Lucene search
K

104 matches found

fedora
fedora
added 2 days ago5 views

[SECURITY] Fedora 44 Update: cjson-1.7.19-1.fc44

cJSON aims to be the dumbest possible parser that you can get your job done with. It's a single file of C, and a single header file...

9.8CVSS6.1AI score0.00693EPSS
Exploits2
cve
cve
added 3 days ago8 views

CVE-2026-55780

NanaZip (7‑Zip derivative) prior to version 6.5.1749.0 is vulnerable due to its .NET single-file bundle handler in NanaZip.Codecs.Archive.DotNetSingleFile.cpp, which sizes the extraction buffer from the bundle entry Size field without validating against the real file size. This allows an attacker...

2.4CVSS6.2AI score0.00112EPSS
Exploits0References3
cvelist
cvelist
added 3 days ago33 views

CVE-2026-55780 NanaZip: Uncaught exception / unbounded allocation in NanaZip .NET single-file Extract() via unvalidated entry Size

NanaZip is the 7-Zip derivative intended for the modern Windows experience. Prior to 6.5.1749.0, NanaZip's .NET single-file bundle handler in NanaZip.Codecs.Archive.DotNetSingleFile.cpp sizes its extraction buffer from the bundle entry Size field, which is only checked for sign and is not validat...

2.4CVSS0.00112EPSS
Exploits0References3
githubexploit
githubexploit
added 2026/06/09 4:29 a.m.66 views

wisp

Wisp — the open-source Ghost alternative, built in Elixir & Ph...

5.7AI score
Exploits0
redhatcve
redhatcve
added 2026/06/05 7:18 p.m.10 views

CVE-2026-45728

Algernon is a small self-contained pure-Go web server. Prior to 1.17.7, when Algernon is invoked with a single file path instead of a directory, singleFileMode is set to true and debugMode is forcibly enabled. debugMode activates the PrettyError renderer, which on any Lua or template error respon...

7.5CVSS5.5AI score0.00303EPSS
Exploits0References1
nvd
nvd
added 2026/05/26 5:16 p.m.16 views

CVE-2026-45728

Algernon is a small self-contained pure-Go web server. Prior to 1.17.7, when Algernon is invoked with a single file path instead of a directory, singleFileMode is set to true and debugMode is forcibly enabled. debugMode activates the PrettyError renderer, which on any Lua or template error respon...

7.5CVSS0.00303EPSS
Exploits0References1
cvelist
cvelist
added 2026/05/26 4:38 p.m.40 views

CVE-2026-45728 Algernon: Single-file mode unconditionally enables debug mode

Algernon is a small self-contained pure-Go web server. Prior to 1.17.7, when Algernon is invoked with a single file path instead of a directory, singleFileMode is set to true and debugMode is forcibly enabled. debugMode activates the PrettyError renderer, which on any Lua or template error respon...

7.5CVSS0.00303EPSS
Exploits0References1
euvd
euvd
added 2026/05/26 4:38 p.m.13 views

EUVD-2026-31868

Algernon is a small self-contained pure-Go web server. Prior to 1.17.7, when Algernon is invoked with a single file path instead of a directory, singleFileMode is set to true and debugMode is forcibly enabled. debugMode activates the PrettyError renderer, which on any Lua or template error respon...

7.5CVSS5.8AI score0.00303EPSS
Exploits0References1
vulnrichment
vulnrichment
added 2026/05/26 4:38 p.m.10 views

CVE-2026-45728 Algernon: Single-file mode unconditionally enables debug mode

Algernon is a small self-contained pure-Go web server. Prior to 1.17.7, when Algernon is invoked with a single file path instead of a directory, singleFileMode is set to true and debugMode is forcibly enabled. debugMode activates the PrettyError renderer, which on any Lua or template error respon...

7.5CVSS5.8AI score0.00303EPSS
Exploits0References1
attackerkb
attackerkb
added 2026/05/26 4:38 p.m.8 views

CVE-2026-45728

Algernon is a small self-contained pure-Go web server. Prior to 1.17.7, when Algernon is invoked with a single file path instead of a directory, singleFileMode is set to true and debugMode is forcibly enabled. debugMode activates the PrettyError renderer, which on any Lua or template error respon...

7.5CVSS5.8AI score0.00303EPSS
Exploits0References2Affected Software1
cve
cve
added 2026/05/26 4:38 p.m.19 views

CVE-2026-45728

CVE-2026-45728 (Algernon) exposes server-side source on error when running in single-file mode. Prior to 1.17.7, invoking Algernon with a file path (not a dir) forces singleFileMode, which enables debugMode and renders PrettyError pages that reveal the absolute path and full contents of the error...

7.5CVSS5.8AI score0.00303EPSS
Exploits0References1
cnnvd
cnnvd
added 2026/05/26 12:0 a.m.13 views

algernon 安全漏洞

Algernon is a web server developed by Alexander F. Rødseth. Versions of Algernon prior to 1.17.7 contained security vulnerabilities. These vulnerabilities stemmed from the forced activation of debugging mode in single-file mode, allowing the leakage of the file’s absolute path and complete byte...

7.5CVSS5.8AI score0.00303EPSS
Exploits0References1
cnnvd
cnnvd
added 2026/05/20 12:0 a.m.9 views

tickets 跨站脚本漏洞

Tickets is an open-source public safety scheduling and tracking application developed by Open ISES. Versions of tickets prior to 3.44.2 contained a cross-site scripting vulnerability. This vulnerability stemmed from a reflection-based cross-site scripting vulnerability in the single.php file. It...

5.1CVSS5.8AI score0.00221EPSS
Exploits0References1
osv
osv
added 2026/05/19 2:35 p.m.6 views

GHSA-FWQX-8365-9983 Algernon: Single-file mode unconditionally enables debug mode

Summary When Algernon is invoked with a single file path instead of a directory — the documented "quick demo" workflow algernon foo.lua, algernon page.po2, algernon index.html, algernon mywebsite.alg — singleFileMode is set to true and debugMode is forcibly enabled with no opt-out: go //...

7.5CVSS5.8AI score0.00303EPSS
Exploits0References2
github
github
added 2026/05/19 2:35 p.m.32 views

Algernon: Single-file mode unconditionally enables debug mode

Summary When Algernon is invoked with a single file path instead of a directory — the documented "quick demo" workflow algernon foo.lua, algernon page.po2, algernon index.html, algernon mywebsite.alg — singleFileMode is set to true and debugMode is forcibly enabled with no opt-out: go //...

7.5CVSS5.8AI score0.00303EPSS
Exploits0References2Affected Software1
ptsecurity
ptsecurity
added 2026/05/19 12:0 a.m.13 views

PT-2026-41970

Name of the Vulnerable Software and Affected Versions Algernon versions prior to 1.17.7 Description When Algernon is started with a single file path instead of a directory, the singleFileMode is enabled, which forcibly activates debugMode. This configuration enables the PrettyError renderer, whic...

7.5CVSS5.8AI score0.00303EPSS
Exploits0References5
fedora
fedora
added 2026/04/18 1:9 a.m.7 views

[SECURITY] Fedora 42 Update: stb-0^20260313git904aa67-2.fc42

Single-file public domain libraries for C/C++...

5.7AI score
Exploits0
fedora
fedora
added 2026/04/18 12:53 a.m.12 views

[SECURITY] Fedora 43 Update: stb-0^20260313git904aa67-2.fc43

Single-file public domain libraries for C/C++...

5.7AI score
Exploits0
github
github
added 2026/04/01 8:58 p.m.7 views

goshs has Auth Bypass via Share Token

Summary When using the Share Token it is possible to bypass the limited selected file download with all the gosh functionalities, including code exec. Details The BasicAuthMiddleware checks for a ?token= parameter before checking credentials. If the token exists in SharedLinks, the request passes...

8.1CVSS5.9AI score0.00392EPSS
Exploits1References5Affected Software1
redhatcve
redhatcve
added 2026/03/26 3:17 p.m.3 views

CVE-2026-32108

Copyparty is a portable file server. Prior to 1.20.12, there was a missing permission-check in the shares feature the shr global-option. This vulnerability only applies when the shares feature is used for the specific purpose of creating a share of just a single file inside a folder or either the...

7.5CVSS5.8AI score0.00344EPSS
Exploits0References1
Rows per page
Query Builder