CVE-2026-33981

changedetection.io is a free open source web page change detection tool. Prior to 0.54.7, the jq: and jqraw: include filter expressions allow use of the jq env builtin, which reads all process environment variables and stores them as the watch snapshot. An authenticated user or unauthenticated us...

SUSE CVE-2018-3826

In Elasticsearch versions 6.0.0-beta1 to 6.2.4 a disclosure flaw was found in the snapshot API. When the accesskey and securitykey parameters are set using the snapshot API they can be exposed as plain text by users able to query the snapshot API...

PT-2022-24952 · Wasmtime · Wasmtime

Name of the Vulnerable Software and Affected Versions: Wasmtime versions prior to 2.0.2 Description: There is a bug in Wasmtime's implementation of its pooling instance allocator where when a linear memory is reused for another instance, the initial heap snapshot of the prior instance can be...

PT-2021-7655 · Grafana +5 · Grafana +5

Name of the Vulnerable Software and Affected Versions: Grafana versions prior to 7.5.11 Grafana versions prior to 8.1.6 Description: The issue in Grafana allows unauthenticated and authenticated users to view the snapshot with the lowest database key by accessing the literal paths:...