVE-2026-27139, CVE-2026-27142, ghsa-fcv2-xgw5-pqxf applied in versions: 0.7.29-r1, 0.7.29-r2

Multiple security vulnerabilities affect the sigstore-scaffolding package. These issues are resolved in later releases. See references for individual vulnerability details...

10CVSS6.8AI score0.00765EPSS
Exploits2References18
Wolfi
Wolfi
added 2026/03/10 1:48 p.m.6 views

GHSA-J4J7-VW47-RHFQ vulnerabilities

Vulnerabilities for packages: prometheus-adapter, yunikorn-k8shim, tkn, sftpgo-plugin-eventsearch, spicedb, crossplane-provider-aws-ec2, cluster-api-azure-controller, fscrypt, kubernetes-dashboard-auth, kubo, tetragon, crossplane-provider-aws-memorydb, tfsec, kuma, sqlexporter, cluster-api, promx...

5.8AI score
Exploits0
Wolfi
Wolfi
added 2026/03/10 1:48 p.m.5 views

GHSA-J3GX-2473-5FP8 vulnerabilities

Vulnerabilities for packages: pdfcpu, spicedb, tetragon, crossplane-provider-aws-memorydb, container-object-storage-interface, wgcf, nri-mongodb, addon-resizer, vault-benchmark, mongodb-kubernetes-operator, nri-consul, rancher-security-scan, tflint, redka, gitea, opentelemetry-collector-contrib,...

5.8AI score
Exploits0
Wolfi
Wolfi
added 2026/03/10 1:48 p.m.6 views

CVE-2026-27142 vulnerabilities

Vulnerabilities for packages: prometheus-adapter, yunikorn-k8shim, tkn, sftpgo-plugin-eventsearch, spicedb, crossplane-provider-aws-ec2, cluster-api-azure-controller, fscrypt, kubernetes-dashboard-auth, kubo, tetragon, crossplane-provider-aws-memorydb, tfsec, kuma, sqlexporter, cluster-api, promx...

6.1CVSS6.8AI score0.00328EPSS
Exploits0
Wolfi
Wolfi
added 2026/03/10 1:48 p.m.18 views

CVE-2026-25679 vulnerabilities

Vulnerabilities for packages: pdfcpu, spicedb, tetragon, crossplane-provider-aws-memorydb, container-object-storage-interface, wgcf, nri-mongodb, addon-resizer, vault-benchmark, mongodb-kubernetes-operator, nri-consul, rancher-security-scan, tflint, redka, gitea, opentelemetry-collector-contrib,...

7.5CVSS7.2AI score0.00728EPSS
Exploits0
CNNVD
CNNVD
added 2026/03/07 12:0 a.m.7 views

Backstage 日志信息泄露漏洞

Backstage is an open-source application developed by Backstage. It serves as an open platform for building developer portals. Versions of Backstage prior to 3.1.4 contained a vulnerability related to log information leakage. This vulnerability stemmed from malicious scaffolding templates that cou...

6.5CVSS5.8AI score0.00262EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 9:35 a.m.16 views

CVE-2024-34913

An arbitrary file upload vulnerability in r-pan-scaffolding v5.0 and below allows attackers to execute arbitrary code via uploading a crafted PDF file...

5.4CVSS7.8AI score0.00376EPSS
Exploits1References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2024-35107

Malicious code in bioql PyPI...

5.4CVSS6.6AI score0.00376EPSS
Exploits1References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.12 views

EUVD-2024-2470

Malicious code in bioql PyPI...

7.5CVSS7.5AI score0.0084EPSS
Exploits0References9
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/08/14 6:52 p.m.3 views

Malicious code in test-mlw2-clour-heats-nards-scaff (npm)

The package test-mlw2-clour-heats-nards-scaff was found to contain malicious code...

7AI score
Exploits0
Wolfi
Wolfi
added 2024/06/11 5:16 p.m.112 views

CVE-2024-35255 vulnerabilities

Vulnerabilities for packages: flux, rclone, tkn, zot, rekor, grafana-mimir, bank-vaults, druid, fulcio, argo-events, grafana-agent-operator, flux-image-reflector-controller, timestamp-authority, thanos, zarf, terragrunt, guac, fluent-bit-plugin-loki, buildkitd, airflow, hugo,...

5.5CVSS6.3AI score0.00788EPSS
Exploits0
OSV
OSV
added 2024/05/15 8:15 p.m.2 views

CVE-2024-34913

An arbitrary file upload vulnerability in r-pan-scaffolding v5.0 and below allows attackers to execute arbitrary code via uploading a crafted PDF file...

5.4CVSS6.1AI score0.00376EPSS
Exploits1References1
NVD
NVD
added 2024/05/15 8:15 p.m.12 views

CVE-2024-34913

An arbitrary file upload vulnerability in r-pan-scaffolding v5.0 and below allows attackers to execute arbitrary code via uploading a crafted PDF file...

5.4CVSS6.1AI score0.00376EPSS
Exploits1References1
Cvelist
Cvelist
added 2024/05/15 7:26 p.m.17 views

CVE-2024-34913

An arbitrary file upload vulnerability in r-pan-scaffolding v5.0 and below allows attackers to execute arbitrary code via uploading a crafted PDF file...

6.3AI score0.00376EPSS
Exploits1References1
CVE
CVE
added 2024/05/15 7:26 p.m.78 views

CVE-2024-34913

The CVE-2024-34913 entry impacts r-pan-scaffolding versions 5.0 and older, where an arbitrary file upload vulnerability allows an attacker to execute arbitrary code by uploading a crafted PDF. The root cause is an improper handling of PDF uploads in the file-upload functionality, enabling code ex...

5.4CVSS7.7AI score0.00376EPSS
Exploits1References1Affected Software1
Vulnrichment
Vulnrichment
added 2024/05/15 7:26 p.m.16 views

CVE-2024-34913

An arbitrary file upload vulnerability in r-pan-scaffolding v5.0 and below allows attackers to execute arbitrary code via uploading a crafted PDF file...

7.8AI score0.00376EPSS
Exploits1References1
CNNVD
CNNVD
added 2024/05/15 12:0 a.m.3 views

r-pan-scaffolding 安全漏洞

rubinchu r-pan-scaffolding is a simple file management system from rubinchu that implements file uploading, downloading, moving and other functions. A security vulnerability exists in r-pan-scaffolding v5.0 and earlier versions. An attacker can execute arbitrary code by uploading a specially...

5.4CVSS7.4AI score0.00376EPSS
Exploits1References2
Positive Technologies
Positive Technologies
added 2024/05/15 12:0 a.m.6 views

PT-2024-26246 · Unknown · R-Pan-Scaffolding

Name of the Vulnerable Software and Affected Versions: r-pan-scaffolding versions 5.0 and below Description: The issue allows attackers to execute arbitrary code via uploading a crafted PDF file. This is achieved through an arbitrary file upload vulnerability. Recommendations: For versions 5.0 an...

5.4CVSS7.8AI score0.00376EPSS
Exploits1References4
Rows per page
Query Builder