Lucene search
K

5 matches found

EUVD
EUVD
added 2 days ago5 views

EUVD-2026-42076

NocoBase through 2.1.20 contains a server-side request forgery vulnerability in the serverRequest wrapper that allows authenticated administrators to issue arbitrary outbound HTTP requests by supplying malicious URLs to workflow request nodes, custom request action buttons, or the AI plugin...

5.5CVSS6.1AI score0.002EPSS
Exploits0References4
Snyk
Snyk
added 2026/06/08 12:0 a.m.7 views

Incorrect Authorization

Overview org.springframework:spring-webflux is a Spring Framework module that contains support for reactive HTTP and WebSocket clients as well as for reactive server web applications including REST, HTML browser, and WebSocket style interactions. Affected versions of this package are vulnerable t...

6.3CVSS5.4AI score0.00166EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/08/18 12:0 a.m.4 views

Linux Distros Unpatched Vulnerability : CVE-2023-25151

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - opentelemetry-go-contrib is a collection of extensions for OpenTelemetry-Go. The v0.38.0 release of go.opentelemetry.io/contrib/instrumentation/net/http/otelhtt...

7.5CVSS7AI score0.00973EPSS
Exploits1References2
AlpineLinux
AlpineLinux
added 2023/10/12 4:33 p.m.32 views

CVE-2023-45142

OpenTelemetry-Go Contrib is a collection of third-party packages for OpenTelemetry-Go. A handler wrapper out of the box adds labels http.useragent and http.method that have unbound cardinality. It leads to the server's potential memory exhaustion when many malicious requests are sent to it. HTTP...

7.5CVSS7.9AI score0.01364EPSS
Exploits0
Veracode
Veracode
added 2022/07/28 5:55 a.m.20 views

Cross-site Scripting (XSS)

laminas/laminas-diactoros is vulnerable to cross-site scripting. The vulnerability exists in the fromGlobals function in IncomingRequestFactory.php due to insufficient sanitization in the ServerRequest which allows an attacker to modify server request from x forwarded header via the request paylo...

7.2CVSS5.8AI score0.00615EPSS
Exploits0References5Affected Software1
Rows per page
Query Builder