Lucene search
K

9 matches found

Vulnrichment
Vulnrichment
added 2026/05/14 6:31 p.m.7 views

CVE-2026-41315 mdserver-web: Missing Authorization and Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')

mdserver-web is a simple Linux panel. From 0.18.0 to 0.18.4, mdserver-web has a front-end unauthorized remote command execution vulnerability. Due to the lack of authentication on the /modifycrond and /starttask interfaces, it is possible to modify the default built-in scheduled tasks and start...

9.3CVSS6AI score0.01032EPSS
Exploits1References1
NVD
NVD
added 2026/02/23 8:16 a.m.15 views

CVE-2026-2978

A vulnerability was detected in FastApiAdmin up to 2.2.0. This vulnerability affects the function uploadfilecontroller of the file /backend/app/api/v1/modulesystem/params/controller.py of the component Scheduled Task API. Performing a manipulation results in unrestricted upload. The attack can be...

8.8CVSS0.00345EPSS
Exploits1References4
Cvelist
Cvelist
added 2026/02/23 7:32 a.m.27 views

CVE-2026-2978 FastApiAdmin Scheduled Task API controller.py upload_file_controller unrestricted upload

A vulnerability was detected in FastApiAdmin up to 2.2.0. This vulnerability affects the function uploadfilecontroller of the file /backend/app/api/v1/modulesystem/params/controller.py of the component Scheduled Task API. Performing a manipulation results in unrestricted upload. The attack can be...

6.5CVSS0.00345EPSS
Exploits1References4
ATTACKERKB
ATTACKERKB
added 2026/02/23 7:2 a.m.4 views

CVE-2026-2977

A security vulnerability has been detected in FastApiAdmin up to 2.2.0. This affects the function uploadcontroller of the file /backend/app/api/v1/modulecommon/file/controller.py of the component Scheduled Task API. Such manipulation leads to unrestricted upload. It is possible to launch the atta...

6.5CVSS6.1AI score0.00293EPSS
Exploits1References4
EUVD
EUVD
added 2025/10/03 8:7 p.m.12 views

EUVD-2025-24680

Malicious code in bioql PyPI...

5.3CVSS6.6AI score0.00279EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/08/16 9:26 a.m.14 views

CVE-2025-48861

A vulnerability in the Task API endpoint of the ctrlX OS setup mechanism allowed a remote, unauthenticated attacker to access and extract internal application data, including potential debug logs and the version of installed apps...

5.3CVSS7.1AI score0.00279EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/08/14 9:7 a.m.19 views

CVE-2025-48861

A vulnerability in the Task API endpoint of the ctrlX OS setup mechanism allowed a remote, unauthenticated attacker to access and extract internal application data, including potential debug logs and the version of installed apps...

5.3CVSS0.00279EPSS
Exploits0References1
Packet Storm News
Packet Storm News
added 2025/06/13 12:0 a.m.2 views

Training RL Agents for Multi-Objective Network Defense Tasks

Open-ended learning OEL -- which emphasizes training agents that achieve broad capability over narrow competency -- is emerging as a paradigm to develop artificial intelligence AI agents to achieve robustness and generalization. However, despite promising results that demonstrate the benefits of...

6.8AI score
Exploits0
RedhatCVE
RedhatCVE
added 2025/05/23 2:58 a.m.4 views

CVE-2023-1299

HashiCorp Nomad and Nomad Enterprise 1.5.0 allow a job submitter to escalate to management-level privileges using workload identity and task API. Fixed in 1.5.1...

8.8CVSS7.1AI score0.00532EPSS
Exploits0References1
Rows per page
Query Builder