Lucene search
K

7 matches found

NVD
NVD
added 2026/06/24 9:16 p.m.8 views

CVE-2026-33235

AutoGPT is a workflow automation platform for creating, deploying, and managing continuous artificial intelligence agents. In versions prior to 0.6.52, the Fill Text Template block is vulnerable to a Denial of Service DoS attack. While the backend implements a SandboxedEnvironment to prevent...

7.7CVSS0.0031EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/06/01 12:0 a.m.14 views

PT-2026-45493

Name of the Vulnerable Software and Affected Versions Nezha Monitoring versions 0.20.0 through 2.0.11 Description Authenticated agents can forge service-monitor results for services belonging to other users. The system accepts TaskResult messages from an authenticated agent based solely on whethe...

7.1CVSS5.4AI score0.00266EPSS
Exploits0References8
OSV
OSV
added 2026/05/06 9:59 p.m.7 views

GHSA-55GC-6FMC-FPX9 Hatchet affected by cross-tenant information disclosure in `listTasksByDAGIds`

Summary A missing authorization directive on the GET /api/v1/stable/dags/tasks endpoint caused Hatchet's tenant-membership check to be skipped for this route. A user authenticated to any tenant on the same Hatchet instance could query the endpoint with another tenant's UUID and a DAG UUID belongi...

5.3CVSS5.9AI score0.00181EPSS
Exploits0References3
CVE
CVE
added 2026/04/15 9:34 p.m.15 views

CVE-2026-6388

The CVE describes a vulnerability in ArgoCD Image Updater where a user with rights to create/modify an ImageUpdater in a multi-tenant environment can bypass namespace boundaries due to insufficient validation. This leads to cross-namespace privilege escalation and unauthorized image updates on ap...

9.1CVSS5.7AI score0.00357EPSS
Exploits0References3
OSV
OSV
added 2024/09/02 8:15 p.m.5 views

CVE-2024-1621

The registration process of uniFLOW Online NT-ware product apps, prior to and including version 2024.1.0, can be compromised when email login is enabled on the tenant. Those tenants utilising email login in combination with Microsoft Safe Links or similar are impacted. This vulnerability may allo...

7.5CVSS5.8AI score0.00363EPSS
Exploits0References2
OSV
OSV
added 2023/07/12 12:31 p.m.1 views

GHSA-J2R7-3RVW-G7GX Apache Pulsar Broker's Rest Producer vulnerable to Incorrect Authorization

Incorrect Authorization vulnerability in Apache Software Foundation Apache Pulsar Broker's Rest Producer allows authenticated user with a custom HTTP header to produce a message to any topic using the broker's admin role. This issue affects Apache Pulsar Brokers: from 2.9.0 through 2.9.5, from...

8.2CVSS7.2AI score0.0058EPSS
Exploits0References3
OSV
OSV
added 2017/02/15 8:59 p.m.3 views

CVE-2017-3801

A vulnerability in the web-based GUI of Cisco UCS Director 6.0.0.0 and 6.0.0.1 could allow an authenticated, local attacker to execute arbitrary workflow items with just an end-user profile, a Privilege Escalation Vulnerability. The vulnerability is due to improper role-based access control RBAC...

8.8CVSS6AI score0.00333EPSS
Exploits0References3
Rows per page
Query Builder