Lucene search
K

26 matches found

OSV
OSV
added last week5 views

BIT-GRAFANA-2026-10601 Path Traversal in Tempo and Loki Data Source Plugins — Credential Leakage and Admin Endpoint Access

The Tempo and Loki datasource plugins construct backend HTTP requests by interpolating user-supplied input into URL paths without sanitization, enabling path traversal. A Viewer-role user can: 1 capture admin-configured datasource credentials secureJsonData custom headers by traversing to an...

5.4CVSS5.8AI score0.00258EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/04/08 12:0 a.m.5 views

CVE-2025-50649

A buffer overflow vulnerability exists in D-Link DI-8003 16.07.26A1 due to improper input validation in the vlanname parameter in the /shutset.asp endpoint...

6AI score0.00516EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2026/03/25 12:25 a.m.3 views

SUSE CVE-2026-29771

Netmaker makes networks with WireGuard. Prior to version 1.2.0, the /api/server/shutdown endpoint allows termination of the Netmaker server process via syscall.SIGINT. This allows any user to repeatedly shut down the server, causing cyclic denial of service with approximately 3-second restart...

8.7CVSS5.7AI score0.00331EPSS
Exploits0References3
Github Security Blog
Github Security Blog
added 2026/03/19 12:42 p.m.10 views

Unauthenticated remote shutdown in nltk.app.wordnet_app

Summary nltk.app.wordnetapp allows unauthenticated remote shutdown of the local WordNet Browser HTTP server when it is started in its default mode. A simple GET /SHUTDOWN%20THE%20SERVER request causes the process to terminate immediately via os.exit0, resulting in a denial of service. Details The...

7.5CVSS5.9AI score0.00855EPSS
Exploits1References4Affected Software1
OSV
OSV
added 2026/03/10 6:28 p.m.2 views

GO-2026-4608 Netmaker Vulnerable to Denial of Service via Server Shutdown Endpoint in github.com/gravitl/netmaker

Netmaker Vulnerable to Denial of Service via Server Shutdown Endpoint in github.com/gravitl/netmaker...

8.7CVSS5.8AI score0.00331EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/03/09 8:1 a.m.2 views

CVE-2026-29771

Netmaker makes networks with WireGuard. Prior to version 1.2.0, the /api/server/shutdown endpoint allows termination of the Netmaker server process via syscall.SIGINT. This allows any user to repeatedly shut down the server, causing cyclic denial of service with approximately 3-second restart...

8.7CVSS5.7AI score0.00331EPSS
Exploits0References1
NVD
NVD
added 2026/03/07 4:15 p.m.5 views

CVE-2026-29771

Netmaker makes networks with WireGuard. Prior to version 1.2.0, the /api/server/shutdown endpoint allows termination of the Netmaker server process via syscall.SIGINT. This allows any user to repeatedly shut down the server, causing cyclic denial of service with approximately 3-second restart...

8.7CVSS0.00331EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/03/07 3:14 p.m.3 views

CVE-2026-29771

Netmaker makes networks with WireGuard. Prior to version 1.2.0, the /api/server/shutdown endpoint allows termination of the Netmaker server process via syscall.SIGINT. This allows any user to repeatedly shut down the server, causing cyclic denial of service with approximately 3-second restart...

8.7CVSS5.7AI score0.00331EPSS
Exploits0References2Affected Software1
Vulnrichment
Vulnrichment
added 2026/03/07 3:14 p.m.3 views

CVE-2026-29771 Netmaker: Denial of Service via Server Shutdown Endpoint

Netmaker makes networks with WireGuard. Prior to version 1.2.0, the /api/server/shutdown endpoint allows termination of the Netmaker server process via syscall.SIGINT. This allows any user to repeatedly shut down the server, causing cyclic denial of service with approximately 3-second restart...

8.7CVSS5.7AI score0.00331EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/03/07 3:14 p.m.27 views

CVE-2026-29771 Netmaker: Denial of Service via Server Shutdown Endpoint

Netmaker makes networks with WireGuard. Prior to version 1.2.0, the /api/server/shutdown endpoint allows termination of the Netmaker server process via syscall.SIGINT. This allows any user to repeatedly shut down the server, causing cyclic denial of service with approximately 3-second restart...

8.7CVSS0.00331EPSS
Exploits0References1
CVE
CVE
added 2026/03/07 3:14 p.m.13 views

CVE-2026-29771

Netmaker (WireGuard-based) prior to version 1.2.0 is affected: the /api/server/shutdown endpoint can terminate the Netmaker server process via syscall.SIGINT, enabling an attacker to repeatedly shut down the server and trigger cyclic denial of service with ~3-second restarts. This vulnerability i...

8.7CVSS5.7AI score0.00331EPSS
Exploits0References1Affected Software1
OSV
OSV
added 2026/03/07 3:14 p.m.8 views

CVE-2026-29771 Netmaker: Denial of Service via Server Shutdown Endpoint

Netmaker makes networks with WireGuard. Prior to version 1.2.0, the /api/server/shutdown endpoint allows termination of the Netmaker server process via syscall.SIGINT. This allows any user to repeatedly shut down the server, causing cyclic denial of service with approximately 3-second restart...

8.7CVSS5.7AI score0.00331EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/03/07 12:0 a.m.5 views

Gravitl Netmaker 安全漏洞

Gravitl Netmaker is a platform developed by the American company Gravitl, which uses WireGuard to create and manage fast, secure, and dynamic virtual overlay networks. It is used to create and control automated virtual networks. Versions of Gravitl Netmaker prior to 1.2.0 contained a security...

8.7CVSS7.2AI score0.00331EPSS
Exploits0References1
Snyk
Snyk
added 2026/03/04 10:9 p.m.3 views

Missing Authorization

Overview Affected versions of this package are vulnerable to Missing Authorization via the /api/server/shutdown endpoint handler. An attacker can repeatedly terminate the server process by sending requests to this endpoint, resulting in continuous server downtime and service disruption. Remediati...

8.7CVSS7.2AI score0.00331EPSS
Exploits0References2
Github Security Blog
Github Security Blog
added 2026/03/04 10:9 p.m.7 views

Netmaker Vulnerable to Denial of Service via Server Shutdown Endpoint

The /api/server/shutdown endpoint allows termination of the Netmaker server process via syscall.SIGINT. This allows any user to repeatedly shut down the server, causing cyclic denial of service with approximately 3-second restart intervals...

8.7CVSS5.9AI score0.00331EPSS
Exploits0References3Affected Software1
Positive Technologies
Positive Technologies
added 2026/03/04 12:0 a.m.5 views

PT-2026-23107

Name of the Vulnerable Software and Affected Versions Netmaker versions prior to 1.2.0 Description The /api/server/shutdown endpoint allows any user to terminate the Netmaker server process via syscall.SIGINT. This can lead to a cyclic denial of service, with the server restarting approximately...

9.9CVSS5.8AI score0.22162EPSS
Exploits68References138
GithubExploit
GithubExploit
added 2026/02/12 8:38 a.m.191 views

Exploit for CVE-2026-26235

👤 Author Mohammed Idrees Banyamer - 📍 Country: Jorda...

8.7CVSS6AI score0.01784EPSS
Exploits5
RedhatCVE
RedhatCVE
added 2025/11/13 2:3 p.m.5 views

CVE-2025-11566

CWE-307: Improper Restriction of Excessive Authentication Attempts vulnerability exists that would allow an attacker on the local network to gain access to the user account by performing an arbitrary number of authentication attempts with different credentials on the /REST/shutdownnow endpoint...

6.9CVSS7.1AI score0.00503EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/11/12 1:26 p.m.2 views

CVE-2025-11566

CWE-307: Improper Restriction of Excessive Authentication Attempts vulnerability exists that would allow an attacker on the local network to gain access to the user account by performing an arbitrary number of authentication attempts with different credentials on the /REST/shutdownnow endpoint...

6.9CVSS6.7AI score0.00503EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/11/12 12:0 a.m.5 views

Schneider Electric PowerChute Serial Shutdown 安全漏洞

Schneider Electric PowerChute Serial Shutdown is a UPS management, normal shutdown, and energy management software from Schneider Electric France. A security vulnerability exists in Schneider Electric PowerChute Serial Shutdown that stems from improperly restricted authentication attempts, which...

6.9CVSS6.7AI score0.00503EPSS
Exploits0References1
Rows per page
Query Builder