Lucene search
K

182 matches found

EUVD
EUVD
added 2026/05/19 3:53 p.m.14 views

EUVD-2026-30956

Terrascan v1.18.3 and prior are vulnerable to Server-Side Request Forgery SSRF via external URL resolution in uploaded IaC templates when running in server mode. When Terrascan parses uploaded ARM templates or CloudFormation templates, it resolves external URLs referenced within those templates v...

9.2CVSS5.8AI score0.00479EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/05/19 3:53 p.m.9 views

CVE-2026-47357

Terrascan v1.18.3 and prior are vulnerable to Server-Side Request Forgery SSRF via the remoteurl parameter in the remote directory scan endpoint POST /v1/iac/iacVersion/cloud/remote/dir/scan when running in server mode. An unauthenticated remote attacker can supply an attacker-controlled HTTP URL...

9.2CVSS5.8AI score0.00482EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/05/19 3:53 p.m.41 views

CVE-2026-47357

Terrascan v1.18.3 and prior are vulnerable to Server-Side Request Forgery SSRF via the remoteurl parameter in the remote directory scan endpoint POST /v1/iac/iacVersion/cloud/remote/dir/scan when running in server mode. An unauthenticated remote attacker can supply an attacker-controlled HTTP URL...

9.2CVSS0.00482EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/05/19 3:53 p.m.7 views

CVE-2026-47357

Terrascan v1.18.3 and prior are vulnerable to Server-Side Request Forgery SSRF via the remoteurl parameter in the remote directory scan endpoint POST /v1/iac/iacVersion/cloud/remote/dir/scan when running in server mode. An unauthenticated remote attacker can supply an attacker-controlled HTTP URL...

9.2CVSS5.8AI score0.00482EPSS
Exploits0References2
CVE
CVE
added 2026/05/19 3:53 p.m.20 views

CVE-2026-47357

CVE-2026-47357 affects Terrascan v1.18.3 and earlier in server mode. An unauthenticated attacker can abuse the remote_url parameter of the remote/dir/scan endpoint to issue an SSRF against an attacker-controlled http URL. The URL is handed to hashicorp/go-getter (v1.7.5) without validation, which...

9.2CVSS5.8AI score0.00482EPSS
Exploits0References1Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/05/19 3:53 p.m.6 views

CVE-2026-47356

Terrascan v1.18.3 and prior are vulnerable to Server-Side Request Forgery SSRF via the webhookurl parameter in the file scan endpoint POST /v1/iac/iacVersion/cloud/local/file/scan when running in server mode. An unauthenticated remote attacker can supply an arbitrary URL as the webhookurl multipa...

8.7CVSS6AI score0.00499EPSS
Exploits0References2
EUVD
EUVD
added 2026/05/19 3:53 p.m.16 views

EUVD-2026-30952

Terrascan v1.18.3 and prior are vulnerable to Server-Side Request Forgery SSRF via the webhookurl parameter in the file scan endpoint POST /v1/iac/iacVersion/cloud/local/file/scan when running in server mode. An unauthenticated remote attacker can supply an arbitrary URL as the webhookurl multipa...

8.7CVSS6AI score0.00499EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/05/19 3:53 p.m.7 views

CVE-2026-47356

Terrascan v1.18.3 and prior are vulnerable to Server-Side Request Forgery SSRF via the webhookurl parameter in the file scan endpoint POST /v1/iac/iacVersion/cloud/local/file/scan when running in server mode. An unauthenticated remote attacker can supply an arbitrary URL as the webhookurl multipa...

8.7CVSS6AI score0.00499EPSS
Exploits0References1
CVE
CVE
added 2026/05/19 3:53 p.m.21 views

CVE-2026-47356

Terrascan v1.18.3 and earlier are affected by an SSRF in the server mode feature. An unauthenticated attacker can supply an arbitrary URL via the webhook_url multipart form parameter in POST /v1/{iac}/{iacVersion}/{cloud}/local/file/scan, causing Terrascan to POST the full scan results to the att...

8.7CVSS6AI score0.00499EPSS
Exploits0References1Affected Software1
Positive Technologies
Positive Technologies
added 2026/05/19 12:0 a.m.12 views

PT-2026-41953

Terrascan v1.18.3 and prior are vulnerable to Server-Side Request Forgery SSRF via the remote url parameter in the remote directory scan endpoint POST /v1/iac/iacVersion/cloud/remote/dir/scan when running in server mode. An unauthenticated remote attacker can supply an attacker-controlled HTTP UR...

9.2CVSS5.8AI score0.00482EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/05/19 12:0 a.m.15 views

PT-2026-41954

Terrascan v1.18.3 and prior are vulnerable to Server-Side Request Forgery SSRF via external URL resolution in uploaded IaC templates when running in server mode. When Terrascan parses uploaded ARM templates or CloudFormation templates, it resolves external URLs referenced within those templates v...

9.2CVSS5.8AI score0.00479EPSS
Exploits0References2
SUSE CVE
SUSE CVE
added 2026/05/13 3:48 a.m.16 views

SUSE CVE-2026-7813

Authorization vulnerability in pgAdmin 4 server mode affecting Server Groups, Servers, Shared Servers, Background Processes, and Debugger modules. Multiple endpoints fetched user-owned objects without filtering by the requesting user's identity. An authenticated user could access another user's...

9.9CVSS6.1AI score0.00455EPSS
Exploits0References3
OSV
OSV
added 2026/05/12 3:8 p.m.4 views

GHSA-2G4X-FQ3J-CGQ4 Dalfox has an Unauthenticated Remote DoS via Closed-Channel Write in `ParameterAnalysis` (server mode)

Summary ParameterAnalysis in pkg/scanning/parameterAnalysis.go runs two sequential worker stages that both write to the same results channel. The channel is correctly closed after the first stage completes closeresults at line 438, but the second stage — which processes POST-body parameters dp — ...

7.5CVSS5.8AI score0.00231EPSS
Exploits0References4
Github Security Blog
Github Security Blog
added 2026/05/12 3:8 p.m.15 views

Dalfox has an Unauthenticated Remote DoS via Closed-Channel Write in `ParameterAnalysis` (server mode)

Summary ParameterAnalysis in pkg/scanning/parameterAnalysis.go runs two sequential worker stages that both write to the same results channel. The channel is correctly closed after the first stage completes closeresults at line 438, but the second stage — which processes POST-body parameters dp — ...

7.5CVSS5.8AI score0.00231EPSS
Exploits0References4Affected Software2
OSV
OSV
added 2026/05/12 3:8 p.m.8 views

GHSA-8HF9-3Q64-Q2QF Dalfox Server Mode has an Unauthenticated Arbitrary File Create/Append via `output` Option

Summary When dalfox is run in REST API server mode, the output, output-all, and debug fields in model.Options are JSON-tagged and deserialized directly from the attacker's request body, then propagated unchanged through dalfox.Initialize into the scan engine's logging path. The logger opens the...

8.2CVSS6AI score0.00243EPSS
Exploits0References4
Github Security Blog
Github Security Blog
added 2026/05/12 3:8 p.m.10 views

Dalfox Server Mode has an Unauthenticated Arbitrary File Create/Append via `output` Option

Summary When dalfox is run in REST API server mode, the output, output-all, and debug fields in model.Options are JSON-tagged and deserialized directly from the attacker's request body, then propagated unchanged through dalfox.Initialize into the scan engine's logging path. The logger opens the...

8.2CVSS6AI score0.00243EPSS
Exploits0References4Affected Software1
OSV
OSV
added 2026/05/12 3:8 p.m.8 views

GHSA-35WR-X7V6-9FV2 Dalfox Server Mode has an Unauthenticated Arbitrary File Read with Out-of-Band Exfiltration via `custom-payload-file`

Summary When dalfox is run in REST API server mode, the custom-payload-file field in model.Options is JSON-tagged and deserialized directly from the attacker's request body, then propagated unchanged through dalfox.Initialize into the scan engine. The engine passes the value to...

7.5CVSS6AI score0.00251EPSS
Exploits0References4
Github Security Blog
Github Security Blog
added 2026/05/12 3:8 p.m.11 views

Dalfox Server Mode has an Unauthenticated Arbitrary File Read with Out-of-Band Exfiltration via `custom-payload-file`

Summary When dalfox is run in REST API server mode, the custom-payload-file field in model.Options is JSON-tagged and deserialized directly from the attacker's request body, then propagated unchanged through dalfox.Initialize into the scan engine. The engine passes the value to...

7.5CVSS6AI score0.00251EPSS
Exploits0References4Affected Software1
OSV
OSV
added 2026/05/12 3:7 p.m.7 views

GHSA-V25V-M36W-JP4H Dalfox Server Mode Vulnerable to Unauthenticated Remote Code Execution via `found-action`

GHSA: Unauthenticated Remote Code Execution via found-action in Dalfox Server Mode Summary When dalfox is started in REST API server mode dalfox server, the server binds to 0.0.0.0:6664 by default and requires no API key unless the operator explicitly passes --api-key. Because model.Options —...

10CVSS6.4AI score0.01147EPSS
Exploits2References4
Github Security Blog
Github Security Blog
added 2026/05/12 3:7 p.m.12 views

Dalfox Server Mode Vulnerable to Unauthenticated Remote Code Execution via `found-action`

GHSA: Unauthenticated Remote Code Execution via found-action in Dalfox Server Mode Summary When dalfox is started in REST API server mode dalfox server, the server binds to 0.0.0.0:6664 by default and requires no API key unless the operator explicitly passes --api-key. Because model.Options —...

10CVSS6.4AI score0.01147EPSS
Exploits2References4Affected Software1
Rows per page
Query Builder