Lucene search
K

8 matches found

FreeBSD
FreeBSD
added 2026/06/24 12:0 a.m.5 views

rclone -- Unauthenticated command execution in `rclone rcd --rc-serve` via inline remote instantiation

https://github.com/rclone/rclone/security/advisories/GHSA-qw24-gh76-8rvv reports: Rclone is a command-line program to sync files and directories to and from different cloud storage providers.From 1.46.0 until 1.74.3, rclone rcd --rc-serve accepts unauthenticated GET and HEAD requests to paths of...

9.8CVSS5.9AI score0.00701EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/01/08 12:0 a.m.13 views

Soft Serve 安全漏洞

Soft Serve is a self-hosted command-line Git server from Charm Open Source. A security vulnerability exists in Soft Serve versions prior to 0.11.2, which stems from an authorization bypass in the LFS lock deletion endpoint that could lead to arbitrary lock deletion...

5.4CVSS6.5AI score0.00273EPSS
Exploits1References3
CNNVD
CNNVD
added 2025/11/08 12:0 a.m.4 views

Soft Serve 安全漏洞

Soft Serve is a self-hostable command-line Git server from Charm Open Source. A security vulnerability exists in Soft Serve versions prior to 0.10.0, which stems from not removing ANSI escape sequences and not cleaning up git messages, which could lead to a fake alert attack...

4.6CVSS6.3AI score0.00155EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/03 8:7 p.m.3 views

EUVD-2023-2773

Malicious code in bioql PyPI...

7.5CVSS7.5AI score0.0089EPSS
Exploits1References6
OSV
OSV
added 2025/09/08 2:13 p.m.41 views

GO-2025-3930 Soft Serve vulnerable to arbitrary file writing through SSH API in github.com/charmbracelet/soft-serve

Soft Serve vulnerable to arbitrary file writing through SSH API in github.com/charmbracelet/soft-serve...

7.7CVSS6.8AI score0.00315EPSS
Exploits0References2
vulnersOsv
vulnersOsv
added 2020/09/11 9:16 p.m.4 views

@ieremeev/app (>=3.0.1 <=3.2.4), xtal-test (>=0.0.1 <=0.0.10) potentially affected by unknown CVE via serve (=10.0.0)

serve NPM version =10.0.0 is affected by a known vulnerability. The following packages have a transitive dependency on serve and may be impacted: - @ieremeev/app =3.0.1, =0.0.1, =0.0.10 Source cves: unknown CVE Source advisory: OSV:GHSA-XW79-HHV6-578C...

5.8AI score
Exploits0
Veracode
Veracode
added 2019/03/22 1:9 p.m.20 views

Directory Traversal

serve is vulnerable to directory traversal. The vulnerability exists because it gives an easy interface to list directory contents and traverse into sub-folder just by submitting a URL with dot-slash before the file name, e.g. http://127.0.0.1:6060/dir/./file.txt...

7.5CVSS7.3AI score0.01689EPSS
Exploits1References1Affected Software1
CNVD
CNVD
added 2018/06/22 12:0 a.m.4 views

Serve Path Traversal Vulnerability

serve is a static file server that is primarily used for deploying native single-page applications or static files. A path traversal vulnerability exists in serve versions prior to 6.4.9, where the program fails to adequately filter %2e . and %2f / characters in the url. and %2f / characters in t...

6.5CVSS6.3AI score0.0179EPSS
Exploits1References1
Rows per page
Query Builder