Lucene search
K

9 matches found

NVD
NVD
added 2026/05/08 4:16 p.m.14 views

CVE-2026-41683

i18next-http-middleware is a middleware to be used with Node.js web frameworks like express or Fastify and also for Deno. Prior to version 3.9.3, i18next-http-middleware wrote user-controlled language values into the Content-Language response header after passing them through utils.escape, which ...

8.6CVSS0.00327EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/05/08 3:29 p.m.7 views

CVE-2026-42353 Path traversal / SSRF in i18next-http-middleware via user-controlled language and namespace parameters

i18next-http-middleware is a middleware to be used with Node.js web frameworks like express or Fastify and also for Deno. Prior to version 3.9.3, i18next-http-middleware passes the user-controlled lng and ns values from getResourcesHandler directly into...

8.2CVSS5.7AI score0.00387EPSS
Exploits0References1
Circl
Circl
added 2025/12/03 2:14 p.m.5 views

CVE-2022-50393

creationtimestamp| type| source ---|---|--- 2025-12-03 14:14:49+00:00| seen| https://vulnerability.circl.lu/bundle/816dcc8e-f25a-4895-9b59-1bbd9caeccb8 2026-03-19 00:00:00+00:00| seen| https://www.cert.ssi.gouv.fr/avis/CERTFR-2026-AVI-0316/...

5.5CVSS5.8AI score0.00143EPSS
Exploits0References2
Microsoft KB
Microsoft KB
added 2025/09/09 7:0 a.m.13 views

September 9, 2025—KB5065427 (OS Build 14393.8422)

None None...

9.8CVSS6.8AI score0.18834EPSS
Exploits5
CNNVD
CNNVD
added 2024/11/05 12:0 a.m.4 views

JATOS 安全漏洞

JATOS is an online learning tool from JATOS Open Source. A security vulnerability exists in JATOS version v3.9.3. An attacker exploiting this vulnerability could hijack the administrator account and compromise the integrity and security of the system...

8.4CVSS6.7AI score0.00232EPSS
Exploits1References1
CNNVD
CNNVD
added 2024/10/11 12:0 a.m.3 views

WordPress plugin WP Ultimate Post Grid 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

6.4CVSS6.6AI score0.00325EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2023/11/16 5:56 a.m.11 views

HTTP/2: Multiple HTTP/2 enabled web servers are vulnerable to a DDoS attack (Rapid Reset Attack)

A flaw was found in handling multiplexed streams in the HTTP/2 protocol. A client can repeatedly make a request for a new multiplex stream and immediately send an RSTSTREAM frame to cancel it. This creates extra work for the server setting up and tearing down the streams while not hitting any...

7.5CVSS6.7AI score0.99999EPSS
Exploits19References10
OSV
OSV
added 2023/03/17 9:15 a.m.4 views

CVE-2023-1152

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Utarit Information Technologies Persolus allows SQL Injection. This issue affects Persolus: before 2.03.93...

9.8CVSS7.3AI score0.0062EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2020/06/19 12:0 a.m.7 views

PT-2020-8449

Name of the Vulnerable Software and Affected Versions: Mattermost Server versions prior to 4.0.0 Mattermost Server versions 3.10.2 and earlier Mattermost Server versions 3.9.2 and earlier Description: An issue allows CSRF to occur if CORS is enabled. Recommendations: For versions prior to 4.0.0,...

9.9CVSS8AI score0.34346EPSS
Exploits45References116
Rows per page
Query Builder